Import of old SSLeay release: SSLeay 0.9.0b

author: Ralf S. Engelschall <rse@openssl.org> 1998-12-21 10:56:39 +0000
committer: Ralf S. Engelschall <rse@openssl.org> 1998-12-21 10:56:39 +0000
commit: 58964a492275ca9a59a0cd9c8155cb2491b4b909 (patch)
tree: c7b16876a5789463bbbb468ef4829c8129b3d718
parent: d02b48c63a58ea4367a0e905979f140b7d090f86 (diff)
download: openssl-58964a492275ca9a59a0cd9c8155cb2491b4b909.tar.gz
826 files changed, 71682 insertions, 8792 deletions
diff --git a/COPYRIGHT b/COPYRIGHT
index 75b65cf138..4faa8c0a46 100644
--- a/COPYRIGHT
+++ b/COPYRIGHT
@@ -62,3 +62,4 @@ The reason behind this being stated in this direct manner is past
 experience in code simply being copied and the attribution removed
 from it and then being distributed as part of other packages. This
 implementation was a non-trivial and unpaid effort.
+
diff --git a/Configure b/Configure
index ab20385473..4f66d64e25 100755
--- a/Configure
+++ b/Configure
@@ -21,18 +21,22 @@
 #		This is used on the DEC Alpha where long is 8 bytes
 #		and int is 4
 # BN_LLONG	use the type 'long long' in crypto/bn/bn.h
-# MD2_CHAR	use 'char' instead of 'int' for MD2_INT in crypto/md/md2.h
-# MD2_LONG	use 'long' instead of 'int' for MD2_INT in crypto/md/md2.h
+# MD2_CHAR	use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h
+# MD2_LONG	use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h
 # IDEA_SHORT	use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h
 # IDEA_LONG	use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h
 # RC2_SHORT	use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
 # RC2_LONG	use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
 # RC4_CHAR	use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
 # RC4_LONG	use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
-# RC4_INDEX	define RC4_INDEX in crypto/rc4/rc4_enc.c.  This turns on
+# RC4_INDEX	define RC4_INDEX in crypto/rc4/rc4_locl.h.  This turns on
 #		array lookups instead of pointer use.
 # BF_PTR	use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
 # BF_PTR2	use a pentium/intel specific version.
+# MD5_ASM	use some extra md5 assember,
+# SHA1_ASM	use some extra sha1 assember, must define L_ENDIAN for x86
+# RMD160_ASM	use some extra ripemd160 assember,
+# BN_ASM	use some extra bn assember,
 
 $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
 
@@ -51,7 +55,13 @@ $tlib="-lnsl -lsocket";
 $bits1="THIRTY_TWO_BIT ";
 $bits2="SIXTY_FOUR_BIT ";
 
-# -DB_ENDIAN slows things down on a sparc
+$x86_sol_asm="asm/bn86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o";
+$x86_elf_asm="asm/bn86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o";
+$x86_out_asm="asm/bn86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o";
+$x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o";
+
+# -DB_ENDIAN slows things down on a sparc for md5, but helps sha1.
+# So the md5_locl.h file has an undef B_ENDIAN if sun is defined
 
 #config-string	CC : CFLAGS : LDFLAGS : special header file mods:bn_asm \
 # des_asm:bf_asm
@@ -63,18 +73,17 @@ $bits2="SIXTY_FOUR_BIT ";
 
 # A few of my development configs
 "purify",	"purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::",
-"debug",	"gcc:-DREF_CHECK -DCRYPTO_MDEBUG -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::",
+"debug",	"gcc:-DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::",
 "dist",		"cc:-O -DNOPROTO::::",
 
 # Basic configs that should work on any box
 "gcc",		"gcc:-O3::BN_LLONG:::",
 "cc",		"cc:-O -DNOPROTO -DNOCONST:::::",
 
+
 # My solaris setups
-"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN:\
-	-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-sol.o:asm/dx86-sol.o asm/cx86-sol.o:asm/bx86-sol.o",
-"solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall:\
-	-lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::",
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DBN_ASM:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm:",
+"solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN:-lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::",
 # DO NOT use /xO[34] on sparc with SC3.0. 
 # It is broken, and will not pass the tests
 "solaris-sparc-cc","cc:-fast -O -Xa -DB_ENDIAN:\
@@ -116,30 +125,44 @@ $bits2="SIXTY_FOUR_BIT ";
 "alpha400-cc", "cc:-arch host -tune host -fast -std -O4 -inline speed::SIXTY_FOUR_BIT_LONG:asm/alpha.o::",
 
 # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
-# x86-lnx.o file file since it is hand tweaked assembler.
-"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
-"debug-linux-elf","gcc:-DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
-"linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
-"NetBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
-"NetBSD-x86",	"gcc:-DTERMIOS -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
-"FreeBSD",   "gcc:-DTERMIOS -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
-#"bsdi-gcc",	"shlicc2:-O3 -ffast-math-m486::RSA_LLONG $x86_gcc_des $x86_gcc_opts:::",
-#"bsdi-gcc",     "gcc:-O3 -ffast-math -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:asm/x86-bsdi.o:asm/dx86bsdi.o asm/cx86bsdi.o:asm/bx86bsdi.o",
-"bsdi-gcc",     "gcc:-O3 -ffast-math -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:::",
-"nextstep",	"cc:-O3 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:::",
+# bn86-elf.o file file since it is hand tweaked assembler.
+"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-linux-elf","gcc:-DREF_CHECK -DBN_ASM -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+"NetBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"NetBSD-m86",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"NetBSD-x86",	"gcc:-DTERMIOS -DBN_ASM -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
+"FreeBSD",   "gcc:-DTERMIOS -DBN_ASM -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+#"bsdi-gcc",     "gcc:-O3 -ffast-math -DBN_ASM -DL_ENDIAN -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:$x86_bsdi_asm",
+"nextstep",	"cc:-O3 -Wall -DBN_ASM::BN_LLONG $x86_gcc_des $x86_gcc_opts:::",
+# NCR MP-RAS UNIX ver 02.03.01
+"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
 
 # UnixWare 2.0
-"unixware-2.0","cc:-O:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
-"unixware-2.0-pentium","cc:-O -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX $x86_des_des::",
+"unixware-2.0","cc:-O -DFILIO_H:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
+"unixware-2.0-pentium","cc:-O -DFILIO_H -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX $x86_des_des::",
 
 # IBM's AIX.
 "aix-cc",   "cc:-O -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::",
 "aix-gcc",  "gcc:-O2 -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::",
 
+#
+# Cray T90 (SDSC)
+# It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT
+# defined.  The T90 ints and longs are 8 bytes long, and apparently the
+# B_ENDIAN code assumes 4 byte ints.  Fortunately, the non-B_ENDIAN and
+# non L_ENDIAN code aligns the bytes in each word correctly.
+#
+# The BIT_FIELD_LIMITS define is to avoid two fatal compiler errors:
+#'Taking the address of a bit field is not allowed. '
+#'An expression with bit field exists as the operand of "sizeof" '
+# (written by Wayne Schroeder <schroede@SDSC.EDU>)
+"cray-t90-cc", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::SIXTY_FOUR_BIT_LONG DES_INT:::",
+
 # DGUX, 88100.
 "dgux-R3-gcc",	"gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::",
 "dgux-R4-gcc",	"gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::",
-"dgux-R4-x86-gcc",	"gcc:-O3 -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
+"dgux-R4-x86-gcc",	"gcc:-O3 -DBN_ASM -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
 
 # SCO 5
 "sco5-cc",  "cc:-O:-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options?
@@ -167,15 +190,21 @@ $Makefile="Makefile.ssl";
 $des_locl="crypto/des/des_locl.h";
 $des	="crypto/des/des.h";
 $bn	="crypto/bn/bn.h";
-$md2	="crypto/md/md2.h";
+$md2	="crypto/md2/md2.h";
 $rc4	="crypto/rc4/rc4.h";
-$rc4_enc="crypto/rc4/rc4_enc.c";
+$rc4_locl="crypto/rc4/rc4_locl.h";
 $idea	="crypto/idea/idea.h";
 $rc2	="crypto/rc2/rc2.h";
 $bf	="crypto/bf/bf_locl.h";
 $bn_mulw="bn_mulw.o";
 $des_enc="des_enc.o fcrypt_b.o";
 $bf_enc	="bf_enc.o";
+$cast_enc="c_enc.o";
+$rc4_enc="rc4_enc.o";
+$rc5_enc="rc5_enc.o";
+$md5_obj="";
+$sha1_obj="";
+$rmd160_obj="";
 
 if ($#ARGV < 0)
 	{
@@ -219,14 +248,33 @@ if (!defined($table{$target}))
 	exit(1);
 	}
 
-($cc,$cflags,$lflags,$bn_ops,$bn_obj,$des_obj,$bf_obj)=
+($cc,$cflags,$lflags,$bn_ops,$bn_obj,$des_obj,$bf_obj,$md5_obj,$sha1_obj,
+	$cast_obj,$rc4_obj,$rmd160_obj,$rc5_obj)=
 	split(/\s*:\s*/,$table{$target});
 $cflags="$flags$cflags" if ($flags ne "");
 $lflags="$libs$lflags"if ($libs ne "");
 
-$bn_obj=$bn_mulw unless ($bn_obj =~ /\.o$/);
-$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
-$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
+$bn_obj=$bn_mulw	unless ($bn_obj =~ /\.o$/);
+$des_obj=$des_enc	unless ($des_obj =~ /\.o$/);
+$bf_obj=$bf_enc		unless ($bf_obj =~ /\.o$/);
+$cast_obj=$cast_enc	unless ($cast_obj =~ /\.o$/);
+$rc4_obj=$rc4_enc	unless ($rc4_obj =~ /\.o$/);
+$rc5_obj=$rc5_enc	unless ($rc5_obj =~ /\.o$/);
+if ($sha1_obj =~ /\.o$/)
+	{
+#	$sha1_obj=$sha1_enc;
+	$cflags.=" -DSHA1_ASM";
+	}
+if ($md5_obj =~ /\.o$/)
+	{
+#	$md5_obj=$md5_enc;
+	$cflags.=" -DMD5_ASM";
+	}
+if ($rmd160_obj =~ /\.o$/)
+	{
+#	$rmd160_obj=$rmd160_enc;
+	$cflags.=" -DRMD160_ASM";
+	}
 
 $n=&file_new($Makefile);
 open(IN,"<".$Makefile) || die "unable to read $Makefile:$!\n";
@@ -240,18 +288,30 @@ while (<IN>)
 	s/^BN_MULW=.*$/BN_MULW= $bn_obj/;
 	s/^DES_ENC=.*$/DES_ENC= $des_obj/;
 	s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
+	s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
+	s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
+	s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/;
+	s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/;
+	s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
+	s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
 	print OUT $_."\n";
 	}
 close(IN);
 close(OUT);
 &Rename($Makefile,&file_old($Makefile));
 &Rename($n,$Makefile);
-print "CC     =$cc\n";
-print "CFLAG  =$cflags\n";
-print "EX_LIBS=$lflags\n";
-print "BN_MULW=$bn_obj\n";
-print "DES_ENC=$des_obj\n";
-print "BF_ENC =$bf_obj\n";
+print "CC            =$cc\n";
+print "CFLAG         =$cflags\n";
+print "EX_LIBS       =$lflags\n";
+print "BN_MULW       =$bn_obj\n";
+print "DES_ENC       =$des_obj\n";
+print "BF_ENC        =$bf_obj\n";
+print "CAST_ENC      =$cast_obj\n";
+print "RC4_ENC       =$rc4_obj\n";
+print "RC5_ENC       =$rc5_obj\n";
+print "MD5_OBJ_ASM   =$md5_obj\n";
+print "SHA1_OBJ_ASM  =$sha1_obj\n";
+print "RMD160_OBJ_ASM=$rmd160_obj\n";
 
 $des_ptr=0;
 $des_risc1=0;
@@ -287,8 +347,8 @@ foreach (sort split(/\s+/,$bn_ops))
 	$rc2_int=3 if /RC2_LONG/;
 	$bf_ptr=1 if $_ eq "BF_PTR";
 	$bf_ptr=2 if $_ eq "BF_PTR2";
-	($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
 	($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/;
+	($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
 	($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/;
 	($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/;
 	($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/;
@@ -375,9 +435,9 @@ close(OUT);
 &Rename($rc4,&file_old($rc4));
 &Rename($n,$rc4);
 
-(($in=$rc4_enc) =~ s/\.([^.]+)/.$postfix/);
-$n=&file_new($rc4_enc);
-open(IN,"<".$in) || die "unable to read $rc4_enc:$!\n";
+(($in=$rc4_locl) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($rc4_locl);
+open(IN,"<".$in) || die "unable to read $rc4_locl:$!\n";
 open(OUT,">$n") || die "unable to read $n:$!\n";
 while (<IN>)
 	{
@@ -388,8 +448,8 @@ while (<IN>)
 	}
 close(IN);
 close(OUT);
-&Rename($rc4_enc,&file_old($rc4_enc));
-&Rename($n,$rc4_enc);
+&Rename($rc4_locl,&file_old($rc4_locl));
+&Rename($n,$rc4_locl);
 
 (($in=$md2) =~ s/\.([^.]+)/.$postfix/);
 $n=&file_new($md2);
diff --git a/HISTORY b/HISTORY
index 7844faa55d..7712100038 100644
--- a/HISTORY
+++ b/HISTORY
@@ -1,3 +1,193 @@
+16-Mar-98
+	- Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU>
+	- Lots and lots of changes
+
+29-Jan-98
+	- ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from
+	  Goetz Babin-Ebell <babinebell@trustcenter.de>.
+	- SSL_version() now returns SSL2_VERSION, SSL3_VERSION or
+	  TLS1_VERSION.
+
+7-Jan-98
+	- Finally reworked the cipher string to ciphers again, so it
+	  works correctly
+	- All the app_data stuff is now ex_data with funcion calls to access.
+	  The index is supplied by a function and 'methods' can be setup
+	  for the types that are called on XXX_new/XXX_free.  This lets
+	  applications get notified on creation and destruction.  Some of
+	  the RSA methods could be implemented this way and I may do so.
+	- Oh yes, SSL under perl5 is working at the basic level.
+
+15-Dec-97
+	- Warning - the gethostbyname cache is not fully thread safe,
+	  but it should work well enough.
+	- Major internal reworking of the app_data stuff.  More functions
+	  but if you were accessing ->app_data directly, things will
+	  stop working.
+	- The perlv5 stuff is working.  Currently on message digests,
+	  ciphers and the bignum library.
+
+9-Dec-97
+	- Modified re-negotiation so that server initated re-neg
+	  will cause a SSL_read() to return -1 should retry.
+	  The danger otherwise was that the server and the
+	  client could end up both trying to read when using non-blocking
+	  sockets.
+
+4-Dec-97
+	- Lots of small changes
+	- Fix for binaray mode in Windows for the FILE BIO, thanks to
+	  Bob Denny <rdenny@dc3.com>
+
+17-Nov-97
+	- Quite a few internal cleanups, (removal of errno, and using macros
+	  defined in e_os.h).
+	- A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where
+	  the automactic naming out output files was being stuffed up.
+
+29-Oct-97
+	- The Cast5 cipher has been added.  MD5 and SHA-1 are now in assember
+	  for x86.
+
+21-Oct-97
+	- Fixed a bug in the BIO_gethostbyname() cache.
+
+15-Oct-97
+	- cbc mode for blowfish/des/3des is now in assember.  Blowfish asm
+	  has also been improved.  At this point in time, on the pentium,
+	  md5 is %80 faster, the unoptimesed sha-1 is %79 faster,
+	  des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc
+	  is %62 faster.
+
+12-Oct-97
+	- MEM_BUF_grow() has been fixed so that it always sets the buf->length
+	  to the value we are 'growing' to.  Think of MEM_BUF_grow() as the
+	  way to set the length value correctly.
+
+10-Oct-97
+	- I now hash for certificate lookup on the raw DER encoded RDN (md5).
+	  This breaks things again :-(.  This is efficent since I cache
+	  the DER encoding of the RDN.
+	- The text DN now puts in the numeric OID instead of UNKNOWN.
+	- req can now process arbitary OIDs in the config file.
+	- I've been implementing md5 in x86 asm, much faster :-).
+	- Started sha1 in x86 asm, needs more work.
+	- Quite a few speedups in the BN stuff.  RSA public operation
+	  has been made faster by caching the BN_MONT_CTX structure.
+	  The calulating of the Ai where A*Ai === 1 mod m was rather
+	  expensive.  Basically a 40-50% speedup on public operations.
+	  The RSA speedup is now 15% on pentiums and %20 on pentium
+	  pro.
+
+30-Sep-97
+	- After doing some profiling, I added x86 adm for bn_add_words(),
+	  which just adds 2 arrays of longs together.  A %10 speedup
+	  for 512 and 1024 bit RSA on the pentium pro.
+
+29-Sep-97
+	- Converted the x86 bignum assembler to us the perl scripts
+	  for generation.
+
+23-Sep-97
+	- If SSL_set_session() is passed a NULL session, it now clears the
+	  current session-id.
+
+22-Sep-97
+	- Added a '-ss_cert file' to apps/ca.c.  This will sign selfsigned
+	  certificates.
+	- Bug in crypto/evp/encode.c where by decoding of 65 base64
+	  encoded lines, one line at a time (via a memory BIO) would report
+	  EOF after the first line was decoded.
+	- Fix in X509_find_by_issuer_and_serial() from
+	  Dr Stephen Henson <shenson@bigfoot.com>
+
+19-Sep-97
+	- NO_FP_API and NO_STDIO added.
+	- Put in sh config command.  It auto runs Configure with the correct
+	  parameters.
+
+18-Sep-97
+	- Fix x509.c so if a DSA cert has different parameters to its parent,
+	  they are left in place.  Not tested yet.
+
+16-Sep-97
+	- ssl_create_cipher_list() had some bugs, fixes from
+	  Patrick Eisenacher <eisenach@stud.uni-frankfurt.de>
+	- Fixed a bug in the Base64 BIO, where it would return 1 instead
+	  of -1 when end of input was encountered but should retry.
+	  Basically a Base64/Memory BIO interaction problem.
+	- Added a HMAC set of functions in preporarion for TLS work.
+
+15-Sep-97
+	- Top level makefile tweak - Cameron Simpson <cs@zip.com.au>
+	- Prime generation spead up %25 (512 bit prime, pentium pro linux)
+	  by using montgomery multiplication in the prime number test.
+
+11-Sep-97
+	- Ugly bug in ssl3_write_bytes().  Basically if application land
+	  does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code
+	  did not check the size and tried to copy the entire buffer.
+	  This would tend to cause memory overwrites since SSLv3 has
+	  a maximum packet size of 16k.  If your program uses
+	  buffers <= 16k, you would probably never see this problem.
+	- Fixed a new errors that were cause by malloc() not returning
+	  0 initialised memory..
+	- SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using
+	  SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing
+	  since this flags stops SSLeay being able to handle client
+	  cert requests correctly.
+
+08-Sep-97
+	- SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added.  When switched
+	  on, the SSL server routines will not use a SSL_SESSION that is
+	  held in it's cache.  This in intended to be used with the session-id
+	  callbacks so that while the session-ids are still stored in the
+	  cache, the decision to use them and how to look them up can be
+	  done by the callbacks.  The are the 'new', 'get' and 'remove'
+	  callbacks.  This can be used to determine the session-id
+	  to use depending on information like which port/host the connection
+	  is coming from.  Since the are also SSL_SESSION_set_app_data() and
+	  SSL_SESSION_get_app_data() functions, the application can hold
+	  information against the session-id as well.
+
+03-Sep-97
+	- Added lookup of CRLs to the by_dir method,
+	  X509_load_crl_file() also added.  Basically it means you can
+	  lookup CRLs via the same system used to lookup certificates.
+	- Changed things so that the X509_NAME structure can contain
+	  ASN.1 BIT_STRINGS which is required for the unique
+	  identifier OID.
+	- Fixed some problems with the auto flushing of the session-id
+	  cache.  It was not occuring on the server side.
+
+02-Sep-97
+	- Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size)
+	  which is the maximum number of entries allowed in the
+	  session-id cache.  This is enforced with a simple FIFO list.
+	  The default size is 20*1024 entries which is rather large :-).
+	  The Timeout code is still always operating.
+
+01-Sep-97
+	- Added an argument to all the 'generate private key/prime`
+	  callbacks.  It is the last parameter so this should not
+	  break existing code but it is needed for C++.
+	- Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64()
+	  BIO.  This lets the BIO read and write base64 encoded data
+	  without inserting or looking for '\n' characters.  The '-A'
+	  flag turns this on when using apps/enc.c.
+	- RSA_NO_PADDING added to help BSAFE functionality.  This is a
+	  very dangerous thing to use, since RSA private key
+	  operations without random padding bytes (as PKCS#1 adds) can
+	  be attacked such that the private key can be revealed.
+	- ASN.1 bug and rc2-40-cbc and rc4-40 added by
+	  Dr Stephen Henson <shenson@bigfoot.com>
+
+31-Aug-97 (stuff added while I was away)	
+	- Linux pthreads by Tim Hudson (tjh@cryptsoft.com).
+	- RSA_flags() added allowing bypass of pub/priv match check
+	  in ssl/ssl_rsa.c - Tim Hudson.
+	- A few minor bugs.
+
 SSLeay 0.8.1 released.
 
 19-Jul-97
diff --git a/INSTALL b/INSTALL
index 9cbdfd7d33..d394bf8a7b 100644
--- a/INSTALL
+++ b/INSTALL
@@ -38,7 +38,7 @@ make -f Makefile.ssl links
 Makefile.ssl		CC CFLAG EX_LIBS BN_MULW
 crypto/des/des.h	DES_LONG
 crypto/des/des_locl.h	DES_PTR
-crypto/md/md2.h		MD2_INT
+crypto/md2/md2.h	MD2_INT
 crypto/rc4/rc4.h	RC4_INT
 crypto/rc4/rc4_enc.c	RC4_INDEX
 crypto/rc2/rc2.h	RC2_INT
diff --git a/MINFO b/MINFO
index 024b85dc9e..0509f33648 100644
--- a/MINFO
+++ b/MINFO
@@ -3,12 +3,13 @@ AR=ar r
 BASENAME=SSLeay
 BF_ENC=bf_enc.o
 BN_MULW=bn_mulw.o
+CAST_ENC=c_enc.o
 CC=cc
 CFLAG=-O -DNOPROTO
 DES_ENC=des_enc.o fcrypt_b.o
 DIRS=crypto ssl rsaref apps test tools
-EDIRS=times doc bugs util include certs ms shlib mt demos
-EX_HEADER=
+EDIRS=times doc bugs util include certs ms shlib mt demos perl dep
+EXHEADER=e_os.h
 EX_LIBS=
 GENERAL=Makefile
 HEADER=e_os.h
@@ -18,25 +19,32 @@ MAKE=make -f Makefile.ssl
 MAKEFILE=Makefile.ssl
 MAN1=1
 MAN3=3
-MISC=COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com
-NAME=SSLeay-0.8.1
+MD5_ASM_OBJ=
+MISC=COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 README.090 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com config PATENTS
+NAME=SSLeay-0.9.0
 ONEDIRS=out tmp
 PEX_LIBS=-L. -L.. -L../.. -L../../..
-SDIRS=md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7
+RC4_ENC=rc4_enc.o
+RC5_ENC=rc5_enc.o
+RMD160_ASM_OBJ=
+SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7
+SHA1_ASM_OBJ=
 SHELL=/bin/sh
-TARFILE=SSLeay-0.8.1.tar
+TARFILE=SSLeay-0.9.0.tar
 TOP=.
-VERSION=0.8.1
+VERSION=0.9.0
 WDIRS=windows
-WTARFILE=SSLeay-0.8.1-win.tar
+WTARFILE=SSLeay-0.9.0-win.tar
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto
-ALL=Makefile README cryptlib.c mem.c cversion.c cryptlib.h date.h crypto.h cryptall.h
+ALL=Makefile README cryptlib.c mem.c cversion.c ex_data.c cpt_err.c cryptlib.h date.h crypto.h cryptall.h
 AR=ar r
 CC=cc
 CFLAG=-g
 CFLAGS=-I. -I../include -g -DCFLAGS=" \"cc -g\" "
 DIR=crypto
+ERR=crypto
+ERRC=cpt_err
 EXHEADER=crypto.h cryptall.h
 EX_LIBS=
 GENERAL=Makefile README
@@ -45,39 +53,64 @@ INCLUDE=-I. -I../include
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../libcrypto.a
-LIBOBJ=cryptlib.o mem.o cversion.o
+LIBOBJ=cryptlib.o mem.o cversion.o ex_data.o cpt_err.o
 LIBS=
-LIBSRC=cryptlib.c mem.c cversion.c
+LIBSRC=cryptlib.c mem.c cversion.c ex_data.c cpt_err.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
 PEX_LIBS=
 RM=/bin/rm -f
-SDIRS=md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7
-SRC=cryptlib.c mem.c cversion.c
+SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7
+SRC=cryptlib.c mem.c cversion.c ex_data.c cpt_err.c
 TOP=..
 RELATIVE_DIRECTORY=
-RELATIVE_DIRECTORY=crypto/md
-ALL=Makefile md2_dgst.c md5_dgst.c md2_one.c md5_one.c md5_locl.h md2.h md5.h
+RELATIVE_DIRECTORY=crypto/md2
+ALL=Makefile md2_dgst.c md5_one.c md2.h
 APPS=
 AR=ar r
 CC=cc
 CFLAG=-g
 CFLAGS= -g
 DIR=md
-EXHEADER=md2.h md5.h
+EXHEADER=md2.h
 GENERAL=Makefile
-HEADER=md5_locl.h md2.h md5.h
+HEADER=md2.h
 INCLUDES=
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=md2_dgst.o md5_dgst.o md2_one.o md5_one.o
-LIBSRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
+LIBOBJ=md2_dgst.o md2_one.o
+LIBSRC=md2_dgst.c md5_one.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
-TEST=md2test.c md5test.c
+SRC=md2_dgst.c md5_one.c
+TEST=md2test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/md5
+ALL=Makefile md5_dgst.c md5_one.c md5_locl.h md5.h
+APPS=md5.c
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DIR=md5
+EXHEADER=md5.h
+GENERAL=Makefile
+HEADER=md5_locl.h md5.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=md5_dgst.o md5_one.o 
+LIBSRC=md5_dgst.c md5_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+MD5_ASM_OBJ=
+SRC=md5_dgst.c md5_one.c
+TEST=md5test.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/sha
@@ -94,11 +127,12 @@ HEADER=sha_locl.h sha.h
 INCLUDES=
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o
+LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o 
 LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
+SHA1_ASM_OBJ=
 SRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
 TEST=shatest.c sha1test.c
 TOP=../..
@@ -126,8 +160,56 @@ SRC=mdc2dgst.c mdc2_one.c
 TEST=mdc2test.c
 TOP=../..
 RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/hmac
+ALL=Makefile hmac.c hmac.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=hmac
+EXHEADER=hmac.h
+GENERAL=Makefile
+HEADER=hmac.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=hmac.o
+LIBSRC=hmac.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=hmac.c
+TEST=hmactest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/ripemd
+ALL=Makefile rmd_dgst.c rmd_one.c rmd_locl.h rmdconst.h ripemd.h
+APPS=rmd160.c
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DIR=ripemd
+EXHEADER=ripemd.h
+GENERAL=Makefile
+HEADER=rmd_locl.h rmdconst.h ripemd.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rmd_dgst.o rmd_one.o 
+LIBSRC=rmd_dgst.c rmd_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+RIP_ASM_OBJ=
+SRC=rmd_dgst.c rmd_one.c
+TEST=rmdtest.c
+TOP=../..
+RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/des
-ALL=Makefile des.org des_locl.org cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h des.h
+ALL=Makefile des.org des_locl.org cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h des.h
 APPS=
 AR=ar r
 CC=cc
@@ -142,17 +224,40 @@ HEADER=des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h des.h
 INCLUDES=
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=set_key.o ecb_enc.o ede_enc.o cbc_enc.o cbc3_enc.o ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o enc_read.o enc_writ.o ncbc_enc.o ofb64enc.o ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o des_enc.o fcrypt_b.o read2pwd.o fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o cbc_cksm.o supp.o
-LIBSRC=cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
+LIBOBJ=set_key.o ecb_enc.o cbc_enc.o ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o enc_read.o enc_writ.o ofb64enc.o ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o des_enc.o fcrypt_b.o read2pwd.o fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o cbc_cksm.o supp.o
+LIBSRC=cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
+SRC=cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
 TEST=destest.c
 TOP=../..
 RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rc2
+ALL=Makefile rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c rc2_locl.h rc2.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=rc2
+EXHEADER=rc2.h
+GENERAL=Makefile
+HEADER=rc2_locl.h rc2.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
+LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+TEST=rc2test.c
+TOP=../..
+RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/rc4
-ALL=Makefile rc4_enc.c rc4.h
+ALL=Makefile rc4_skey.c rc4_enc.c rc4.h rc4_locl.h
 APPS=
 AR=ar r
 CC=cc
@@ -161,40 +266,43 @@ CFLAGS= -g
 DIR=rc4
 EXHEADER=rc4.h
 GENERAL=Makefile
-HEADER=rc4.h
+HEADER=rc4.h rc4_locl.h
 INCLUDES=
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=rc4_enc.o
-LIBSRC=rc4_enc.c
+LIBOBJ=rc4_skey.o rc4_enc.o
+LIBSRC=rc4_skey.c rc4_enc.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=rc4_enc.c
+RC4_ENC=rc4_enc.o
+SRC=rc4_skey.c rc4_enc.c
 TEST=rc4test.c
 TOP=../..
 RELATIVE_DIRECTORY=
-RELATIVE_DIRECTORY=crypto/rc2
-ALL=Makefile rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c rc2_locl.h rc2.h
+RELATIVE_DIRECTORY=crypto/rc5
+ALL=Makefile rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c rc5_locl.h rc5.h
 APPS=
 AR=ar r
 CC=cc
 CFLAG=-g
 CFLAGS= -g
-DIR=rc2
-EXHEADER=rc2.h
+CPP=cc -E
+DIR=rc5
+EXHEADER=rc5.h
 GENERAL=Makefile
-HEADER=rc2_locl.h rc2.h
+HEADER=rc5_locl.h rc5.h
 INCLUDES=
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
-LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+LIBOBJ=rc5_skey.o rc5_ecb.o rc5_enc.o rc5cfb64.o rc5ofb64.o
+LIBSRC=rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
-TEST=rc2test.c
+RC5_ENC=rc5_enc.o
+SRC=rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c
+TEST=rc5test.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/idea
@@ -221,7 +329,7 @@ TEST=ideatest.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/bf
-ALL=Makefile bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c bf_pi.h bf_locl.h blowfish.h
+ALL=Makefile bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c bf_pi.h bf_locl.h blowfish.h
 APPS=
 AR=ar r
 BF_ENC=bf_enc.o
@@ -236,17 +344,42 @@ HEADER=bf_pi.h bf_locl.h blowfish.h
 INCLUDES=
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=bf_skey.o bf_ecb.o bf_enc.o bf_cbc.o bf_cfb64.o bf_ofb64.o
-LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+LIBOBJ=bf_skey.o bf_ecb.o bf_enc.o bf_cfb64.o bf_ofb64.o
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+SRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c
 TEST=bftest.c
 TOP=../..
 RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/cast
+ALL=Makefile c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c cast_s.h cast_lcl.h cast.h
+APPS=
+AR=ar r
+CAST_ENC=c_enc.o
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DIR=cast
+EXHEADER=cast.h
+GENERAL=Makefile
+HEADER=cast_s.h cast_lcl.h cast.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=c_skey.o c_ecb.o c_enc.o c_cfb64.o c_ofb64.o
+LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c
+TEST=casttest.c
+TOP=../..
+RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/bn
-ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_lcl.h bn_prime.h bn.h
+ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c bn_lcl.h bn_prime.h bn.h
 APPS=
 AR=ar r
 BN_MULW=bn_mulw.o
@@ -262,17 +395,17 @@ HEADER=bn_lcl.h bn_prime.h bn.h
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_mulw.o bn_recp.o bn_mont.o
-LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o bn_blind.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_mulw.o bn_recp.o bn_mont.o bn_mpi.o
+LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c
 TEST=bntest.c exptest.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/rsa
-ALL=Makefile rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa.h
+ALL=Makefile rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa_pk1.c rsa_ssl.c rsa_none.c rsa.h
 APPS=
 AR=ar r
 CC=cc
@@ -287,12 +420,12 @@ HEADER=rsa.h
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=rsa_enc.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o
-LIBSRC=rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c
+LIBOBJ=rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o rsa_pk1.o rsa_ssl.o rsa_none.o
+LIBSRC=rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa_pk1.c rsa_ssl.c rsa_none.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c
+SRC=rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa_pk1.c rsa_ssl.c rsa_none.c
 TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
@@ -372,7 +505,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/bio
-ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bio.h
+ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bio.h bss_file.c
 APPS=
 AR=ar r
 CC=cc
@@ -381,9 +514,9 @@ CFLAGS=-I.. -I../../include -g
 DIR=bio
 ERR=bio
 ERRC=bio_err
-EXHEADER=bio.h
+EXHEADER=bio.h bss_file.c
 GENERAL=Makefile
-HEADER=bio.h
+HEADER=bio.h bss_file.c
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
@@ -472,7 +605,7 @@ AR=ar r
 CC=cc
 CFLAG=-g
 CFLAGS=-I.. -I../../include -g
-DIR=error
+DIR=err
 EXHEADER=err.h
 GENERAL=Makefile
 HEADER=err.h
@@ -514,7 +647,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/evp
-ALL=Makefile encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp.h
+ALL=Makefile encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c e_ecb_c.c e_cbc_c.c e_cfb_c.c e_ofb_c.c e_ecb_r5.c e_cbc_r5.c e_cfb_r5.c e_ofb_r5.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c m_ripemd.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp_lib.c evp.h
 APPS=
 AR=ar r
 CC=cc
@@ -529,12 +662,12 @@ HEADER=evp.h
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=encode.o digest.o evp_enc.o evp_key.o e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o e_ecb_i.o e_cbc_i.o e_cfb_i.o e_ofb_i.o e_ecb_3d.o e_cbc_3d.o e_rc4.o names.o e_cfb_3d.o e_ofb_3d.o e_xcbc_d.o e_ecb_r2.o e_cbc_r2.o e_cfb_r2.o e_ofb_r2.o e_ecb_bf.o e_cbc_bf.o e_cfb_bf.o e_ofb_bf.o m_null.o m_md2.o m_md5.o m_sha.o m_sha1.o m_dss.o m_dss1.o m_mdc2.o p_open.o p_seal.o p_sign.o p_verify.o p_lib.o bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o c_all.o
-LIBSRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c
+LIBOBJ=encode.o digest.o evp_enc.o evp_key.o e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o e_ecb_i.o e_cbc_i.o e_cfb_i.o e_ofb_i.o e_ecb_3d.o e_cbc_3d.o e_rc4.o names.o e_cfb_3d.o e_ofb_3d.o e_xcbc_d.o e_ecb_r2.o e_cbc_r2.o e_cfb_r2.o e_ofb_r2.o e_ecb_bf.o e_cbc_bf.o e_cfb_bf.o e_ofb_bf.o e_ecb_c.o e_cbc_c.o e_cfb_c.o e_ofb_c.o e_ecb_r5.o e_cbc_r5.o e_cfb_r5.o e_ofb_r5.o m_null.o m_md2.o m_md5.o m_sha.o m_sha1.o m_dss.o m_dss1.o m_mdc2.o m_ripemd.o p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o c_all.o evp_lib.o
+LIBSRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c e_ecb_c.c e_cbc_c.c e_cfb_c.c e_ofb_c.c e_ecb_r5.c e_cbc_r5.c e_cfb_r5.c e_ofb_r5.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c m_ripemd.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp_lib.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c
+SRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c e_ecb_c.c e_cbc_c.c e_cfb_c.c e_ofb_c.c e_ecb_r5.c e_cbc_r5.c e_cfb_r5.c e_ofb_r5.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c m_ripemd.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp_lib.c
 TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
@@ -565,7 +698,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/asn1
-ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c asn1.h asn1_mac.h
+ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c asn1.h asn1_mac.h
 APPS=
 AR=ar r
 CC=cc
@@ -580,12 +713,12 @@ HEADER=asn1.h asn1_mac.h
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o
-LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c
+LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o evp_asn1.o
+LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c
+SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c
 TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
@@ -688,7 +821,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=ssl
-ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h ssl_locl.h
+ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
 APPS=
 AR=ar r
 CC=cc
@@ -697,18 +830,18 @@ CFLAGS=-I../crypto -I../include -g
 DIR=ssl
 ERR=ssl
 ERRC=ssl_err
-EXHEADER=ssl.h ssl2.h ssl3.h ssl23.h
+EXHEADER=ssl.h ssl2.h ssl3.h ssl23.h tls1.h
 GENERAL=Makefile README
-HEADER=ssl.h ssl2.h ssl3.h ssl23.h ssl_locl.h
+HEADER=ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
 INCLUDES=-I../crypto -I../include
 INSTALLTOP=/usr/local/ssl
 LIB=../libssl.a
-LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_pkt.o s2_enc.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_pkt.o s3_enc.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o ssl_err.o
-LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o ssl_err.o
+LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
 TEST=ssltest.c
 TOP=..
 RELATIVE_DIRECTORY=
@@ -738,7 +871,7 @@ TEST=
 TOP=..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=apps
-ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h 
+ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h 
 A_OBJ=apps.o
 A_SRC=apps.c
 CC=cc
@@ -750,9 +883,9 @@ DLIBSSL=../libssl.a
 EXE=ssleay
 EXHEADER=
 EX_LIBS=
-E_EXE=verify asn1pars req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers
-E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o gendsa.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o
-E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+E_EXE=verify asn1pars req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers
+E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o
+E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
 GENERAL=Makefile
 HEADER=apps.h progs.h s_apps.h testdsa.h testrsa.h 
 INCLUDES=-I../include
@@ -766,16 +899,17 @@ PEX_LIBS=
 PROGS=ssleay.c
 RM=/bin/rm -f
 SCRIPTS=CA.sh der_chop
-SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
 SSLEAY=ssleay
 S_OBJ=s_cb.o s_socket.o
 S_SRC=s_cb.c s_socket.c
 TOP=..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=test
-ALL=Makefile.ssl bntest.c ideatest.c md2test.c md5test.c rc4test.c destest.c shatest.c sha1test.c mdc2test.c randtest.c dhtest.c rc2test.c bftest.c ssltest.c dsatest.c exptest.c 
+ALL=Makefile.ssl bntest.c ideatest.c md2test.c md5test.c hmactest.c rc2test.c rc4test.c rc5test.c destest.c shatest.c sha1test.c mdc2test.c rmdtest.c randtest.c dhtest.c casttest.c bftest.c ssltest.c dsatest.c exptest.c 
 BFTEST=bftest
 BNTEST=bntest
+CASTTEST=casttest
 CC=cc
 CFLAG=-g
 CFLAGS=-I../include -g
@@ -785,12 +919,13 @@ DIR=test
 DLIBCRYPTO=../libcrypto.a
 DLIBSSL=../libssl.a
 DSATEST=dsatest
-EXE=bntest ideatest md2test md5test rc4test destest shatest sha1test mdc2test randtest dhtest rc2test bftest ssltest exptest dsatest
+EXE=bntest ideatest md2test md5test hmactest rc2test rc4test rc5test destest shatest sha1test mdc2test rmdtest randtest dhtest bftest casttest ssltest exptest dsatest
 EXHEADER=
 EXPTEST=exptest
-EX_LIBS=-lnsl -lsocket
+EX_LIBS=
 GENERAL=Makefile.ssl
 HEADER=
+HMACTEST=hmactest
 IDEATEST=ideatest
 INCLUDES=-I../include
 INSTALLTOP=/usr/local/ssl
@@ -803,14 +938,16 @@ MD2TEST=md2test
 MD5TEST=md5test
 MDC2TEST=mdc2test
 METHTEST=methtest
-OBJ=bntest.o ideatest.o md2test.o md5test.o rc4test.o destest.o shatest.o sha1test.o mdc2test.o randtest.o dhtest.o rc2test.o bftest.o ssltest.o dsatest.o exptest.o
+OBJ=bntest.o ideatest.o md2test.o md5test.o hmactest.o rc2test.o rc4test.o rc5test.o destest.o shatest.o sha1test.o mdc2test.o rmdtest.o randtest.o dhtest.o casttest.o bftest.o ssltest.o dsatest.o exptest.o
 PEX_LIBS=
 RANDTEST=randtest
 RC2TEST=rc2test
 RC4TEST=rc4test
+RC5TEST=rc5test
+RMDTEST=rmdtest
 SHA1TEST=sha1test
 SHATEST=shatest
-SRC=bntest.c ideatest.c md2test.c md5test.c rc4test.c destest.c shatest.c sha1test.c mdc2test.c randtest.c dhtest.c rc2test.c bftest.c ssltest.c dsatest.c exptest.c
+SRC=bntest.c ideatest.c md2test.c md5test.c hmactest.c rc2test.c rc4test.c rc5test.c destest.c shatest.c sha1test.c mdc2test.c rmdtest.c randtest.c dhtest.c casttest.c bftest.c ssltest.c dsatest.c exptest.c
 SSLTEST=ssltest
 TOP=..
 RELATIVE_DIRECTORY=
diff --git a/Makefile.ssl b/Makefile.ssl
index 676ece0aa8..0f352027e6 100644
--- a/Makefile.ssl
+++ b/Makefile.ssl
@@ -1,6 +1,6 @@
 #
 # Makefile for all the SSL related library routines and utilities
-VERSION	= 0.8.1a
+VERSION = 0.9.0a
 #
 # make install will install:
 #   libraries into $INSTALLTOP/lib
@@ -21,9 +21,9 @@ VERSION	= 0.8.1a
 #
 # If you must get hold of people directly (we much prefer the above
 # lists to be used if the question is of general interest!):
-#	Eric Young <eay@cryptsoft.com>
-#	Tim Hudson <tjh@cryptsoft.com>
-#	or both    <ssleay@cryptsoft.com>
+#       Eric Young <eay@cryptsoft.com>
+#       Tim Hudson <tjh@cryptsoft.com>
+#       or both    <ssleay@cryptsoft.com>
 #
 # The primary distribution of SSLeay is from
 # ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL
@@ -35,71 +35,124 @@ VERSION	= 0.8.1a
 # NO_RC4  - Define to build without the RC4 algorithm
 # NO_RC2  - Define to build without the RC2 algorithm
 # THREADS - Define when building with threads, you will probably also need any
-#	    system defines as well, i.e. _REENTERANT for Solaris 2.[34]
+#           system defines as well, i.e. _REENTERANT for Solaris 2.[34]
 # TERMIO  - Define the termio terminal subsystem, needed if sgtty is missing.
 # TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
 # LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
 # DEVRANDOM - Give this the value of the 'random device' if your OS supports
-#	    one.  32 bytes will be read from this when the random
-#	    number generator is initalised.
+#           one.  32 bytes will be read from this when the random
+#           number generator is initalised.
 # SSL_ALLOW_ADH - define if you want the server to be able to use the
-#	    SSLv3 anon-DH ciphers.
+#           SSLv3 anon-DH ciphers.
 # SSL_ALLOW_ENULL - define if you want the server to be able to use the
-#	    NULL encryption ciphers.
+#           NULL encryption ciphers.
 #
 # LOCK_DEBUG - turns on lots of lock debug output :-)
 # REF_CHECK - turn on some xyz_free() assertions.
+# REF_PRINT - prints some stuff on structure free.
 # CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
 # MFUNC - Make all Malloc/Free/Realloc calls call
-#	CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
-#	call application defined callbacks via CRYPTO_set_mem_functions()
+#       CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
+#       call application defined callbacks via CRYPTO_set_mem_functions()
+# MD5_ASM needs to be defined to use the x86 assembler for MD5
+# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
+# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
 
 
 CC= cc
+#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
 CFLAG= -O -DNOPROTO
-#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
 PEX_LIBS= -L. -L.. -L../.. -L../../..
 EX_LIBS= 
-#EX_LIBS= #-lRSAglue -lrsaref -lnsl -lsocket
 AR=ar r
 
 # Set BN_MULW to bn_mulw.o if you want to use the C version
-#BN_MULW= asm/x86-lnx.o
 BN_MULW= bn_mulw.o
-#BN_MULW= asm/x86-lnx.o		# elf
-#BN_MULW= asm/x86-sol.o		# solaris
-#BN_MULW= asm/x86-lnxa.o	# a.out, FreeBSD
-#BN_MULW= asm/x86-bsdi.o	# bsdi
-#BN_MULW= asm/alpha.o		# DEC Alpha
-#BN_MULW= asm/pa-risc2.o	# HP-UX PA-RISC
-#BN_MULW= asm/r3000.o		# SGI MIPS cpu
-#BN_MULW= asm/sparc.o		# Sun solaris/SunOS
-#BN_MULW= asm/x86nt32.o		# Windows 95/NT
-#BN_MULW= asm/x86w16.o		# 16 bit code for Windows 3.1/DOS
-#BN_MULW= asm/x86w32.o		# 32 bit code for Windows 3.1
+#BN_MULW= bn_mulw.o
+#BN_MULW= asm/bn86-elf.o        # elf, linux-elf
+#BN_MULW= asm/bn86-sol.o        # solaris
+#BN_MULW= asm/bn86-out.o        # a.out, FreeBSD
+#BN_MULW= asm/bn86bsdi.o        # bsdi
+#BN_MULW= asm/alpha.o           # DEC Alpha
+#BN_MULW= asm/pa-risc2.o        # HP-UX PA-RISC
+#BN_MULW= asm/r3000.o           # SGI MIPS cpu
+#BN_MULW= asm/sparc.o           # Sun solaris/SunOS
+#BN_MULW= asm/bn-win32.o                # Windows 95/NT
+#BN_MULW= asm/x86w16.o          # 16 bit code for Windows 3.1/DOS
+#BN_MULW= asm/x86w32.o          # 32 bit code for Windows 3.1
 
 # Set DES_ENC to des_enc.o if you want to use the C version
 #There are 4 x86 assember options.
 DES_ENC= des_enc.o fcrypt_b.o
-#DES_ENC= des_enc.o fcrypt_b.o		# C
-#DES_ENC= asm/dx86-elf.o asm/cx86-elf.o # elf
-#DES_ENC= asm/dx86-sol.o asm/cx86-sol.o	# solaris
-#DES_ENC= asm/dx86-out.o asm/cx86-out.o	# a.out, FreeBSD
-#DES_ENC= asm/dx86bsdi.o asm/cx86bsdi.o	# bsdi
+#DES_ENC= des_enc.o fcrypt_b.o          # C
+#DES_ENC= asm/dx86-elf.o asm/yx86-elf.o # elf
+#DES_ENC= asm/dx86-sol.o asm/yx86-sol.o # solaris
+#DES_ENC= asm/dx86-out.o asm/yx86-out.o # a.out, FreeBSD
+#DES_ENC= asm/dx86bsdi.o asm/yx86bsdi.o # bsdi
 
 # Set BF_ENC to bf_enc.o if you want to use the C version
 #There are 4 x86 assember options.
 BF_ENC= bf_enc.o
-#BF_ENC= bf_enc.o	# C
+#BF_ENC= bf_enc.o
 #BF_ENC= asm/bx86-elf.o # elf
-#BF_ENC= asm/bx86-sol.o	# solaris
-#BF_ENC= asm/bx86-out.o	# a.out, FreeBSD
-#BF_ENC= asm/bx86bsdi.o	# bsdi
+#BF_ENC= asm/bx86-sol.o # solaris
+#BF_ENC= asm/bx86-out.o # a.out, FreeBSD
+#BF_ENC= asm/bx86bsdi.o # bsdi
 
-DIRS=	crypto ssl rsaref apps test tools
+# Set CAST_ENC to c_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+CAST_ENC= c_enc.o
+#CAST_ENC= c_enc.o
+#CAST_ENC= asm/cx86-elf.o # elf
+#CAST_ENC= asm/cx86-sol.o # solaris
+#CAST_ENC= asm/cx86-out.o # a.out, FreeBSD
+#CAST_ENC= asm/cx86bsdi.o # bsdi
+
+# Set RC4_ENC to rc4_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+RC4_ENC= rc4_enc.o
+#RC4_ENC= rc4_enc.o
+#RC4_ENC= asm/rx86-elf.o # elf
+#RC4_ENC= asm/rx86-sol.o # solaris
+#RC4_ENC= asm/rx86-out.o # a.out, FreeBSD
+#RC4_ENC= asm/rx86bsdi.o # bsdi
+
+# Set RC5_ENC to rc5_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+RC5_ENC= rc5_enc.o
+#RC5_ENC= rc5_enc.o
+#RC5_ENC= asm/r586-elf.o # elf
+#RC5_ENC= asm/r586-sol.o # solaris
+#RC5_ENC= asm/r586-out.o # a.out, FreeBSD
+#RC5_ENC= asm/r586bsdi.o # bsdi
+
+# Also need MD5_ASM defined
+MD5_ASM_OBJ= 
+#MD5_ASM_OBJ= asm/mx86-elf.o        # elf
+#MD5_ASM_OBJ= asm/mx86-sol.o        # solaris
+#MD5_ASM_OBJ= asm/mx86-out.o        # a.out, FreeBSD
+#MD5_ASM_OBJ= asm/mx86bsdi.o        # bsdi
+
+# Also need SHA1_ASM defined
+SHA1_ASM_OBJ= 
+#SHA1_ASM_OBJ= asm/sx86-elf.o       # elf
+#SHA1_ASM_OBJ= asm/sx86-sol.o       # solaris
+#SHA1_ASM_OBJ= asm/sx86-out.o       # a.out, FreeBSD
+#SHA1_ASM_OBJ= asm/sx86bsdi.o       # bsdi
+
+# Also need RMD160_ASM defined
+RMD160_ASM_OBJ= 
+#RMD160_ASM_OBJ= asm/rm86-elf.o       # elf
+#RMD160_ASM_OBJ= asm/rm86-sol.o       # solaris
+#RMD160_ASM_OBJ= asm/rm86-out.o       # a.out, FreeBSD
+#RMD160_ASM_OBJ= asm/rm86bsdi.o       # bsdi
+
+DIRS=   crypto ssl rsaref apps test tools
 # dirs in crypto to build
 SDIRS=  \
-	md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh \
+	md2 md5 sha mdc2 hmac ripemd \
+	des rc2 rc4 rc5 idea bf cast \
+	bn rsa dsa dh \
 	buffer bio stack lhash rand err objects \
 	evp pem asn1 x509 conf txt_db pkcs7
 
@@ -108,46 +161,46 @@ SDIRS=  \
 INSTALLTOP=/usr/local/ssl
 
 MAKEFILE= Makefile.ssl
-MAKE=	  make -f Makefile.ssl
+MAKE=     make -f Makefile.ssl
 
 MAN1=1
 MAN3=3
 SHELL=/bin/sh
 
-TOP=	.
+TOP=    .
 ONEDIRS=out tmp
-EDIRS=	times doc bugs util include certs ms shlib mt demos
-MISC=	COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile \
-	README TODO HISTORY README.066 README.080 \
+EDIRS=  times doc bugs util include certs ms shlib mt demos perl dep
+MISC=   COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile \
+	README TODO HISTORY README.066 README.080 README.090 \
 	VERSION PROBLEMS MINFO makefile.one e_os.h \
-	MICROSOFT makevms.com
-WDIRS=	windows
-LIBS=	libcrypto.a libssl.a 
-
-GENERAL=	Makefile
-BASENAME=	SSLeay
-NAME=		$(BASENAME)-$(VERSION)
-TARFILE=	$(NAME).tar
-WTARFILE=	$(NAME)-win.tar
-EX_HEADER=
-HEADER=		e_os.h
+	MICROSOFT makevms.com config PATENTS
+WDIRS=  windows
+LIBS=   libcrypto.a libssl.a 
+
+GENERAL=        Makefile
+BASENAME=       SSLeay
+NAME=           $(BASENAME)-$(VERSION)
+TARFILE=        $(NAME).tar
+WTARFILE=       $(NAME)-win.tar
+EXHEADER=       e_os.h
+HEADER=         e_os.h
 
 all:
 	@for i in $(DIRS) ;\
 	do \
 	(cd $$i; echo "making $$i..."; \
-	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' SDIRS='${SDIRS}' AR='${AR}' all ); \
+	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' SDIRS='${SDIRS}' AR='${AR}' all ); \
 	done;
 
 sub_all:
 	@for i in $(DIRS) ;\
 	do \
 	(cd $$i; echo "making $$i..."; \
-	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' AR='${AR}' all ); \
+	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' all ); \
 	done;
 
 clean:
-	/bin/rm -f *.o core a.out fluff *.map
+	/bin/rm -f shlib/*.o *.o core a.out fluff *.map
 	@for i in $(DIRS) ;\
 	do \
 	(cd $$i; echo "cleaning $$i..."; \
@@ -158,14 +211,14 @@ clean:
 	/bin/rm -f $(TARFILE)
 	@for i in $(ONEDIRS) ;\
 	do \
-	/bin/rm -f $$i/*; \
+	/bin/rm -fr $$i/*; \
 	done
 
 makefile.one: files
 	perl util/mk1mf.pl >makefile.one; \
 	sh util/do_ms.sh
 
-files:	MINFO
+files:  MINFO
 	perl $(TOP)/util/files.pl Makefile.ssl > $(TOP)/MINFO
 	@for i in $(DIRS) ;\
 	do \
@@ -176,13 +229,14 @@ files:	MINFO
 links:
 	/bin/rm -f Makefile;
 	./util/point.sh Makefile.ssl Makefile;
+	$(TOP)/util/mklink.sh include $(EXHEADER) ;
 	@for i in $(DIRS) ;\
 	do \
 	(cd $$i; echo "making links in $$i..."; \
 	$(MAKE) SDIRS='${SDIRS}' links ); \
 	done;
 	# @(cd apps; sh ./mklinks)
-	sh tools/c_rehash certs
+	@( SSLEAY="`pwd`/apps/ssleay"; export SSLEAY; sh tools/c_rehash certs )
 
 dclean:
 	/bin/rm -f *.bak
@@ -195,11 +249,11 @@ dclean:
 rehash:
 	@(PATH="`pwd`/apps:${PATH}"; sh tools/c_rehash certs)
 
-test:	tests
+test:   tests
 
 tests:
 	(cd test; echo "testing $$i..."; \
-	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' SDIRS='${SDIRS}' AR='${AR}' tests );
+	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests );
 	@apps/ssleay version -a
 
 depend:
@@ -242,8 +296,9 @@ tar:
 	mv $(NAME) $(BASENAME) ) 
 	gzip -f $(TARFILE)
 
-dist:	
+dist:   
 	perl Configure dist
+	perl util/up_ver.pl ${VERSION}
 	@$(MAKE) dist_pem_h
 	@$(MAKE) SDIRS='${SDIRS}' clean
 	@$(MAKE) SDIRS='${SDIRS}' dclean
@@ -267,7 +322,7 @@ install: all
 	done
 	@for i in $(LIBS) ;\
 	do \
-	(	echo installing $$i; \
+	(       echo installing $$i; \
 		cp $$i $(INSTALLTOP)/lib; \
 		sh util/ranlib.sh $(INSTALLTOP)/lib/$$i; \
 		chmod 644 $(INSTALLTOP)/lib/$$i ); \
diff --git a/PATENTS b/PATENTS
new file mode 100644
index 0000000000..61423d03c8
--- /dev/null
+++ b/PATENTS
@@ -0,0 +1,9 @@
+RSA Data Security holds software patents on the RSA and RC5 algorithms.
+If there ciphers are used used inside the USA (and Japan?), you must contact
+RSA Data Security for licencing conditions.
+
+The IDEA algorithm is patented by XXXX and they should be contacted if that
+algorithm is to be used.
+
+RC4 is a trademark of RSA Data Security, so use of this label should perhaps
+only me used with RSA Data Security's permission.
diff --git a/README b/README
index 543a1336f5..eaa77007f0 100644
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
-		SSLeay 0.8.1b 29-Jun-1998
+		SSLeay 0.9.0b 29-Jun-1998
 		Copyright (c) 1997, Eric Young
 		All rights reserved.
 
diff --git a/README.090 b/README.090
new file mode 100644
index 0000000000..634870d5f1
--- /dev/null
+++ b/README.090
@@ -0,0 +1,71 @@
+10-Apr-1998
+I said the next version would go out at easter, and so it shall.
+I expect a 0.9.1 will follow with portability fixes in the next few weeks.
+
+This is a quick, meet the deadline.  Look to ssl-users for comments on what
+is new etc.
+
+The state of play
+- TLSv1 - I need to do some explaining about how the methods interact.
+  The bad news is that SSLeay 0.8.x application will not roll back to
+  SSLv3, I suffed up.  0.8.x is rather pedantic about the '3.0' version
+  number.  Look at the 'no-tls' options in applications in the apps directory.
+- The perl5 stuff is very rough.  The SSL part does not work due to
+  reference count hassles in the BIO stuff.  I just have not had time to
+  look at it.  The cipher, digest and bignum stuff works though.  I just
+  need to clean up the API.
+- Lots of x86 assember.  I now have it for des, 3des, rc4, rc5, blowfish,
+  cast, md5, sha1 and ripemd160.  It has been tested on win32, linux (elf)
+  and FreeBSD (a.out).
+- As mentioned above, cast, rc5 and ripemd160 have been added.
+- A simple HMAC set of functions.
+- EX_DATA strucutre, which can be used by applications or other libraries
+  to tack arbitarty data against strucutures that include it.
+  You will probably have to see examples to see how to use it, and I will
+  elaberate on the ssl-users mailing list
+- RSA blinding.  If you fear timing attacks on RSA, you can turn on
+  blinding which defeats it.
+- From Tim Hudson, try running 'sh config' instead of 'perl Configure'.
+  I makes an educated guess as to what you are and then runs 'perl Configure'
+- The error stuff has been modified so arbitary strings can be taged
+  against an error message.  It is used in a few places to elaberate on
+  parameters that caused the error.
+
+Areas of work
+- The 16bit big-num assember needs a routine added.  The WIN16 and
+  WIN32 stuff is ok, but MS-DOS or 286 builds need the update.
+- Most of the bignum assember will not work.  There will be a function
+  missing, bn_add_words().  I need people to send me the C compiler output
+  for platforms I don't already have.  Currently, the assember is correct for
+  x86, win32, win16(386+), linux elf, FreeBSD a.out and sparc.
+- PKCS7, I have delusions of s/MIME.  I need to do a BIO interface.
+- perl5, it needs finishing
+- X509v3 extension.  I have some ideas, I just need to
+  implement them :-)
+- Public key methods.  I need to clean up the library internally so
+  public key methods are loaded is a similar way to symetric ciphers
+  and digests.  I also need to seperate out the digests from public
+  key methods.  This stuff is needed to support sortware patents, smaller
+  code size and hardware tokens.
+
+Anyway, this release gets out the bug fixes and TLS, but be warned, until
+all those old SSLeay 0.8.x based server get upgraded, you will need to
+connect with SSLv3 if TLSv1 fails.
+
+eric (about to go bushwalking for the 4 day easter break :-)
+
+PS Common problems
+- For Win32 build, use /MD to specify your libraries, or build SSLeay with
+  the same flags as your application.  Visual C stuffs up the malloc routines
+  if memory allocated by one memory model is freed by another.  FILE pointers
+  are a major cause of these problem.
+- If you are trying to use non-blocking IO and it is not working,
+  try 'ssleay s_client -help' and see if the -nbio option is listed.
+  For unixware, it has the non-block IO define in 'differnt' header file
+  and SSLeay will silently build without non-blocking IO calls (but for
+  unixware, the special header has been included).
+- -DL_ENDIAN.  For the message digests, some code needs to be turned off
+  in the C code when assember is used.  For x86, this means the L_ENDIAN
+  needs to defined when x86 -DSHA1_ASM is defined.  The reasons this is
+  not automagically done is because non-x86 assember could be bigendian.
+  For pure C code builds, the B_ENDIAN/L_ENDIAN flags are optional.
diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl
index 4fac51faa3..1cace40ab7 100644
--- a/apps/Makefile.ssl
+++ b/apps/Makefile.ssl
@@ -31,7 +31,7 @@ SCRIPTS=CA.sh der_chop
 
 EXE= $(SSLEAY)
 
-E_EXE=	verify asn1pars req dgst dh enc gendh gendsa errstr ca crl \
+E_EXE=	verify asn1pars req dgst dh enc gendh errstr ca crl \
 	rsa dsa dsaparam \
 	x509 genrsa s_server s_client speed \
 	s_time version pkcs7 crl2pkcs7 sess_id ciphers
@@ -44,7 +44,7 @@ S_OBJ=	s_cb.o s_socket.o
 S_SRC=	s_cb.c s_socket.c
 
 E_OBJ=	verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \
-	gendsa.o pkcs7.o crl2p7.o crl.o \
+	pkcs7.o crl2p7.o crl.o \
 	rsa.o dsa.o dsaparam.o \
 	x509.o genrsa.o s_server.o s_client.o speed.o \
 	s_time.o $(A_OBJ) $(S_OBJ) version.o sess_id.o \
@@ -53,7 +53,7 @@ E_OBJ=	verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \
 #	pem_mail.o
 
 E_SRC=	verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c \
-	gendsa.c pkcs7.c crl2p7.c crl.c \
+	pkcs7.c crl2p7.c crl.c \
 	rsa.c dsa.c dsaparam.c \
 	x509.c genrsa.c s_server.c s_client.c speed.c \
 	s_time.c $(A_SRC) $(S_SRC) version.c sess_id.c \
diff --git a/apps/apps.c b/apps/apps.c
index 7c9510e3b5..5f0c8fa539 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1,5 +1,5 @@
 /* apps/apps.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -65,13 +65,8 @@
 #include "apps.h"
 #undef NON_MAIN
 
-#ifdef WIN16
-#define APPS_WIN16
-#ifdef FLAT_BUILD
-#include "bss_file.c"
-#else
-#include "../crypto/bio/bss_file.c"
-#endif
+#ifdef WINDOWS
+#  include "bss_file.c"
 #endif
 
 #ifndef NOPROTO
diff --git a/apps/apps.h b/apps/apps.h
index 528828cf63..25a9262e03 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -1,5 +1,5 @@
 /* apps/apps.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -59,18 +59,14 @@
 #ifndef HEADER_APPS_H
 #define HEADER_APPS_H
 
-#ifdef FLAT_INC
 #include "e_os.h"
-#else
-#include "../e_os.h"
-#endif
 
 #include "buffer.h"
 #include "bio.h"
 #include "crypto.h"
 #include "progs.h"
 
-#ifdef WIN16
+#ifdef NO_STDIO
 BIO_METHOD *BIO_s_file();
 #endif
 
diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 111e282709..3d382282e4 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -1,5 +1,5 @@
 /* apps/asn1pars.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -75,6 +75,7 @@
  * -i		- indent the details by depth
  * -offset	- where in the file to start
  * -length	- how many bytes to use
+ * -oid file	- extra oid decription file
  */
 
 #undef PROG
@@ -89,17 +90,16 @@ char **argv;
 	long num;
 	BIO *in=NULL,*out=NULL,*b64=NULL;
 	int informat,indent=0;
-	char *infile,*str=NULL,*prog;
+	char *infile=NULL,*str=NULL,*prog,*oidfile=NULL;
 	BUF_MEM *buf=NULL;
 
-	infile=NULL;
 	informat=FORMAT_PEM;
 
 	apps_startup();
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	prog=argv[0];
 	argc--;
@@ -120,6 +120,11 @@ char **argv;
 			{
 			indent=1;
 			}
+		else if (strcmp(*argv,"-oid") == 0)
+			{
+			if (--argc < 1) goto bad;
+			oidfile= *(++argv);
+			}
 		else if (strcmp(*argv,"-offset") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -151,6 +156,7 @@ bad:
 		BIO_printf(bio_err," -offset arg   offset into file\n");
 		BIO_printf(bio_err," -length arg   lenth of section in file\n");
 		BIO_printf(bio_err," -i            indent entries\n");
+		BIO_printf(bio_err," -oid file     file of extra oid definitions\n");
 		goto end;
 		}
 
@@ -163,7 +169,19 @@ bad:
 		ERR_print_errors(bio_err);
 		goto end;
 		}
-	BIO_set_fp(out,stdout,BIO_NOCLOSE);
+	BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
+
+	if (oidfile != NULL)
+		{
+		if (BIO_read_filename(in,oidfile) <= 0)
+			{
+			BIO_printf(bio_err,"problems opening %s\n",oidfile);
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		OBJ_create_objects(in);
+		}
+
 	if (infile == NULL)
 		BIO_set_fp(in,stdin,BIO_NOCLOSE);
 	else
@@ -214,6 +232,7 @@ end:
 	if (ret != 0)
 		ERR_print_errors(bio_err);
 	if (buf != NULL) BUF_MEM_free(buf);
+	OBJ_cleanup();
 	EXIT(ret);
 	}
 
diff --git a/apps/ca.c b/apps/ca.c
index 3e10d6c275..a5848366cf 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1,5 +1,5 @@
 /* apps/ca.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -97,6 +97,7 @@
 #define ENV_PRIVATE_KEY		"private_key"
 #define ENV_RANDFILE		"RANDFILE"
 #define ENV_DEFAULT_DAYS 	"default_days"
+#define ENV_DEFAULT_STARTDATE 	"default_startdate"
 #define ENV_DEFAULT_CRL_DAYS 	"default_crl_days"
 #define ENV_DEFAULT_CRL_HOURS 	"default_crl_hours"
 #define ENV_DEFAULT_MD		"default_md"
@@ -139,6 +140,7 @@ static char *ca_usage[]={
 " -outdir dir     - Where to put output certificates\n",
 " -infiles ....   - The last argument, requests to process\n",
 " -spkac file     - File contains DN and signed public key and challenge\n",
+" -ss_cert file   - File contains a self signed cert to sign\n",
 " -preserveDN     - Don't re-order the DN\n",
 " -batch	  - Don't ask questions\n",
 " -msie_hack	  - msie modifications to handle all thos universal strings\n",
@@ -163,16 +165,19 @@ static int index_name_cmp(char **a,char **b);
 static BIGNUM *load_serial(char *serialfile);
 static int save_serial(char *serialfile, BIGNUM *serial);
 static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
-	EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,int days,
-	int batch, STACK *extensions,int verbose);
+	EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,char *startdate,
+	int days, int batch, STACK *extensions,int verbose);
+static int certify_cert(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
+	EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,char *startdate,
+	int days,int batch,STACK *extensions,int verbose);
 static int certify_spkac(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
-	EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,int days,
-	STACK *extensions,int verbose);
+	EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,char *startdate,
+	int days,STACK *extensions,int verbose);
 static int fix_data(int nid, int *type);
 static void write_new_certificate(BIO *bp, X509 *x, int output_der);
 static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, EVP_MD *dgst,
-	STACK *policy, TXT_DB *db, BIGNUM *serial, int days, int batch,
-	int verbose, X509_REQ *req, STACK *extensions);
+	STACK *policy, TXT_DB *db, BIGNUM *serial, char *startdate,
+	int days, int batch, int verbose, X509_REQ *req, STACK *extensions);
 static int check_time_format(char *str);
 #else
 static STACK *load_extensions();
@@ -187,6 +192,7 @@ static int fix_data();
 static BIGNUM *load_serial();
 static int save_serial();
 static int certify();
+static int certify_cert();
 static int certify_spkac();
 static void write_new_certificate();
 static int do_body();
@@ -221,6 +227,7 @@ char **argv;
 	char *certfile=NULL;
 	char *infile=NULL;
 	char *spkac_file=NULL;
+	char *ss_cert_file=NULL;
 	EVP_PKEY *pkey=NULL;
 	int output_der = 0;
 	char *outfile=NULL;
@@ -228,6 +235,7 @@ char **argv;
 	char *serialfile=NULL;
 	char *extensions=NULL;
 	BIGNUM *serial=NULL;
+	char *startdate=NULL;
 	int days=0;
 	int batch=0;
 	X509 *x509=NULL;
@@ -263,7 +271,7 @@ EF_ALIGNMENT=0;
 	preserve=0;
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	argc--;
 	argv++;
@@ -281,6 +289,11 @@ EF_ALIGNMENT=0;
 			if (--argc < 1) goto bad;
 			section= *(++argv);
 			}
+		else if (strcmp(*argv,"-startdate") == 0)
+			{
+			if (--argc < 1) goto bad;
+			startdate= *(++argv);
+			}
 		else if (strcmp(*argv,"-days") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -352,6 +365,12 @@ EF_ALIGNMENT=0;
 			req=1;
 			break;
 			}
+		else if (strcmp(*argv, "-ss_cert") == 0)
+			{
+			if (--argc < 1) goto bad;
+			ss_cert_file = *(++argv);
+			req=1;
+			}
 		else if (strcmp(*argv, "-spkac") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -570,7 +589,7 @@ bad:
 		}
 	if (verbose)
 		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE); /* cannot fail */
+		BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT); /* cannot fail */
 		TXT_DB_write(out,db);
 		BIO_printf(bio_err,"%d entries loaded from the database\n",
 			db->data->num);
@@ -605,7 +624,7 @@ bad:
 				}
 			}
 		else
-			BIO_set_fp(Sout,stdout,BIO_NOCLOSE);
+			BIO_set_fp(Sout,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
 		}
 
 	if (req)
@@ -647,6 +666,22 @@ bad:
 				goto err;
 			}
 
+		if (startdate == NULL)
+			{
+			startdate=(char *)CONF_get_string(conf,section,
+				ENV_DEFAULT_STARTDATE);
+			if (startdate == NULL)
+				startdate="today";
+			else
+				{
+				if (!ASN1_UTCTIME_set_string(NULL,startdate))
+					{
+					BIO_printf(bio_err,"start date is invalid, it should be YYMMDDHHMMSS\n");
+					goto err;
+					}
+				}
+			}
+
 		if (days == 0)
 			{
 			days=(int)CONF_get_number(conf,section,
@@ -685,7 +720,7 @@ bad:
 			{
 			total++;
 			j=certify_spkac(&x,spkac_file,pkey,x509,dgst,attribs,db,
-				serial,days,extensions_sk,verbose);
+				serial,startdate,days,extensions_sk,verbose);
 			if (j < 0) goto err;
 			if (j > 0)
 				{
@@ -704,11 +739,31 @@ bad:
 					}
 				}
 			}
+		if (ss_cert_file != NULL)
+			{
+			total++;
+			j=certify_cert(&x,ss_cert_file,pkey,x509,dgst,attribs,
+				db,serial,startdate,days,batch,
+				extensions_sk,verbose);
+			if (j < 0) goto err;
+			if (j > 0)
+				{
+				total_done++;
+				BIO_printf(bio_err,"\n");
+				if (!BN_add_word(serial,1)) goto err;
+				if (!sk_push(cert_sk,(char *)x))
+					{
+					BIO_printf(bio_err,"Malloc failure\n");
+					goto err;
+					}
+				}
+			}
 		if (infile != NULL)
 			{
 			total++;
 			j=certify(&x,infile,pkey,x509,dgst,attribs,db,
-				serial,days,batch,extensions_sk,verbose);
+				serial,startdate,days,batch,
+				extensions_sk,verbose);
 			if (j < 0) goto err;
 			if (j > 0)
 				{
@@ -726,7 +781,8 @@ bad:
 			{
 			total++;
 			j=certify(&x,argv[i],pkey,x509,dgst,attribs,db,
-				serial,days,batch,extensions_sk,verbose);
+				serial,startdate,days,batch,
+				extensions_sk,verbose);
 			if (j < 0) goto err;
 			if (j > 0)
 				{
@@ -798,7 +854,7 @@ bad:
 				{
 				for (k=0; k<j; k++)
 					{
-					sprintf((char *)n,"%02X",*(p++));
+					sprintf((char *)n,"%02X",(unsigned char)*(p++));
 					n+=2;
 					}
 				}
@@ -893,6 +949,8 @@ bad:
 		if (ci->issuer == NULL) goto err;
 
 		X509_gmtime_adj(ci->lastUpdate,0);
+		if (ci->nextUpdate == NULL)
+			ci->nextUpdate=ASN1_UTCTIME_new();
 		X509_gmtime_adj(ci->nextUpdate,(crldays*24+crlhours)*60*60);
 
 		for (i=0; i<sk_num(db->data); i++)
@@ -1092,7 +1150,7 @@ err:
 	return(ret);
 	}
 
-static int certify(xret,infile,pkey,x509,dgst,policy,db,serial,days,
+static int certify(xret,infile,pkey,x509,dgst,policy,db,serial,startdate,days,
 	batch,extensions,verbose)
 X509 **xret;
 char *infile;
@@ -1102,6 +1160,7 @@ EVP_MD *dgst;
 STACK *policy;
 TXT_DB *db;
 BIGNUM *serial;
+char *startdate;
 int days;
 int batch;
 STACK *extensions;
@@ -1130,15 +1189,6 @@ int verbose;
 
 	BIO_printf(bio_err,"Check that the request matches the signature\n");
 
-	if (	(req->req_info == NULL) ||
-		(req->req_info->pubkey == NULL) ||
-		(req->req_info->pubkey->public_key == NULL) ||
-		(req->req_info->pubkey->public_key->data == NULL))
-		{
-		BIO_printf(bio_err,"The certificate request appears to corrupted\n");
-		BIO_printf(bio_err,"It does not contain a public key\n");
-		goto err;
-		}
 	if ((pktmp=X509_REQ_get_pubkey(req)) == NULL)
 		{
 		BIO_printf(bio_err,"error unpacking public key\n");
@@ -1160,8 +1210,8 @@ int verbose;
 	else
 		BIO_printf(bio_err,"Signature ok\n");
 
-	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,days,batch,verbose,req,
-		extensions);
+	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,
+		days,batch,verbose,req,extensions);
 
 err:
 	if (req != NULL) X509_REQ_free(req);
@@ -1169,15 +1219,89 @@ err:
 	return(ok);
 	}
 
-static int do_body(xret,pkey,x509,dgst,policy,db,serial,days,batch,verbose,req,
-	extensions)
+static int certify_cert(xret,infile,pkey,x509,dgst,policy,db,serial,startdate,
+	days, batch,extensions,verbose)
 X509 **xret;
+char *infile;
 EVP_PKEY *pkey;
 X509 *x509;
 EVP_MD *dgst;
 STACK *policy;
 TXT_DB *db;
 BIGNUM *serial;
+char *startdate;
+int days;
+int batch;
+STACK *extensions;
+int verbose;
+	{
+	X509 *req=NULL;
+	X509_REQ *rreq=NULL;
+	BIO *in=NULL;
+	EVP_PKEY *pktmp=NULL;
+	int ok= -1,i;
+
+	in=BIO_new(BIO_s_file());
+
+	if (BIO_read_filename(in,infile) <= 0)
+		{
+		perror(infile);
+		goto err;
+		}
+	if ((req=PEM_read_bio_X509(in,NULL,NULL)) == NULL)
+		{
+		BIO_printf(bio_err,"Error reading self signed certificate in %s\n",infile);
+		goto err;
+		}
+	if (verbose)
+		X509_print(bio_err,req);
+
+	BIO_printf(bio_err,"Check that the request matches the signature\n");
+
+	if ((pktmp=X509_get_pubkey(req)) == NULL)
+		{
+		BIO_printf(bio_err,"error unpacking public key\n");
+		goto err;
+		}
+	i=X509_verify(req,pktmp);
+	if (i < 0)
+		{
+		ok=0;
+		BIO_printf(bio_err,"Signature verification problems....\n");
+		goto err;
+		}
+	if (i == 0)
+		{
+		ok=0;
+		BIO_printf(bio_err,"Signature did not match the certificate request\n");
+		goto err;
+		}
+	else
+		BIO_printf(bio_err,"Signature ok\n");
+
+	if ((rreq=X509_to_X509_REQ(req,NULL,EVP_md5())) == NULL)
+		goto err;
+
+	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,days,
+		batch,verbose,rreq,extensions);
+
+err:
+	if (rreq != NULL) X509_REQ_free(rreq);
+	if (req != NULL) X509_free(req);
+	if (in != NULL) BIO_free(in);
+	return(ok);
+	}
+
+static int do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,days,
+	batch,verbose,req, extensions)
+X509 **xret;
+EVP_PKEY *pkey;
+X509 *x509;
+EVP_MD *dgst;
+STACK *policy;
+TXT_DB *db;
+BIGNUM *serial;
+char *startdate;
 int days;
 int batch;
 int verbose;
@@ -1185,7 +1309,7 @@ X509_REQ *req;
 STACK *extensions;
 	{
 	X509_NAME *name=NULL,*CAname=NULL,*subject=NULL;
-	ASN1_UTCTIME *tm;
+	ASN1_UTCTIME *tm,*tmptm;
 	ASN1_STRING *str,*str2;
 	ASN1_OBJECT *obj;
 	X509 *ret=NULL;
@@ -1200,6 +1324,13 @@ STACK *extensions;
 	char *row[DB_NUMBER],**rrow,**irow=NULL;
 	char buf[25],*pbuf;
 
+	tmptm=ASN1_UTCTIME_new();
+	if (tmptm == NULL)
+		{
+		BIO_printf(bio_err,"malloc error\n");
+		return(0);
+		}
+
 	for (i=0; i<DB_NUMBER; i++)
 		row[i]=NULL;
 
@@ -1471,8 +1602,16 @@ again2:
 		goto err;
 
 	BIO_printf(bio_err,"Certificate is to be certified until ");
-	X509_gmtime_adj(X509_get_notBefore(ret),0);
-	X509_gmtime_adj(X509_get_notAfter(ret),(long)60*60*24*days);
+	if (strcmp(startdate,"today") == 0)
+		{
+		X509_gmtime_adj(X509_get_notBefore(ret),0);
+		X509_gmtime_adj(X509_get_notAfter(ret),(long)60*60*24*days);
+		}
+	else
+		{
+		/*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX*/
+		ASN1_UTCTIME_set_string(X509_get_notBefore(ret),startdate);
+		}
 	ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ret));
 	BIO_printf(bio_err," (%d days)\n",days);
 
@@ -1623,8 +1762,8 @@ int output_der;
 	BIO_puts(bp,"\n");
 	}
 
-static int certify_spkac(xret,infile,pkey,x509,dgst,policy,db,serial,days,
-	extensions,verbose)
+static int certify_spkac(xret,infile,pkey,x509,dgst,policy,db,serial,
+	startdate,days,extensions,verbose)
 X509 **xret;
 char *infile;
 EVP_PKEY *pkey;
@@ -1633,6 +1772,7 @@ EVP_MD *dgst;
 STACK *policy;
 TXT_DB *db;
 BIGNUM *serial;
+char *startdate;
 int days;
 STACK *extensions;
 int verbose;
@@ -1778,8 +1918,8 @@ int verbose;
 	BIO_printf(bio_err,"Signature ok\n");
 
 	X509_REQ_set_pubkey(req,pktmp);
-	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,days,1,verbose,req,
-		extensions);
+	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,
+		days,1,verbose,req,extensions);
 err:
 	if (req != NULL) X509_REQ_free(req);
 	if (parms != NULL) CONF_free(parms);
diff --git a/apps/cert.pem b/apps/cert.pem
new file mode 100644
index 0000000000..de4a77ac6d
--- /dev/null
+++ b/apps/cert.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBoDCCAUoCAQAwDQYJKoZIhvcNAQEEBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD
+VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw05NzA5MDkwMzQxMjZa
+Fw05NzEwMDkwMzQxMjZaMF4xCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0
+YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFzAVBgNVBAMT
+DkVyaWMgdGhlIFlvdW5nMFEwCQYFKw4DAgwFAANEAAJBALVEqPODnpI4rShlY8S7
+tB713JNvabvn6Gned7zylwLLiXQAo/PAT6mfdWPTyCX9RlId/Aroh1ou893BA32Q
+sggwDQYJKoZIhvcNAQEEBQADQQCU5SSgapJSdRXJoX+CpCvFy+JVh9HpSjCpSNKO
+19raHv98hKAUJuP9HyM+SUsffO6mAIgitUaqW8/wDMePhEC3
+-----END CERTIFICATE-----
diff --git a/apps/ciphers.c b/apps/ciphers.c
index 16ff2b4927..867196e393 100644
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -1,5 +1,5 @@
 /* apps/ciphers.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -59,7 +59,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#ifdef WIN16
+#ifdef NO_STDIO
 #define APPS_WIN16
 #endif
 #include "apps.h"
diff --git a/apps/crl.c b/apps/crl.c
index 9642ee5268..2c18374ee0 100644
--- a/apps/crl.c
+++ b/apps/crl.c
@@ -1,5 +1,5 @@
 /* apps/crl.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -109,7 +109,6 @@ char **argv;
 	BIO *out=NULL;
 	int informat,outformat;
 	char *infile=NULL,*outfile=NULL;
-	char *str=NULL;
 	int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0;
 	char **pp,buf[256];
 
@@ -117,7 +116,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	if (bio_out == NULL)
 		if ((bio_out=BIO_new(BIO_s_file())) != NULL)
@@ -209,7 +208,7 @@ bad:
 			if (issuer == i)
 				{
 				X509_NAME_oneline(x->crl->issuer,buf,256);
-				fprintf(stdout,"issuer= %s\n",str);
+				fprintf(stdout,"issuer= %s\n",buf);
 				}
 
 			if (hash == i)
@@ -226,7 +225,10 @@ bad:
 			if (nextupdate == i)
 				{
 				fprintf(stdout,"nextUpdate=");
-				ASN1_UTCTIME_print(bio_out,x->crl->nextUpdate);
+				if (x->crl->nextUpdate != NULL)
+					ASN1_UTCTIME_print(bio_out,x->crl->nextUpdate);
+				else
+					fprintf(stdout,"NONE");
 				fprintf(stdout,"\n");
 				}
 			}
@@ -259,8 +261,10 @@ bad:
 	else if (outformat == FORMAT_TEXT)
 		{
 		X509_REVOKED *r;
+		STACK *sk;
 
-		while ((r=(X509_REVOKED *)sk_pop(x->crl->revoked)) != NULL)
+		sk=sk_dup(x->crl->revoked);
+		while ((r=(X509_REVOKED *)sk_pop(sk)) != NULL)
 			{
 			fprintf(stdout,"revoked: serialNumber=");
 			i2a_ASN1_INTEGER(out,r->serialNumber);
@@ -268,6 +272,7 @@ bad:
 			ASN1_UTCTIME_print(bio_out,r->revocationDate);
 			fprintf(stdout,"\n");
 			}
+		sk_free(sk);
 		i=1;
 		}
 	else	
diff --git a/apps/crl2p7.c b/apps/crl2p7.c
index 04bb1a1c87..82a7829558 100644
--- a/apps/crl2p7.c
+++ b/apps/crl2p7.c
@@ -1,5 +1,5 @@
 /* apps/crl2p7.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -106,7 +106,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	infile=NULL;
 	outfile=NULL;
diff --git a/apps/dgst.c b/apps/dgst.c
index 6d7a1787f4..eea291db12 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -1,5 +1,5 @@
 /* apps/dgst.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -103,7 +103,7 @@ char **argv;
 		}
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	/* first check the program name */
         program_name(argv[0],pname,PROG_NAME_SIZE);
@@ -135,16 +135,16 @@ char **argv;
 		BIO_printf(bio_err,"unknown option '%s'\n",*argv);
 		BIO_printf(bio_err,"options are\n");
 		BIO_printf(bio_err,"-c   to output the digest with separating colons\n");
-		BIO_printf(bio_err,"-c   to output debug info\n");
-		BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm (default)\n",
+		BIO_printf(bio_err,"-d   to output debug info\n");
+		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
 			LN_md5,LN_md5);
-		BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
 			LN_md2,LN_md2);
-		BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
 			LN_sha1,LN_sha1);
-		BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
 			LN_sha,LN_sha);
-		BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
 			LN_mdc2,LN_mdc2);
 		err=1;
 		goto end;
diff --git a/apps/dh.c b/apps/dh.c
index 8a3bcfb886..bbf445e845 100644
--- a/apps/dh.c
+++ b/apps/dh.c
@@ -1,5 +1,5 @@
 /* apps/dh.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -95,7 +95,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	infile=NULL;
 	outfile=NULL;
diff --git a/apps/dsa.c b/apps/dsa.c
index 585116a677..fbd85a467a 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -1,5 +1,5 @@
 /* apps/dsa.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -99,7 +99,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	infile=NULL;
 	outfile=NULL;
diff --git a/apps/dsap.pem b/apps/dsap.pem
new file mode 100644
index 0000000000..d4dfdb3054
--- /dev/null
+++ b/apps/dsap.pem
@@ -0,0 +1,6 @@
+-----BEGIN DSA PARAMETERS-----
+MIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZS4J1PHvPrm9MXj5ntVheDPkdmBDTncya
+GAJcMjwsyB/GvLDGd6yGCw/8eF+09wIVAK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2
+t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjgtWiJc/tpvcuzeuAayH89UofjAGueKjXD
+ADiRffvSdhrNw5dkqdql
+-----END DSA PARAMETERS-----
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index e9485c0036..6e99289bd3 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -1,5 +1,5 @@
 /* apps/dsaparam.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -83,7 +83,7 @@
  */
 
 #ifndef NOPROTO
-static void MS_CALLBACK dsa_cb(int p, int n);
+static void MS_CALLBACK dsa_cb(int p, int n, char *arg);
 #else
 static void MS_CALLBACK dsa_cb();
 #endif
@@ -104,7 +104,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	infile=NULL;
 	outfile=NULL;
@@ -217,7 +217,8 @@ bad:
 
 		BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
 	        BIO_printf(bio_err,"This could take some time\n");
-	        dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL,dsa_cb);
+	        dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL,
+			dsa_cb,(char *)bio_err);
 		}
 	else if	(informat == FORMAT_ASN1)
 		dsa=d2i_DSAparams_bio(in,NULL);
@@ -322,9 +323,10 @@ end:
 	EXIT(ret);
 	}
 
-static void MS_CALLBACK dsa_cb(p, n)
+static void MS_CALLBACK dsa_cb(p, n, arg)
 int p;
 int n;
+char *arg;
 	{
 	char c='*';
 
@@ -332,8 +334,8 @@ int n;
 	if (p == 1) c='+';
 	if (p == 2) c='*';
 	if (p == 3) c='\n';
-	BIO_write(bio_err,&c,1);
-	BIO_flush(bio_err);
+	BIO_write((BIO *)arg,&c,1);
+	BIO_flush((BIO *)arg);
 #ifdef LINT
 	p=n;
 #endif
diff --git a/apps/eay.c b/apps/eay.c
index c7a59ca242..37d5dcbd30 100644
--- a/apps/eay.c
+++ b/apps/eay.c
@@ -1,5 +1,5 @@
 /* apps/eay.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/apps/enc.c b/apps/enc.c
index d7c990911f..c00d520b44 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -1,5 +1,5 @@
 /* apps/enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -96,7 +96,7 @@ char **argv;
 	char *str=NULL;
 	char *hkey=NULL,*hiv=NULL;
 	int enc=1,printkey=0,i,base64=0;
-	int debug=0;
+	int debug=0,olb64=0;
 	EVP_CIPHER *cipher=NULL,*c;
 	char *inf=NULL,*outf=NULL;
 	BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
@@ -107,7 +107,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	/* first check the program name */
         program_name(argv[0],pname,PROG_NAME_SIZE);
@@ -148,6 +148,8 @@ char **argv;
 			debug=1;
 		else if	(strcmp(*argv,"-P") == 0)
 			printkey=2;
+		else if	(strcmp(*argv,"-A") == 0)
+			olb64=1;
 		else if	(strcmp(*argv,"-a") == 0)
 			base64=1;
 		else if	(strcmp(*argv,"-base64") == 0)
@@ -281,6 +283,18 @@ bad:
 				LN_bf_cfb64, LN_bf_ofb64);
 			BIO_printf(bio_err," -%-4s (%s)\n","bf", LN_bf_cbc);
 #endif
+#ifndef NO_BLOWFISH
+			BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+				LN_cast5_ecb, LN_cast5_cbc,
+				LN_cast5_cfb64, LN_cast5_ofb64);
+			BIO_printf(bio_err," -%-4s (%s)\n","cast", LN_cast5_cbc);
+#endif
+#ifndef NO_BLOWFISH
+			BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+				LN_rc5_ecb, LN_rc5_cbc,
+				LN_rc5_cfb64, LN_rc5_ofb64);
+			BIO_printf(bio_err," -%-4s (%s)\n","rc5", LN_rc5_cbc);
+#endif
 			goto end;
 			}
 		argc--;
@@ -463,6 +477,8 @@ bad:
 			BIO_set_callback(b64,BIO_debug_callback);
 			BIO_set_callback_arg(b64,bio_err);
 			}
+		if (olb64)
+			BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
 		if (enc)
 			wbio=BIO_push(b64,wbio);
 		else
diff --git a/apps/errstr.c b/apps/errstr.c
index 6d0f9d137b..d2b2b3fcea 100644
--- a/apps/errstr.c
+++ b/apps/errstr.c
@@ -1,5 +1,5 @@
 /* apps/errstr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -80,7 +80,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	SSL_load_error_strings();
 
diff --git a/apps/ext.v3 b/apps/ext.v3
new file mode 100644
index 0000000000..87ee8e6173
--- /dev/null
+++ b/apps/ext.v3
@@ -0,0 +1,2 @@
+2.99999.3	SET.ex3		SET x509v3 extension 3
+
diff --git a/apps/g_ssleay.pl b/apps/g_ssleay.pl
index 237dd4c698..cd05fe6a78 100644
--- a/apps/g_ssleay.pl
+++ b/apps/g_ssleay.pl
@@ -57,14 +57,16 @@ foreach ("md2","md5","sha","sha1","mdc2")
 
 foreach (
 	"base64",
-	"des", "des3", "desx", "idea", "rc4", "rc2","bf",
+	"des", "des3", "desx", "idea", "rc4", "rc2","bf","cast","rc5",
 	"des-ecb", "des-ede",    "des-ede3",
 	"des-cbc", "des-ede-cbc","des-ede3-cbc",
 	"des-cfb", "des-ede-cfb","des-ede3-cfb",
 	"des-ofb", "des-ede-ofb","des-ede3-ofb",
 	"idea-cbc","idea-ecb",   "idea-cfb", "idea-ofb",
 	"rc2-cbc", "rc2-ecb",    "rc2-cfb",  "rc2-ofb",
-	"bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb")
+	"bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb",
+	"cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
+	"cast-cbc", "rc5-cbc",   "rc5-ecb",  "rc5-cfb",  "rc5-ofb")
 	{
 	push(@files,$_);
 
@@ -74,6 +76,8 @@ foreach (
 	elsif ($_ =~ /rc4/)  { $t="#ifndef NO_RC4\n${t}#endif\n"; }
 	elsif ($_ =~ /rc2/)  { $t="#ifndef NO_RC2\n${t}#endif\n"; }
 	elsif ($_ =~ /bf/)   { $t="#ifndef NO_BLOWFISH\n${t}#endif\n"; }
+	elsif ($_ =~ /cast/) { $t="#ifndef NO_CAST\n${t}#endif\n"; }
+	elsif ($_ =~ /rc5/)  { $t="#ifndef NO_RC5\n${t}#endif\n"; }
 	print $t;
 	}
 
diff --git a/apps/gendh.c b/apps/gendh.c
index b7b6d0fd62..2790f179fd 100644
--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -1,5 +1,5 @@
 /* apps/gendh.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -74,7 +74,7 @@
 #define PROG gendh_main
 
 #ifndef NOPROTO
-static void MS_CALLBACK dh_cb(int p, int n);
+static void MS_CALLBACK dh_cb(int p, int n, char *arg);
 static long dh_load_rand(char *names);
 #else
 static void MS_CALLBACK dh_cb();
@@ -97,7 +97,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	argv++;
 	argc--;
@@ -171,7 +171,7 @@ bad:
 
 	BIO_printf(bio_err,"Generating DH parameters, %d bit long strong prime, generator of %d\n",num,g);
 	BIO_printf(bio_err,"This is going to take a long time\n");
-	dh=DH_generate_parameters(num,g,dh_cb);
+	dh=DH_generate_parameters(num,g,dh_cb,(char *)bio_err);
 		
 	if (dh == NULL) goto end;
 
@@ -191,9 +191,10 @@ end:
 	EXIT(ret);
 	}
 
-static void MS_CALLBACK dh_cb(p, n)
+static void MS_CALLBACK dh_cb(p,n,arg)
 int p;
 int n;
+char *arg;
 	{
 	char c='*';
 
@@ -201,8 +202,8 @@ int n;
 	if (p == 1) c='+';
 	if (p == 2) c='*';
 	if (p == 3) c='\n';
-	BIO_write(bio_err,&c,1);
-	BIO_flush(bio_err);
+	BIO_write((BIO *)arg,&c,1);
+	BIO_flush((BIO *)arg);
 #ifdef LINT
 	p=n;
 #endif
diff --git a/apps/gendsa.c b/apps/gendsa.c
index 35f299a58b..e0e5afa400 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -1,5 +1,5 @@
 /* apps/gendsa.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -94,7 +94,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	argv++;
 	argc--;
@@ -135,7 +135,7 @@ bad:
 		}
 
 	in=BIO_new(BIO_s_file());
-	if (!(BIO_read_filename(in,"r")))
+	if (!(BIO_read_filename(in,"dsaparams")))
 		{
 		perror(dsaparams);
 		goto end;
diff --git a/apps/genrsa.c b/apps/genrsa.c
index 973175447f..cdba6189ad 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -1,5 +1,5 @@
 /* apps/genrsa.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -75,7 +75,7 @@
 #define PROG genrsa_main
 
 #ifndef NOPROTO
-static void MS_CALLBACK genrsa_cb(int p, int n);
+static void MS_CALLBACK genrsa_cb(int p, int n, char *arg);
 static long gr_load_rand(char *names);
 #else
 static void MS_CALLBACK genrsa_cb();
@@ -101,7 +101,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 	if ((out=BIO_new(BIO_s_file())) == NULL)
 		{
 		BIO_printf(bio_err,"unable to creat BIO for output\n");
@@ -201,7 +201,7 @@ bad:
 
 	BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
 		num);
-	rsa=RSA_generate_key(num,f4,genrsa_cb);
+	rsa=RSA_generate_key(num,f4,genrsa_cb,(char *)bio_err);
 		
 	if (randfile == NULL)
 		BIO_printf(bio_err,"unable to write 'random state'\n");
@@ -234,9 +234,10 @@ err:
 	EXIT(ret);
 	}
 
-static void MS_CALLBACK genrsa_cb(p, n)
+static void MS_CALLBACK genrsa_cb(p, n, arg)
 int p;
 int n;
+char *arg;
 	{
 	char c='*';
 
@@ -244,8 +245,8 @@ int n;
 	if (p == 1) c='+';
 	if (p == 2) c='*';
 	if (p == 3) c='\n';
-	BIO_write(bio_err,&c,1);
-	BIO_flush(bio_err);
+	BIO_write((BIO *)arg,&c,1);
+	BIO_flush((BIO *)arg);
 #ifdef LINT
 	p=n;
 #endif
diff --git a/apps/mklinks b/apps/mklinks
index 6423613383..55a56b399e 100644
--- a/apps/mklinks
+++ b/apps/mklinks
@@ -1,5 +1,5 @@
 #!/bin/sh
-for i in verify asn1parse req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb 
+for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb 
 do
 echo making symlink for $i
 /bin/rm -f $i
diff --git a/apps/openssl.c b/apps/openssl.c
index f69f14aa2e..eac411b854 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -1,5 +1,5 @@
 /* apps/ssleay.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -56,14 +56,13 @@
  * [including the GNU Public Licence.]
  */
 
-#define DEBUG
+#ifndef DEBUG
+#undef DEBUG
+#endif
 
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
-#ifdef WIN16
-#define APPS_WIN16
-#endif
 #include "bio.h"
 #include "crypto.h"
 #include "lhash.h"
@@ -78,19 +77,22 @@
 #include "s_apps.h"
 #include "err.h"
 
+/*
+#ifdef WINDOWS
+#include "bss_file.c"
+#endif
+*/
 
 #ifndef NOPROTO
 static unsigned long MS_CALLBACK hash(FUNCTION *a);
 static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b);
 static LHASH *prog_init(void );
 static int do_cmd(LHASH *prog,int argc,char *argv[]);
-static void sig_stop(int i);
 #else
 static unsigned long MS_CALLBACK hash();
 static int MS_CALLBACK cmp();
 static LHASH *prog_init();
 static int do_cmd();
-static void sig_stop();
 #endif
 
 LHASH *config=NULL;
@@ -143,7 +145,7 @@ char *Argv[];
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
 
@@ -224,6 +226,7 @@ char *Argv[];
 			}
 		if (ret != 0)
 			BIO_printf(bio_err,"error in %s\n",argv[0]);
+		BIO_flush(bio_err);
 		}
 	BIO_printf(bio_err,"bad exit\n");
 	ret=1;
diff --git a/apps/pem_mail.c b/apps/pem_mail.c
index e48c358f72..64e04acb52 100644
--- a/apps/pem_mail.c
+++ b/apps/pem_mail.c
@@ -1,5 +1,5 @@
 /* apps/pem_mail.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/apps/pkcs7.c b/apps/pkcs7.c
index 47bd7564a9..4105dbd9ef 100644
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -1,5 +1,5 @@
 /* apps/pkcs7.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -87,7 +87,9 @@ char **argv;
 	{
 	PKCS7 *p7=NULL;
 	int i,badops=0;
+#if !defined(NO_DES) || !defined(NO_IDEA)
 	EVP_CIPHER *enc=NULL;
+#endif
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat;
 	char *infile,*outfile,*prog,buf[256];
@@ -98,7 +100,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	infile=NULL;
 	outfile=NULL;
diff --git a/apps/privkey.pem b/apps/privkey.pem
index 8308004d5b..b567e411b2 100644
--- a/apps/privkey.pem
+++ b/apps/privkey.pem
@@ -1,15 +1,11 @@
 -----BEGIN DSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,2221AF3DAA41AB24
+DEK-Info: DES-EDE3-CBC,1BF8E9CE60B9941C
 
-IOx3ubYOV2SETDSWiuG4bsioEl7jA2CulYKAJvIfy8z5GI+08NwptNOUqbMhDV1s
-156KhUvBvG48uz9mxcOyHjZRD0HNixGNMXDaFJSajINFoGtmYZRc20DEoY6buzsi
-E76GK95cJHsjJsdNrdggIJRTaiLayLzsMFVDrKhmaJVTKlBpcdnFM4BEKSyD2H5N
-OllrfK6GgmlH+WVXU9AlXoy5Jm0YXT7i5bPCB5eDDL/GkTISFHZsnEYpHCrMARsw
-5V15dYEwFc6NA/psBGk1qS2CHVIOYNcfCfndR90+UCos+rMBkcQDfvxI95+L8dbS
-ONJJrUqiCHV/zYSE+aXZN001mJJLvHOW65YbgdwSOfiowcv7HPbFrGdwOOJvSEx2
-d571YvqfsaDojwR5KLgfFDSwVBwzo/mfcFeVrT9Q8LwPL4/dwwoElWTmYbSaW0uZ
-Ov73xRUbVGa5LTJoGbFVMvjpmEO2qtBsx7vq9AT8v8gDzYSuEafyC7d0h85EIfTJ
-wPlIN3xKTiqFpp/eFCkdKqNn826NoC1TgQuoCBIrJ8gZsIr1l8R+iAuGxKGPASoF
-cyqnpcqGgaaTrxnk9cX4dQ==
+JuhgIvVRrxCRedTTC9ABlIByMsq6IcpqyDZwOPS4rxTtVWvjj1BMHtoCebK7CKMZ
+dLsvztfSkdAYmTGK62C73RwlmnMxB4JXhTLaoAX2eL9iylojTWRg+/0Y4rbIKmUe
+hrmwrHld7vnfE9XHL8OoaFp6aJ8BB9B8HIfdJMnrNcTWJSGS6gYPTWPdm7ZCykEV
+2fFEX6IqWjBjaRm36Esj5mHLRVhBbi2n/jy5IhZeqjEsQ8adYGUulzPSe5xc2JZa
++OO4ch/RRqWTFP59eNPfdke3UE7uNlUhPnYDAOXhSdMJBzI+T9RQXU2y/tMOrYYK
+3+jNQcQ9q1Xy1s5dz/BOvw==
 -----END DSA PRIVATE KEY-----
diff --git a/apps/progs.h b/apps/progs.h
index 50e2ca4a4c..ec00396ed7 100644
--- a/apps/progs.h
+++ b/apps/progs.h
@@ -6,7 +6,6 @@ extern int dgst_main(int argc,char *argv[]);
 extern int dh_main(int argc,char *argv[]);
 extern int enc_main(int argc,char *argv[]);
 extern int gendh_main(int argc,char *argv[]);
-extern int gendsa_main(int argc,char *argv[]);
 extern int errstr_main(int argc,char *argv[]);
 extern int ca_main(int argc,char *argv[]);
 extern int crl_main(int argc,char *argv[]);
@@ -32,7 +31,6 @@ extern int dgst_main();
 extern int dh_main();
 extern int enc_main();
 extern int gendh_main();
-extern int gendsa_main();
 extern int errstr_main();
 extern int ca_main();
 extern int crl_main();
@@ -78,9 +76,6 @@ FUNCTION functions[] = {
 #ifndef NO_DH
 	{FUNC_TYPE_GENERAL,"gendh",gendh_main},
 #endif
-#ifndef NO_DSA
-	{FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
-#endif
 	{FUNC_TYPE_GENERAL,"errstr",errstr_main},
 #ifndef NO_RSA
 	{FUNC_TYPE_GENERAL,"ca",ca_main},
@@ -145,6 +140,12 @@ FUNCTION functions[] = {
 #ifndef NO_BLOWFISH
 	{FUNC_TYPE_CIPHER,"bf",enc_main},
 #endif
+#ifndef NO_CAST
+	{FUNC_TYPE_CIPHER,"cast",enc_main},
+#endif
+#ifndef NO_RC5
+	{FUNC_TYPE_CIPHER,"rc5",enc_main},
+#endif
 #ifndef NO_DES
 	{FUNC_TYPE_CIPHER,"des-ecb",enc_main},
 #endif
@@ -217,6 +218,33 @@ FUNCTION functions[] = {
 #ifndef NO_BLOWFISH
 	{FUNC_TYPE_CIPHER,"bf-ofb",enc_main},
 #endif
+#ifndef NO_CAST
+	{FUNC_TYPE_CIPHER,"cast5-cbc",enc_main},
+#endif
+#ifndef NO_CAST
+	{FUNC_TYPE_CIPHER,"cast5-ecb",enc_main},
+#endif
+#ifndef NO_CAST
+	{FUNC_TYPE_CIPHER,"cast5-cfb",enc_main},
+#endif
+#ifndef NO_CAST
+	{FUNC_TYPE_CIPHER,"cast5-ofb",enc_main},
+#endif
+#ifndef NO_CAST
+	{FUNC_TYPE_CIPHER,"cast-cbc",enc_main},
+#endif
+#ifndef NO_RC5
+	{FUNC_TYPE_CIPHER,"rc5-cbc",enc_main},
+#endif
+#ifndef NO_RC5
+	{FUNC_TYPE_CIPHER,"rc5-ecb",enc_main},
+#endif
+#ifndef NO_RC5
+	{FUNC_TYPE_CIPHER,"rc5-cfb",enc_main},
+#endif
+#ifndef NO_RC5
+	{FUNC_TYPE_CIPHER,"rc5-ofb",enc_main},
+#endif
 	{0,NULL,NULL}
 	};
 #endif
diff --git a/apps/progs.pl b/apps/progs.pl
index 237dd4c698..cd05fe6a78 100644
--- a/apps/progs.pl
+++ b/apps/progs.pl
@@ -57,14 +57,16 @@ foreach ("md2","md5","sha","sha1","mdc2")
 
 foreach (
 	"base64",
-	"des", "des3", "desx", "idea", "rc4", "rc2","bf",
+	"des", "des3", "desx", "idea", "rc4", "rc2","bf","cast","rc5",
 	"des-ecb", "des-ede",    "des-ede3",
 	"des-cbc", "des-ede-cbc","des-ede3-cbc",
 	"des-cfb", "des-ede-cfb","des-ede3-cfb",
 	"des-ofb", "des-ede-ofb","des-ede3-ofb",
 	"idea-cbc","idea-ecb",   "idea-cfb", "idea-ofb",
 	"rc2-cbc", "rc2-ecb",    "rc2-cfb",  "rc2-ofb",
-	"bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb")
+	"bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb",
+	"cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
+	"cast-cbc", "rc5-cbc",   "rc5-ecb",  "rc5-cfb",  "rc5-ofb")
 	{
 	push(@files,$_);
 
@@ -74,6 +76,8 @@ foreach (
 	elsif ($_ =~ /rc4/)  { $t="#ifndef NO_RC4\n${t}#endif\n"; }
 	elsif ($_ =~ /rc2/)  { $t="#ifndef NO_RC2\n${t}#endif\n"; }
 	elsif ($_ =~ /bf/)   { $t="#ifndef NO_BLOWFISH\n${t}#endif\n"; }
+	elsif ($_ =~ /cast/) { $t="#ifndef NO_CAST\n${t}#endif\n"; }
+	elsif ($_ =~ /rc5/)  { $t="#ifndef NO_RC5\n${t}#endif\n"; }
 	print $t;
 	}
 
diff --git a/apps/req.c b/apps/req.c
index 9b6041e179..f51345f5a2 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -1,5 +1,5 @@
 /* apps/req.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -60,7 +60,7 @@
 #include <stdlib.h>
 #include <time.h>
 #include <string.h>
-#ifdef WIN16
+#ifdef NO_STDIO
 #define APPS_WIN16
 #endif
 #include "apps.h"
@@ -111,7 +111,7 @@ static int add_attribute_object(STACK *n, char *text, char *def,
 	char *value, int nid,int min,int max);
 static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
 	int nid,int min,int max);
-static void MS_CALLBACK req_cb(int p,int n);
+static void MS_CALLBACK req_cb(int p,int n,char *arg);
 static int req_fix_data(int nid,int *type,int len,int min,int max);
 #else
 static int make_REQ();
@@ -135,7 +135,9 @@ int MAIN(argc, argv)
 int argc;
 char **argv;
 	{
+#ifndef NO_DSA
 	DSA *dsa_params=NULL;
+#endif
 	int ex=1,x509=0,days=30;
 	X509 *x509ss=NULL;
 	X509_REQ *req=NULL;
@@ -160,7 +162,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	infile=NULL;
 	outfile=NULL;
@@ -228,7 +230,9 @@ char **argv;
 				p+=4;
 				newkey= atoi(p);
 				}
-			else if (strncmp("dsa:",p,4) == 0)
+			else
+#ifndef NO_DSA
+				if (strncmp("dsa:",p,4) == 0)
 				{
 				X509 *xtmp=NULL;
 				EVP_PKEY *dtmp;
@@ -249,6 +253,9 @@ char **argv;
 						BIO_printf(bio_err,"unable to load DSA parameters from file\n");
 						goto end;
 						}
+
+					/* This will 'disapear'
+					 * when we free xtmp */
 					dtmp=X509_get_pubkey(xtmp);
 					if (dtmp->type == EVP_PKEY_DSA)
 						dsa_params=DSAparams_dup(dtmp->pkey.dsa);
@@ -258,18 +265,21 @@ char **argv;
 						BIO_printf(bio_err,"Certificate does not contain DSA parameters\n");
 						goto end;
 						}
-					
 					}
 				BIO_free(in);
 				newkey=BN_num_bits(dsa_params->p);
 				in=NULL;
 				}
-			else if (strncmp("dh:",p,4) == 0)
+			else 
+#endif
+#ifndef NO_DH
+				if (strncmp("dh:",p,4) == 0)
 				{
 				pkey_type=TYPE_DH;
 				p+=3;
 				}
 			else
+#endif
 				pkey_type=TYPE_RSA;
 
 			newreq=1;
@@ -463,7 +473,8 @@ bad:
 		if (pkey_type == TYPE_RSA)
 			{
 			if (!EVP_PKEY_assign_RSA(pkey,
-				RSA_generate_key(newkey,0x10001,req_cb)))
+				RSA_generate_key(newkey,0x10001,
+					req_cb,(char *)bio_err)))
 				goto end;
 			}
 		else
@@ -559,8 +570,10 @@ loop:
 
 	if (newreq || x509)
 		{
+#ifndef NO_DSA
 		if (pkey->type == EVP_PKEY_DSA)
 			digest=EVP_dss1();
+#endif
 
 		if (pkey == NULL)
 			{
@@ -733,7 +746,9 @@ end:
 	if (pkey != NULL) EVP_PKEY_free(pkey);
 	if (req != NULL) X509_REQ_free(req);
 	if (x509ss != NULL) X509_free(x509ss);
+#ifndef NO_DSA
 	if (dsa_params != NULL) DSA_free(dsa_params);
+#endif
 	EXIT(ex);
 	}
 
@@ -743,7 +758,7 @@ EVP_PKEY *pkey;
 int attribs;
 	{
 	int ret=0,i,j;
-	unsigned char *p;
+	unsigned char *p,*q;
 	X509_REQ_INFO *ri;
 	char buf[100];
 	int nid,min,max;
@@ -800,19 +815,43 @@ start:		for (;;)
 			if ((int)sk_num(sk) <= i) break;
 
 			v=(CONF_VALUE *)sk_value(sk,i);
-			p=NULL;
+			p=q=NULL;
 			type=v->name;
+			/* Allow for raw OIDs */
+			/* [n.mm.ooo.ppp] */
 			for (j=0; type[j] != '\0'; j++)
 				{
 				if (	(type[j] == ':') ||
 					(type[j] == ',') ||
 					(type[j] == '.'))
-					p= (unsigned char *)&(type[j+1]);
+					p=(unsigned char *)&(type[j+1]);
+				if (type[j] == '[')
+					{
+					p=(unsigned char *)&(type[j+1]);
+					for (j++; type[j] != '\0'; j++)
+						if (type[j] == ']')
+							{
+							q=(unsigned char *)&(type[j]);
+							break;
+							}
+					break;
+					}
 				}
 			if (p != NULL)
 				type=(char *)p;
 			if ((nid=OBJ_txt2nid(type)) == NID_undef)
-				goto start;
+				{
+				/* Add a new one if possible */
+				if ((p != NULL) && (q != NULL) && (*q == ']'))
+					{
+					*q='\0';
+					nid=OBJ_create((char *)p,NULL,NULL);
+					*q=']';
+					if (nid == NID_undef) goto start;
+					}
+				else
+					goto start;
+				}
 
 			sprintf(buf,"%s_default",v->name);
 			if ((def=CONF_get_string(req_conf,tmp,buf)) == NULL)
@@ -1044,9 +1083,10 @@ err:
 	return(0);
 	}
 
-static void MS_CALLBACK req_cb(p, n)
+static void MS_CALLBACK req_cb(p,n,arg)
 int p;
 int n;
+char *arg;
 	{
 	char c='*';
 
@@ -1054,8 +1094,8 @@ int n;
 	if (p == 1) c='+';
 	if (p == 2) c='*';
 	if (p == 3) c='\n';
-	BIO_write(bio_err,&c,1);
-	BIO_flush(bio_err);
+	BIO_write((BIO *)arg,&c,1);
+	BIO_flush((BIO *)arg);
 #ifdef LINT
 	p=n;
 #endif
diff --git a/apps/req.pem b/apps/req.pem
new file mode 100644
index 0000000000..5537df601d
--- /dev/null
+++ b/apps/req.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBlzCCAVcCAQAwXjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMORXJp
+YyB0aGUgWW91bmcwge8wgaYGBSsOAwIMMIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZ
+S4J1PHvPrm9MXj5ntVheDPkdmBDTncyaGAJcMjwsyB/GvLDGd6yGCw/8eF+09wIV
+AK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjg
+tWiJc/tpvcuzeuAayH89UofjAGueKjXDADiRffvSdhrNw5dkqdqlA0QAAkEAtUSo
+84OekjitKGVjxLu0HvXck29pu+foad53vPKXAsuJdACj88BPqZ91Y9PIJf1GUh38
+CuiHWi7z3cEDfZCyCKAAMAkGBSsOAwIbBQADLwAwLAIUTg8amKVBE9oqC5B75dDQ
+Chy3LdQCFHKodGEj3LjuTzdm/RTe2KZL9Uzf
+-----END CERTIFICATE REQUEST-----
diff --git a/apps/rmlinks b/apps/rmlinks
index 54bc996f11..7c4f8983ba 100644
--- a/apps/rmlinks
+++ b/apps/rmlinks
@@ -1,5 +1,5 @@
 #!/bin/sh
-for i in verify asn1parse req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb 
+for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb 
 do
 echo removing $i
 /bin/rm -f $i
diff --git a/apps/rsa.c b/apps/rsa.c
index 9f2df771bd..267b12b15e 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -1,5 +1,5 @@
 /* apps/rsa.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -99,7 +99,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	infile=NULL;
 	outfile=NULL;
diff --git a/apps/s_apps.h b/apps/s_apps.h
index 685767454a..ba320946be 100644
--- a/apps/s_apps.h
+++ b/apps/s_apps.h
@@ -1,5 +1,5 @@
 /* apps/s_apps.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,9 +79,8 @@ int nbio_init_client_ip(int *sock,unsigned char ip[4], int port);
 int nbio_sock_error(int sock);
 int spawn(int argc, char **argv, int *in, int *out);
 int init_server(int *sock, int port);
+int init_server_long(int *sock, int port,char *ip);
 int should_retry(int i);
-int sock_err(void );
-int socket_ioctl(int, long,unsigned long *);
 void sock_cleanup(void );
 int extract_port(char *str, short *port_ptr);
 int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
@@ -108,8 +107,6 @@ int nbio_sock_error();
 int spawn();
 int init_server();
 int should_retry();
-int sock_err();
-int socket_ioctl();
 void sock_cleanup();
 int extract_port();
 int extract_host_port();
diff --git a/apps/s_cb.c b/apps/s_cb.c
index 712a043311..cd086bb93e 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -1,5 +1,5 @@
 /* apps/s_cb.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -71,7 +71,6 @@
 int verify_depth=0;
 int verify_error=X509_V_OK;
 
-/* should be X509 * but we can just have them as char *. */
 int MS_CALLBACK verify_callback(ok, ctx)
 int ok;
 X509_STORE_CTX *ctx;
@@ -137,7 +136,7 @@ char *key_file;
 		if (SSL_CTX_use_certificate_file(ctx,cert_file,
 			SSL_FILETYPE_PEM) <= 0)
 			{
-			BIO_printf(bio_err,"unable to set certificate file\n");
+			BIO_printf(bio_err,"unable to get certificate from '%s'\n",cert_file);
 			ERR_print_errors(bio_err);
 			return(0);
 			}
@@ -145,7 +144,7 @@ char *key_file;
 		if (SSL_CTX_use_PrivateKey_file(ctx,key_file,
 			SSL_FILETYPE_PEM) <= 0)
 			{
-			BIO_printf(bio_err,"unable to set public key file\n");
+			BIO_printf(bio_err,"unable to get private key from '%s'\n",key_file);
 			ERR_print_errors(bio_err);
 			return(0);
 			}
diff --git a/apps/s_client.c b/apps/s_client.c
index b5dc238878..e783eb723c 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1,5 +1,5 @@
 /* apps/s_client.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -60,7 +60,7 @@
 #include <stdlib.h>
 #include <string.h>
 #define USE_SOCKETS
-#ifdef WIN16
+#ifdef NO_STDIO
 #define APPS_WIN16
 #endif
 #include "apps.h"
@@ -127,6 +127,8 @@ static void sc_usage()
 	BIO_printf(bio_err," -quiet        - no s_client output\n");
 	BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
 	BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
+	BIO_printf(bio_err," -tls1         - just use TLSv1\n");
+	BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
 	BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
 	BIO_printf(bio_err," -cipher       - prefered cipher to use, use the 'ssleay ciphers'\n");
 	BIO_printf(bio_err,"                 command to se what is available\n");
@@ -137,6 +139,7 @@ int MAIN(argc, argv)
 int argc;
 char **argv;
 	{
+	int off=0;
 	SSL *con=NULL,*con2=NULL;
 	int s,k,width,state=0;
 	char *cbuf=NULL,*sbuf=NULL;
@@ -165,6 +168,7 @@ char **argv;
 #endif
 
 	apps_startup();
+	c_Pause=0;
 	c_quiet=0;
 	c_debug=0;
 
@@ -235,6 +239,10 @@ char **argv;
 		else if	(strcmp(*argv,"-ssl3") == 0)
 			meth=SSLv3_client_method();
 #endif
+#ifndef NO_TLS1
+		else if	(strcmp(*argv,"-tls1") == 0)
+			meth=TLSv1_client_method();
+#endif
 		else if (strcmp(*argv,"-bugs") == 0)
 			bugs=1;
 		else if	(strcmp(*argv,"-key") == 0)
@@ -256,6 +264,12 @@ char **argv;
 			if (--argc < 1) goto bad;
 			CAfile= *(++argv);
 			}
+		else if (strcmp(*argv,"-no_tls1") == 0)
+			off|=SSL_OP_NO_TLSv1;
+		else if (strcmp(*argv,"-no_ssl3") == 0)
+			off|=SSL_OP_NO_SSLv3;
+		else if (strcmp(*argv,"-no_ssl2") == 0)
+			off|=SSL_OP_NO_SSLv2;
 		else if	(strcmp(*argv,"-cipher") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -302,7 +316,10 @@ bad:
 		goto end;
 		}
 
-	if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);
+	if (bugs)
+		SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
+	else
+		SSL_CTX_set_options(ctx,off);
 
 	if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
 	if (cipher != NULL)
@@ -319,20 +336,21 @@ bad:
 	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
 		(!SSL_CTX_set_default_verify_paths(ctx)))
 		{
-		BIO_printf(bio_err,"error seting default verify locations\n");
+		/* BIO_printf(bio_err,"error seting default verify locations\n"); */
 		ERR_print_errors(bio_err);
-		goto end;
+		/* goto end; */
 		}
 
 	SSL_load_error_strings();
 
 	con=(SSL *)SSL_new(ctx);
+/*	SSL_set_cipher_list(con,"RC4-MD5"); */
 
 re_start:
 
 	if (init_client(&s,host,port) == 0)
 		{
-		BIO_printf(bio_err,"connect:errno=%d\n",errno);
+		BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
 		SHUTDOWN(s);
 		goto end;
 		}
@@ -343,7 +361,11 @@ re_start:
 		{
 		unsigned long l=1;
 		BIO_printf(bio_c_out,"turning on non blocking io\n");
-		socket_ioctl(s,FIONBIO,&l);
+		if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)
+			{
+			ERR_print_errors(bio_err);
+			goto end;
+			}
 		}
 #endif                                              
 	if (c_Pause & 0x01) con->debug=1;
@@ -386,7 +408,7 @@ re_start:
 		FD_ZERO(&readfds);
 		FD_ZERO(&writefds);
 
-		if (SSL_in_init(con))
+		if (SSL_in_init(con) && !SSL_total_renegotiations(con))
 			{
 			in_init=1;
 			tty_on=0;
@@ -427,11 +449,11 @@ re_start:
 /*		printf("mode tty(%d %d%d) ssl(%d%d)\n",
 			tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
 
-/*		printf("pending=%d\n",SSL_pending(con)); */
 		i=select(width,&readfds,&writefds,NULL,NULL);
 		if ( i < 0)
 			{
-			BIO_printf(bio_err,"bad select %d\n",sock_err());
+			BIO_printf(bio_err,"bad select %d\n",
+				get_last_socket_error());
 			goto shut;
 			/* goto end; */
 			}
@@ -489,7 +511,7 @@ re_start:
 				if ((k != 0) || (cbuf_len != 0))
 					{
 					BIO_printf(bio_err,"write:errno=%d\n",
-						errno);
+						get_last_socket_error());
 					goto shut;
 					}
 				else
@@ -526,7 +548,10 @@ re_start:
 #endif
 		else if (FD_ISSET(SSL_get_fd(con),&readfds))
 			{
-			k=SSL_read(con,sbuf,BUFSIZZ);
+#ifdef RENEG
+{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
+#endif
+			k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
 
 			switch (SSL_get_error(con,k))
 				{
@@ -555,7 +580,7 @@ re_start:
 				BIO_printf(bio_c_out,"read X BLOCK\n");
 				break;
 			case SSL_ERROR_SYSCALL:
-				BIO_printf(bio_err,"read:errno=%d\n",errno);
+				BIO_printf(bio_err,"read:errno=%d\n",get_last_socket_error());
 				goto shut;
 			case SSL_ERROR_ZERO_RETURN:
 				BIO_printf(bio_c_out,"closed\n");
@@ -619,7 +644,7 @@ BIO *bio;
 SSL *s;
 int full;
 	{
-	X509 *peer;
+	X509 *peer=NULL;
 	char *p;
 	static char *space="                ";
 	char buf[BUFSIZ];
@@ -657,7 +682,6 @@ int full;
 			X509_NAME_oneline(X509_get_issuer_name(peer),
 				buf,BUFSIZ);
 			BIO_printf(bio,"issuer=%s\n",buf);
-			X509_free(peer);
 			}
 		else
 			BIO_printf(bio,"no peer certificate available\n");
@@ -687,7 +711,7 @@ int full;
 				{
 				if (*p == ':')
 					{
-					BIO_write(bio,space,15-j);
+					BIO_write(bio,space,15-j%25);
 					i++;
 					j=0;
 					BIO_write(bio,((i%3)?" ":"\n"),1);
@@ -711,7 +735,12 @@ int full;
 	BIO_printf(bio,"%s, Cipher is %s\n",
 		SSL_CIPHER_get_version(c),
 		SSL_CIPHER_get_name(c));
+	if (peer != NULL)
+		BIO_printf(bio,"Server public key is %d bit\n",
+			EVP_PKEY_bits(X509_get_pubkey(peer)));
 	SSL_SESSION_print(bio,SSL_get_session(s));
 	BIO_printf(bio,"---\n");
+	if (peer != NULL)
+		X509_free(peer);
 	}
 
diff --git a/apps/s_server.c b/apps/s_server.c
index d1e406c7b4..5012ef254d 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1,5 +1,5 @@
 /* apps/s_server.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -61,7 +61,7 @@
 #include <string.h>
 #include <sys/types.h>
 #include <sys/stat.h>
-#ifdef WIN16
+#ifdef NO_STDIO
 #define APPS_WIN16
 #endif
 #include "lhash.h"
@@ -82,8 +82,11 @@ static void close_accept_socket(void );
 static void sv_usage(void);
 static int init_ssl_connection(SSL *s);
 static void print_stats(BIO *bp,SSL_CTX *ctx);
+#ifndef NO_DH
 static DH *load_dh_param(void );
 static DH *get_dh512(void);
+#endif
+/* static void s_server_init(void);*/
 #else
 static RSA MS_CALLBACK *tmp_rsa_cb();
 static int sv_body();
@@ -92,15 +95,19 @@ static void close_accept_socket();
 static void sv_usage();
 static int init_ssl_connection();
 static void print_stats();
+#ifndef NO_DH
 static DH *load_dh_param();
 static DH *get_dh512();
 #endif
+/* static void s_server_init(); */
+#endif
 
 
 #ifndef S_ISDIR
 #define S_ISDIR(a)	(((a) & _S_IFMT) == _S_IFDIR)
 #endif
 
+#ifndef NO_DH
 static unsigned char dh512_p[]={
 	0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
 	0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
@@ -117,15 +124,14 @@ static DH *get_dh512()
 	{
 	DH *dh=NULL;
 
-#ifndef NO_DH
 	if ((dh=DH_new()) == NULL) return(NULL);
 	dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
 	dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
 	if ((dh->p == NULL) || (dh->g == NULL))
 		return(NULL);
-#endif
 	return(dh);
 	}
+#endif
 
 /* static int load_CA(SSL_CTX *ctx, char *file);*/
 
@@ -142,8 +148,9 @@ static int accept_socket= -1;
 extern int verify_depth;
 
 static char *cipher=NULL;
-int verify=SSL_VERIFY_NONE;
-char *s_cert_file=TEST_CERT,*s_key_file=NULL;
+static int s_server_verify=SSL_VERIFY_NONE;
+static char *s_cert_file=TEST_CERT,*s_key_file=NULL;
+static char *s_dcert_file=NULL,*s_dkey_file=NULL;
 #ifdef FIONBIO
 static int s_nbio=0;
 #endif
@@ -155,11 +162,33 @@ static BIO *bio_s_out=NULL;
 static int s_debug=0;
 static int s_quiet=0;
 
+#if 0
+static void s_server_init()
+	{
+	cipher=NULL;
+	s_server_verify=SSL_VERIFY_NONE;
+	s_dcert_file=NULL;
+	s_dkey_file=NULL;
+	s_cert_file=TEST_CERT;
+	s_key_file=NULL;
+#ifdef FIONBIO
+	s_nbio=0;
+#endif
+	s_nbio_test=0;
+	ctx=NULL;
+	www=0;
+
+	bio_s_out=NULL;
+	s_debug=0;
+	s_quiet=0;
+	}
+#endif
+
 static void sv_usage()
 	{
 	BIO_printf(bio_err,"usage: s_server [args ...]\n");
 	BIO_printf(bio_err,"\n");
-	BIO_printf(bio_err," -accpet arg   - port to accept on (default is %d\n",PORT);
+	BIO_printf(bio_err," -accept arg   - port to accept on (default is %d\n",PORT);
 	BIO_printf(bio_err," -verify arg   - turn on peer certificate verification\n");
 	BIO_printf(bio_err," -Verify arg   - turn on peer certificate verification, must have a cert.\n");
 	BIO_printf(bio_err," -cert arg     - certificate file to use, PEM format assumed\n");
@@ -180,14 +209,18 @@ static void sv_usage()
 	BIO_printf(bio_err," -no_tmp_rsa   - Do not generate a tmp RSA key\n");
 	BIO_printf(bio_err," -ssl2         - Just talk SSLv2\n");
 	BIO_printf(bio_err," -ssl3         - Just talk SSLv3\n");
+	BIO_printf(bio_err," -tls1         - Just talk TLSv1\n");
+	BIO_printf(bio_err," -no_ssl2      - Just disable SSLv2\n");
+	BIO_printf(bio_err," -no_ssl3      - Just disable SSLv3\n");
+	BIO_printf(bio_err," -no_tls1      - Just disable TLSv1\n");
 	BIO_printf(bio_err," -bugs         - Turn on SSL bug compatability\n");
 	BIO_printf(bio_err," -www          - Respond to a 'GET /' with a status page\n");
 	BIO_printf(bio_err," -WWW          - Returns requested page from to a 'GET <path> HTTP/1.0'\n");
 	}
 
-static int local_argc;
+static int local_argc=0;
 static char **local_argv;
-static int hack;
+static int hack=0;
 
 int MAIN(argc, argv)
 int argc;
@@ -197,10 +230,13 @@ char *argv[];
 	char *CApath=NULL,*CAfile=NULL;
 	int badop=0,bugs=0;
 	int ret=1;
+	int off=0;
 	int no_tmp_rsa=0,nocert=0;
 	int state=0;
 	SSL_METHOD *meth=NULL;
+#ifndef NO_DH
 	DH *dh=NULL;
+#endif
 
 #if !defined(NO_SSL2) && !defined(NO_SSL3)
 	meth=SSLv23_server_method();
@@ -240,14 +276,14 @@ char *argv[];
 			}
 		else if	(strcmp(*argv,"-verify") == 0)
 			{
-			verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
+			s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
 			if (--argc < 1) goto bad;
 			verify_depth=atoi(*(++argv));
 			BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
 			}
 		else if	(strcmp(*argv,"-Verify") == 0)
 			{
-			verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT|
+			s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT|
 				SSL_VERIFY_CLIENT_ONCE;
 			if (--argc < 1) goto bad;
 			verify_depth=atoi(*(++argv));
@@ -263,6 +299,16 @@ char *argv[];
 			if (--argc < 1) goto bad;
 			s_key_file= *(++argv);
 			}
+		else if	(strcmp(*argv,"-dcert") == 0)
+			{
+			if (--argc < 1) goto bad;
+			s_dcert_file= *(++argv);
+			}
+		else if	(strcmp(*argv,"-dkey") == 0)
+			{
+			if (--argc < 1) goto bad;
+			s_dkey_file= *(++argv);
+			}
 		else if (strcmp(*argv,"-nocert") == 0)
 			{
 			nocert=1;
@@ -309,6 +355,12 @@ char *argv[];
 			{ www=1; }
 		else if	(strcmp(*argv,"-WWW") == 0)
 			{ www=2; }
+		else if	(strcmp(*argv,"-no_ssl2") == 0)
+			{ off|=SSL_OP_NO_SSLv2; }
+		else if	(strcmp(*argv,"-no_ssl3") == 0)
+			{ off|=SSL_OP_NO_SSLv3; }
+		else if	(strcmp(*argv,"-no_tls1") == 0)
+			{ off|=SSL_OP_NO_TLSv1; }
 #ifndef NO_SSL2
 		else if	(strcmp(*argv,"-ssl2") == 0)
 			{ meth=SSLv2_server_method(); }
@@ -317,6 +369,10 @@ char *argv[];
 		else if	(strcmp(*argv,"-ssl3") == 0)
 			{ meth=SSLv3_server_method(); }
 #endif
+#ifndef NO_TLS1
+		else if	(strcmp(*argv,"-tls1") == 0)
+			{ meth=TLSv1_server_method(); }
+#endif
 		else
 			{
 			BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -352,6 +408,8 @@ bad:
 		{
 		s_cert_file=NULL;
 		s_key_file=NULL;
+		s_dcert_file=NULL;
+		s_dkey_file=NULL;
 		}
 
 	SSL_load_error_strings();
@@ -364,12 +422,16 @@ bad:
 		goto end;
 		}
 
+	SSL_CTX_set_quiet_shutdown(ctx,1);
 	if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);
 	if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
+	SSL_CTX_set_options(ctx,off);
 	if (hack) SSL_CTX_set_options(ctx,SSL_OP_NON_EXPORT_FIRST);
 
 	if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
 
+	SSL_CTX_sess_set_cache_size(ctx,128);
+
 #if 0
 	if (cipher == NULL) cipher=getenv("SSL_CIPHER");
 #endif
@@ -385,9 +447,9 @@ bad:
 	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
 		(!SSL_CTX_set_default_verify_paths(ctx)))
 		{
-		BIO_printf(bio_err,"X509_load_verify_locations\n");
+		/* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
 		ERR_print_errors(bio_err);
-		goto end;
+		/* goto end; */
 		}
 
 #ifndef NO_DH
@@ -410,6 +472,11 @@ bad:
 	
 	if (!set_cert_stuff(ctx,s_cert_file,s_key_file))
 		goto end;
+	if (s_dcert_file != NULL)
+		{
+		if (!set_cert_stuff(ctx,s_dcert_file,s_dkey_file))
+			goto end;
+		}
 
 #if 1
 	SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb);
@@ -435,7 +502,7 @@ bad:
 
 	if (cipher != NULL)
 		SSL_CTX_set_cipher_list(ctx,cipher);
-	SSL_CTX_set_verify(ctx,verify,verify_callback);
+	SSL_CTX_set_verify(ctx,s_server_verify,verify_callback);
 
 	SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
 
@@ -464,16 +531,23 @@ SSL_CTX *ssl_ctx;
 		SSL_CTX_sess_number(ssl_ctx));
 	BIO_printf(bio,"%4d client connects (SSL_connect())\n",
 		SSL_CTX_sess_connect(ssl_ctx));
+	BIO_printf(bio,"%4d client renegotiates (SSL_connect())\n",
+		SSL_CTX_sess_connect_renegotiate(ssl_ctx));
 	BIO_printf(bio,"%4d client connects that finished\n",
 		SSL_CTX_sess_connect_good(ssl_ctx));
 	BIO_printf(bio,"%4d server accepts (SSL_accept())\n",
 		SSL_CTX_sess_accept(ssl_ctx));
+	BIO_printf(bio,"%4d server renegotiates (SSL_accept())\n",
+		SSL_CTX_sess_accept_renegotiate(ssl_ctx));
 	BIO_printf(bio,"%4d server accepts that finished\n",
 		SSL_CTX_sess_accept_good(ssl_ctx));
 	BIO_printf(bio,"%4d session cache hits\n",SSL_CTX_sess_hits(ssl_ctx));
 	BIO_printf(bio,"%4d session cache misses\n",SSL_CTX_sess_misses(ssl_ctx));
 	BIO_printf(bio,"%4d session cache timeouts\n",SSL_CTX_sess_timeouts(ssl_ctx));
 	BIO_printf(bio,"%4d callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx));
+	BIO_printf(bio,"%4d cache full overflows (%d allowed)\n",
+		SSL_CTX_sess_cache_full(ssl_ctx),
+		SSL_CTX_sess_get_cache_size(ssl_ctx));
 	}
 
 static int sv_body(hostname, s)
@@ -500,7 +574,8 @@ int s;
 
 		if (!s_quiet)
 			BIO_printf(bio_err,"turning on non blocking io\n");
-		socket_ioctl(s,FIONBIO,&sl);
+		if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0)
+			ERR_print_errors(bio_err);
 		}
 #endif
 
@@ -539,7 +614,7 @@ int s;
 		if (i <= 0) continue;
 		if (FD_ISSET(fileno(stdin),&readfds))
 			{
-			i=read(fileno(stdin),buf,BUFSIZZ);
+			i=read(fileno(stdin),buf,128/*BUFSIZZ*/);
 			if (!s_quiet)
 				{
 				if ((i <= 0) || (buf[0] == 'Q'))
@@ -558,18 +633,24 @@ int s;
 					ret= -11;*/
 					goto err;
 					}
-				if (buf[0] == 'r')
+				if ((buf[0] == 'r') && 
+					((buf[1] == '\n') || (buf[1] == '\r')))
 					{
 					SSL_renegotiate(con);
+					i=SSL_do_handshake(con);
+					printf("SSL_do_handshake -> %d\n",i);
 					i=0; /*13; */
 					continue;
 					strcpy(buf,"server side RE-NEGOTIATE\n");
 					}
-				if (buf[0] == 'R')
+				if ((buf[0] == 'R') &&
+					((buf[1] == '\0') || (buf[1] == '\r')))
 					{
 					SSL_set_verify(con,
 						SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL);
 					SSL_renegotiate(con);
+					i=SSL_do_handshake(con);
+					printf("SSL_do_handshake -> %d\n",i);
 					i=0; /* 13; */
 					continue;
 					strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n");
@@ -588,19 +669,27 @@ int s;
 			for (;;)
 				{
 				/* should do a select for the write */
-				k=SSL_write(con,&(buf[l]),(unsigned int)i);
-				if (
-#ifdef FIONBIO
-					s_nbio &&
+#ifdef RENEG
+{ static count=0; if (++count == 100) { count=0; SSL_renegotiate(con); } }
 #endif
-					BIO_sock_should_retry(k))
+				k=SSL_write(con,&(buf[l]),(unsigned int)i);
+				switch (SSL_get_error(con,k))
 					{
+				case SSL_ERROR_NONE:
+					break;
+				case SSL_ERROR_WANT_WRITE:
+				case SSL_ERROR_WANT_READ:
+				case SSL_ERROR_WANT_X509_LOOKUP:
 					BIO_printf(bio_s_out,"Write BLOCK\n");
-					continue;
-					}
-				if (k <= 0)
-					{
+					break;
+				case SSL_ERROR_SYSCALL:
+				case SSL_ERROR_SSL:
+					BIO_printf(bio_s_out,"ERROR\n");
 					ERR_print_errors(bio_err);
+					ret=1;
+					goto err;
+					break;
+				case SSL_ERROR_ZERO_RETURN:
 					BIO_printf(bio_s_out,"DONE\n");
 					ret=1;
 					goto err;
@@ -629,25 +718,29 @@ int s;
 				}
 			else
 				{
-				i=SSL_read(con,(char *)buf,BUFSIZZ);
-				if ((i <= 0) &&
-#ifdef FIONBIO
-					s_nbio &&
-#endif
-					BIO_sock_should_retry(i))
+				i=SSL_read(con,(char *)buf,128 /*BUFSIZZ */);
+				switch (SSL_get_error(con,i))
 					{
+				case SSL_ERROR_NONE:
+					write(fileno(stdout),buf,
+						(unsigned int)i);
+					break;
+				case SSL_ERROR_WANT_WRITE:
+				case SSL_ERROR_WANT_READ:
+				case SSL_ERROR_WANT_X509_LOOKUP:
 					BIO_printf(bio_s_out,"Read BLOCK\n");
-					}
-				else if (i <= 0)
-					{
+					break;
+				case SSL_ERROR_SYSCALL:
+				case SSL_ERROR_SSL:
+					BIO_printf(bio_s_out,"ERROR\n");
 					ERR_print_errors(bio_err);
+					ret=1;
+					goto err;
+				case SSL_ERROR_ZERO_RETURN:
 					BIO_printf(bio_s_out,"DONE\n");
 					ret=1;
 					goto err;
 					}
-				else
-					write(fileno(stdout),buf,
-						(unsigned int)i);
 				}
 			}
 		}
@@ -685,7 +778,7 @@ SSL *con;
 	int i;
 	char *str;
 	X509 *peer;
-	int verify_error;
+	long verify_error;
 	MS_STATIC char buf[BUFSIZ];
 
 	if ((i=SSL_accept(con)) <= 0)
@@ -730,20 +823,20 @@ SSL *con;
 	return(1);
 	}
 
+#ifndef NO_DH
 static DH *load_dh_param()
 	{
 	DH *ret=NULL;
 	BIO *bio;
 
-#ifndef NO_DH
 	if ((bio=BIO_new_file(DH_PARAM,"r")) == NULL)
 		goto err;
 	ret=PEM_read_bio_DHparams(bio,NULL,NULL);
 err:
 	if (bio != NULL) BIO_free(bio);
-#endif
 	return(ret);
 	}
+#endif
 
 #if 0
 static int load_CA(ctx,file)
@@ -779,6 +872,7 @@ int s;
 	SSL *con;
 	SSL_CIPHER *c;
 	BIO *io,*ssl_bio,*sbio;
+	long total_bytes;
 
 	io=BIO_new(BIO_f_buffer());
 	ssl_bio=BIO_new(BIO_f_ssl());
@@ -787,16 +881,17 @@ int s;
 #ifdef FIONBIO	
 	if (s_nbio)
 		{
-		unsigned int long sl=1;
+		unsigned long sl=1;
 
 		if (!s_quiet)
 			BIO_printf(bio_err,"turning on non blocking io\n");
-		socket_ioctl(s,FIONBIO,&sl);
+		if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0)
+			ERR_print_errors(bio_err);
 		}
 #endif
 
 	/* lets make the output buffer a reasonable size */
-	if (!BIO_set_write_buffer_size(io,16*1024)) goto err;
+	if (!BIO_set_write_buffer_size(io,253 /*16*1024*/)) goto err;
 
 	if ((con=(SSL *)SSL_new(ctx)) == NULL) goto err;
 
@@ -875,14 +970,15 @@ int s;
 
 		/* else we have data */
 		if (	((www == 1) && (strncmp("GET ",buf,4) == 0)) ||
-			((www == 2) && (strncmp("GET stats ",buf,10) == 0)))
+			((www == 2) && (strncmp("GET /stats ",buf,10) == 0)))
 			{
 			char *p;
 			X509 *peer;
 			STACK *sk;
-			static char *space="                ";
+			static char *space="                          ";
 
 			BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
+			BIO_puts(io,"<HTML><BODY BGCOLOR=ffffff>\n");
 			BIO_puts(io,"<pre>\n");
 /*			BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
 			BIO_puts(io,"\n");
@@ -901,10 +997,10 @@ int s;
 			for (i=0; i<j; i++)
 				{
 				c=(SSL_CIPHER *)sk_value(sk,i);
-				BIO_printf(io,"%s:%-25s",
+				BIO_printf(io,"%-11s:%-25s",
 					SSL_CIPHER_get_version(c),
 					SSL_CIPHER_get_name(c));
-				if ((((i+1)%3) == 0) && (i+1 != j))
+				if ((((i+1)%2) == 0) && (i+1 != j))
 					BIO_puts(io,"\n");
 				}
 			BIO_puts(io,"\n");
@@ -917,7 +1013,7 @@ int s;
 					{
 					if (*p == ':')
 						{
-						BIO_write(io,space,15-j);
+						BIO_write(io,space,26-j);
 						i++;
 						j=0;
 						BIO_write(io,((i%3)?" ":"\n"),1);
@@ -935,7 +1031,7 @@ int s;
 				?"---\nReused, "
 				:"---\nNew, "));
 			c=SSL_get_current_cipher(con);
-			BIO_printf(io,"SSLv%d, Cipher is %s\n",
+			BIO_printf(io,"%s, Cipher is %s\n",
 				SSL_CIPHER_get_version(c),
 				SSL_CIPHER_get_name(c));
 			SSL_SESSION_print(io,SSL_get_session(con));
@@ -951,6 +1047,7 @@ int s;
 				}
 			else
 				BIO_puts(io,"no client certificate available\n");
+			BIO_puts(io,"</BODY></HTML>\r\n\r\n");
 			break;
 			}
 		else if ((www == 2) && (strncmp("GET ",buf,4) == 0))
@@ -969,6 +1066,7 @@ int s;
 					(strncmp(&(e[-1]),"/../",4) == 0))
 					dot=1;
 				}
+			
 
 			if (*e == '\0')
 				{
@@ -1028,18 +1126,31 @@ int s;
 			else
 				BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
 			/* send the file */
+			total_bytes=0;
 			for (;;)
 				{
 				i=BIO_read(file,buf,1024);
 				if (i <= 0) break;
 
+				total_bytes+=i;
+				fprintf(stderr,"%d\n",i);
+				if (total_bytes > 3*1024)
+					{
+					total_bytes=0;
+					fprintf(stderr,"RENEGOTIATE\n");
+					SSL_renegotiate(con);
+					}
+
 				for (j=0; j<i; )
 					{
+#ifdef RENEG
+{ static count=0; if (++count == 13) { SSL_renegotiate(con); } }
+#endif
 					k=BIO_write(io,&(buf[j]),i-j);
 					if (k <= 0)
 						{
 						if (!BIO_should_retry(io))
-							break;
+							goto write_error;
 						else
 							{
 							BIO_printf(bio_s_out,"rwrite W BLOCK\n");
@@ -1051,6 +1162,7 @@ int s;
 						}
 					}
 				}
+write_error:
 			BIO_free(file);
 			break;
 			}
@@ -1068,12 +1180,13 @@ int s;
 			break;
 		}
 end:
-#if 0
+#if 1
 	/* make sure we re-use sessions */
 	SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
 #else
 	/* This kills performace */
-	SSL_shutdown(con);
+/*	SSL_shutdown(con); A shutdown gets sent in the
+ *	BIO_free_all(io) procession */
 #endif
 
 err:
@@ -1082,7 +1195,7 @@ err:
 		BIO_printf(bio_s_out,"ACCEPT\n");
 
 	if (io != NULL) BIO_free_all(io);
-/*	if (ssl_bio != NULL) BIO_free(ssl_bio); */
+/*	if (ssl_bio != NULL) BIO_free(ssl_bio);*/
 	return(ret);
 	}
 
@@ -1100,7 +1213,7 @@ int export;
 			BIO_flush(bio_err);
 			}
 #ifndef NO_RSA
-		rsa_tmp=RSA_generate_key(512,RSA_F4,NULL);
+		rsa_tmp=RSA_generate_key(512,RSA_F4,NULL,NULL);
 #endif
 		if (!s_quiet)
 			{
diff --git a/apps/s_socket.c b/apps/s_socket.c
index 810061e29f..4bc3fde925 100644
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -1,5 +1,5 @@
 /* apps/s_socket.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -262,7 +262,7 @@ int port;
 		*sock=s;
 
 #ifdef FIONBIO
-		socket_ioctl(s,FIONBIO,&l);
+		BIO_socket_ioctl(s,FIONBIO,&l);
 #endif
 		}
 	else
@@ -306,18 +306,19 @@ int (*cb)();
 			}
 		i=(*cb)(name,sock);
 		if (name != NULL) Free(name);
-		SHUTDOWN(sock);
+		SHUTDOWN2(sock);
 		if (i < 0)
 			{
-			SHUTDOWN(accept_socket);
+			SHUTDOWN2(accept_socket);
 			return(i);
 			}
 		}
 	}
 
-int init_server(sock, port)
+int init_server_long(sock, port, ip)
 int *sock;
 int port;
+char *ip;
 	{
 	int ret=0;
 	struct sockaddr_in server;
@@ -328,7 +329,10 @@ int port;
 	memset((char *)&server,0,sizeof(server));
 	server.sin_family=AF_INET;
 	server.sin_port=htons((unsigned short)port);
-	server.sin_addr.s_addr=INADDR_ANY;
+	if (ip == NULL)
+		server.sin_addr.s_addr=INADDR_ANY;
+	else
+		memcpy(&server.sin_addr.s_addr,ip,4);
 	s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
 
 	if (s == INVALID_SOCKET) goto err;
@@ -339,7 +343,8 @@ int port;
 #endif
 		goto err;
 		}
-	if (listen(s,5) == -1) goto err;
+	/* Make it 128 for linux */
+	if (listen(s,128) == -1) goto err;
 	i=0;
 	*sock=s;
 	ret=1;
@@ -351,6 +356,13 @@ err:
 	return(ret);
 	}
 
+int init_server(sock,port)
+int *sock;
+int port;
+	{
+	return(init_server_long(sock, port, NULL));
+	}
+
 int do_accept(acc_sock, sock, host)
 int acc_sock;
 int *sock;
@@ -399,9 +411,14 @@ redoit:
 */
 
 	if (host == NULL) goto end;
+#ifndef BIT_FIELD_LIMITS
 	/* I should use WSAAsyncGetHostByName() under windows */
 	h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
 		sizeof(from.sin_addr.s_addr),AF_INET);
+#else
+	h1=gethostbyaddr((char *)&from.sin_addr,
+		sizeof(struct in_addr),AF_INET);
+#endif
 	if (h1 == NULL)
 		{
 		BIO_printf(bio_err,"bad gethostbyaddr\n");
@@ -435,38 +452,6 @@ end:
 	return(1);
 	}
 
-int socket_ioctl(fd,type,arg)
-int fd;
-long type;
-unsigned long *arg;
-	{
-	int i,err;
-#ifdef WINDOWS
-	i=ioctlsocket(fd,type,arg);
-#else
-	i=ioctl(fd,type,arg);
-#endif
-	if (i < 0)
-		{
-#ifdef WINDOWS
-		err=WSAGetLastError();
-#else
-		err=errno;
-#endif
-		BIO_printf(bio_err,"ioctl on socket failed:error %d\n",err);
-		}
-	return(i);
-	}
-
-int sock_err()
-	{
-#ifdef WINDOWS
-	return(WSAGetLastError());
-#else
-	return(errno);
-#endif
-	}
-
 int extract_host_port(str,host_ptr,ip,port_ptr)
 char *str;
 char **host_ptr;
diff --git a/apps/s_time.c b/apps/s_time.c
index 853a9dcc42..7571c208d4 100644
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -1,5 +1,5 @@
 /* apps/s_time.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
-#undef NO_SHUTDOWN
+#define NO_SHUTDOWN
 
 /*-----------------------------------------
    cntime - SSL client connection timer program
@@ -67,7 +67,7 @@
 #include <stdlib.h>
 #include <string.h>
 
-#ifdef WIN16
+#ifdef NO_STDIO
 #define APPS_WIN16
 #endif
 #include "x509.h"
@@ -154,10 +154,12 @@ extern int verify_error;
 static void s_time_usage(void);
 static int parseArgs( int argc, char **argv );
 static SSL *doConnection( SSL *scon );
+static void s_time_init(void);
 #else
 static void s_time_usage();
 static int parseArgs();
 static SSL *doConnection();
+static void s_time_init();
 #endif
 
 
@@ -180,15 +182,38 @@ static char *s_www_path=NULL;
 static long bytes_read=0; 
 static int st_bugs=0;
 static int perform=0;
-
 #ifdef FIONBIO
 static int t_nbio=0;
 #endif
-
 #ifdef WIN32
 static int exitNow = 0;		/* Set when it's time to exit main */
 #endif
 
+static void s_time_init()
+	{
+	host=SSL_CONNECT_NAME;
+	t_cert_file=NULL;
+	t_key_file=NULL;
+	CApath=NULL;
+	CAfile=NULL;
+	tm_cipher=NULL;
+	tm_verify = SSL_VERIFY_NONE;
+	maxTime = SECONDS;
+	tm_ctx=NULL;
+	s_time_meth=NULL;
+	s_www_path=NULL;
+	bytes_read=0; 
+	st_bugs=0;
+	perform=0;
+
+#ifdef FIONBIO
+	t_nbio=0;
+#endif
+#ifdef WIN32
+	exitNow = 0;		/* Set when it's time to exit main */
+#endif
+	}
+
 /***********************************************************************
  * usage - display usage message
  */
@@ -237,6 +262,7 @@ char **argv;
 #endif
 
 	apps_startup();
+	s_time_init();
 
 	if (bio_err == NULL)
 		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
@@ -396,6 +422,7 @@ char **argv;
 	long finishtime=0;
 	int ret=1,i;
 	MS_STATIC char buf[1024*8];
+	int ver;
 
 #if !defined(NO_SSL2) && !defined(NO_SSL3)
 	s_time_meth=SSLv23_client_method();
@@ -412,6 +439,8 @@ char **argv;
 	SSLeay_add_ssl_algorithms();
 	if ((tm_ctx=SSL_CTX_new(s_time_meth)) == NULL) return(1);
 
+	SSL_CTX_set_quiet_shutdown(tm_ctx,1);
+
 	if (st_bugs) SSL_CTX_set_options(tm_ctx,SSL_OP_ALL);
 	SSL_CTX_set_cipher_list(tm_ctx,tm_cipher);
 	if(!set_cert_stuff(tm_ctx,t_cert_file,t_key_file)) 
@@ -422,9 +451,9 @@ char **argv;
 	if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
 		(!SSL_CTX_set_default_verify_paths(tm_ctx)))
 		{
-		BIO_printf(bio_err,"error seting default verify locations\n");
+		/* BIO_printf(bio_err,"error seting default verify locations\n"); */
 		ERR_print_errors(bio_err);
-		goto end;
+		/* goto end; */
 		}
 
 	if (tm_cipher == NULL)
@@ -471,11 +500,24 @@ char **argv;
 #else
 		SSL_shutdown(scon);
 #endif
-		SHUTDOWN(SSL_get_fd(scon));
+		SHUTDOWN2(SSL_get_fd(scon));
 
 		nConn += 1;
-		fputc(SSL_session_reused(scon)?'r':
-			(SSL_version(scon))+'0', stdout );
+		if (SSL_session_reused(scon))
+			ver='r';
+		else
+			{
+			ver=SSL_version(scon);
+			if (ver == TLS1_VERSION)
+				ver='t';
+			else if (ver == SSL3_VERSION)
+				ver='3';
+			else if (ver == SSL2_VERSION)
+				ver='2';
+			else
+				ver='*';
+			}
+		fputc(ver,stdout);
 		fflush(stdout);
 
 		SSL_free( scon );
@@ -512,7 +554,7 @@ next:
 #else
 	SSL_shutdown(scon);
 #endif
-	SHUTDOWN(SSL_get_fd(scon));
+	SHUTDOWN2(SSL_get_fd(scon));
 
 	nConn = 0;
 	totalTime = 0.0;
@@ -551,11 +593,24 @@ next:
 #else
 		SSL_shutdown(scon);
 #endif
-		SHUTDOWN(SSL_get_fd(scon));
+		SHUTDOWN2(SSL_get_fd(scon));
 	
 		nConn += 1;
-		fputc(SSL_session_reused(scon)?'r':
-			(SSL_version(scon))+'0', stdout );
+		if (SSL_session_reused(scon))
+			ver='r';
+		else
+			{
+			ver=SSL_version(scon);
+			if (ver == TLS1_VERSION)
+				ver='t';
+			else if (ver == SSL3_VERSION)
+				ver='3';
+			else if (ver == SSL2_VERSION)
+				ver='2';
+			else
+				ver='*';
+			}
+		fputc(ver,stdout);
 		fflush(stdout);
 		}
 	totalTime += tm_Time_F(STOP); /* Add the time for this iteration*/
@@ -595,8 +650,8 @@ SSL *scon;
 	if ((conn=BIO_new(BIO_s_connect())) == NULL)
 		return(NULL);
 
-/*	BIO_set_port(conn,port);*/
-	BIO_set_hostname(conn,host);
+/*	BIO_set_conn_port(conn,port);*/
+	BIO_set_conn_hostname(conn,host);
 
 	if (scon == NULL)
 		serverCon=(SSL *)SSL_new(tm_ctx);
diff --git a/apps/server.srl b/apps/server.srl
new file mode 100644
index 0000000000..8a0f05e166
--- /dev/null
+++ b/apps/server.srl
@@ -0,0 +1 @@
+01
diff --git a/apps/sess_id.c b/apps/sess_id.c
index 03a8f46dfb..2fad36a495 100644
--- a/apps/sess_id.c
+++ b/apps/sess_id.c
@@ -1,5 +1,5 @@
 /* apps/sess_id.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -109,7 +109,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	informat=FORMAT_PEM;
 	outformat=FORMAT_PEM;
diff --git a/apps/speed.c b/apps/speed.c
index e0aff278f5..0003934247 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -1,5 +1,5 @@
 /* apps/speed.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -73,8 +73,9 @@
 #include <stdlib.h>
 #include <signal.h>
 #include <string.h>
+#include <math.h>
 #include "apps.h"
-#ifdef WIN16
+#ifdef NO_STDIO
 #define APPS_WIN16
 #endif
 #include "crypto.h"
@@ -122,13 +123,21 @@ struct tms {
 #endif
 #ifndef NO_MD5
 #include "md5.h"
+#include "hmac.h"
+#include "evp.h"
 #endif
-#if !defined(NO_SHA) && !defined(NO_SHA1)
+#ifndef NO_SHA1
 #include "sha.h"
 #endif
+#ifndef NO_RMD160
+#include "ripemd.h"
+#endif
 #ifndef NO_RC4
 #include "rc4.h"
 #endif
+#ifndef NO_RC5
+#include "rc5.h"
+#endif
 #ifndef NO_RC2
 #include "rc2.h"
 #endif
@@ -138,6 +147,9 @@ struct tms {
 #ifndef NO_BLOWFISH
 #include "blowfish.h"
 #endif
+#ifndef NO_CAST
+#include "cast.h"
+#endif
 #ifndef NO_RSA
 #include "rsa.h"
 #endif
@@ -165,7 +177,7 @@ struct tms {
 #endif
 
 #undef BUFSIZE
-#define BUFSIZE	((long)1024*8)
+#define BUFSIZE	((long)1024*8+1)
 int run=0;
 
 #ifndef NOPROTO
@@ -248,13 +260,12 @@ char **argv;
 	{
 	unsigned char *buf=NULL,*buf2=NULL;
 	int ret=1;
-#define ALGOR_NUM	11
+#define ALGOR_NUM	14
 #define SIZE_NUM	5
 #define RSA_NUM		4
 #define DSA_NUM		3
 	long count,rsa_count;
 	int i,j,k,rsa_num,rsa_num2;
-	unsigned int kk;
 #ifndef NO_MD2
 	unsigned char md2[MD2_DIGEST_LENGTH];
 #endif
@@ -263,13 +274,20 @@ char **argv;
 #endif
 #ifndef NO_MD5
 	unsigned char md5[MD5_DIGEST_LENGTH];
+	unsigned char hmac[MD5_DIGEST_LENGTH];
 #endif
-#if !defined(NO_SHA) || !defined(NO_SHA1)
+#ifndef NO_SHA1
 	unsigned char sha[SHA_DIGEST_LENGTH];
 #endif
+#ifndef NO_RMD160
+	unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
+#endif
 #ifndef NO_RC4
 	RC4_KEY rc4_ks;
 #endif
+#ifndef NO_RC5
+	RC5_32_KEY rc5_ks;
+#endif
 #ifndef NO_RC2
 	RC2_KEY rc2_ks;
 #endif
@@ -279,6 +297,9 @@ char **argv;
 #ifndef NO_BLOWFISH
 	BF_KEY bf_ks;
 #endif
+#ifndef NO_CAST
+	CAST_KEY cast_ks;
+#endif
 	static unsigned char key16[16]=
 		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
 		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
@@ -292,21 +313,24 @@ char **argv;
 #define	D_MD2		0
 #define	D_MDC2		1
 #define	D_MD5		2
-#define	D_SHA		3
+#define	D_HMAC		3
 #define	D_SHA1		4
-#define	D_RC4		5
-#define	D_CBC_DES	6
-#define	D_EDE3_DES	7
-#define	D_CBC_IDEA	8
-#define	D_CBC_RC2	9
-#define	D_CBC_BF	10
+#define D_RMD160	5
+#define	D_RC4		6
+#define	D_CBC_DES	7
+#define	D_EDE3_DES	8
+#define	D_CBC_IDEA	9
+#define	D_CBC_RC2	10
+#define	D_CBC_RC5	11
+#define	D_CBC_BF	12
+#define	D_CBC_CAST	13
 	double d,results[ALGOR_NUM][SIZE_NUM];
 	static int lengths[SIZE_NUM]={8,64,256,1024,8*1024};
 	long c[ALGOR_NUM][SIZE_NUM];
 	static char *names[ALGOR_NUM]={
-		"md2","mdc2","md5","sha","sha1","rc4",
+		"md2","mdc2","md5","hmac(md5)","sha1","rmd160","rc4",
 		"des cbc","des ede3","idea cbc",
-		"rc2 cbc","blowfish cbc"};
+		"rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc"};
 #define	R_DSA_512	0
 #define	R_DSA_1024	1
 #define	R_DSA_2048	2
@@ -315,32 +339,32 @@ char **argv;
 #define	R_RSA_2048	2
 #define	R_RSA_4096	3
 	RSA *rsa_key[RSA_NUM];
-	DSA *dsa_key[DSA_NUM];
 	long rsa_c[RSA_NUM][2];
-	long dsa_c[DSA_NUM][2];
 #ifndef NO_RSA
 	double rsa_results[RSA_NUM][2];
-#endif
-#ifndef NO_DSA
-	double dsa_results[DSA_NUM][2];
-#endif
 	static unsigned int rsa_bits[RSA_NUM]={512,1024,2048,4096};
-	static unsigned int dsa_bits[DSA_NUM]={512,1024,2048};
 	static unsigned char *rsa_data[RSA_NUM]=
 		{test512,test1024,test2048,test4096};
 	static int rsa_data_length[RSA_NUM]={
 		sizeof(test512),sizeof(test1024),
 		sizeof(test2048),sizeof(test4096)};
-	int doit[ALGOR_NUM];
+#endif
+#ifndef NO_DSA
+	DSA *dsa_key[DSA_NUM];
+	long dsa_c[DSA_NUM][2];
+	double dsa_results[DSA_NUM][2];
+	static unsigned int dsa_bits[DSA_NUM]={512,1024,2048};
+#endif
 	int rsa_doit[RSA_NUM];
 	int dsa_doit[DSA_NUM];
+	int doit[ALGOR_NUM];
 	int pr_header=0;
 
 	apps_startup();
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	for (i=0; i<RSA_NUM; i++)
 		rsa_key[i]=NULL;
@@ -383,13 +407,23 @@ char **argv;
 			if (strcmp(*argv,"md5") == 0) doit[D_MD5]=1;
 		else
 #endif
-#ifndef NO_SHA
-			if (strcmp(*argv,"sha") == 0) doit[D_SHA]=1;
+#ifndef NO_MD5
+			if (strcmp(*argv,"hmac") == 0) doit[D_HMAC]=1;
 		else
 #endif
 #ifndef NO_SHA1
 			if (strcmp(*argv,"sha1") == 0) doit[D_SHA1]=1;
 		else
+			if (strcmp(*argv,"sha") == 0) doit[D_SHA1]=1;
+		else
+#endif
+#ifndef NO_RMD160
+			if (strcmp(*argv,"ripemd") == 0) doit[D_RMD160]=1;
+		else
+			if (strcmp(*argv,"rmd160") == 0) doit[D_RMD160]=1;
+		else
+			if (strcmp(*argv,"ripemd160") == 0) doit[D_RMD160]=1;
+		else
 #endif
 #ifndef NO_RC4
 			if (strcmp(*argv,"rc4") == 0) doit[D_RC4]=1;
@@ -429,6 +463,11 @@ char **argv;
 		else if (strcmp(*argv,"rc2") == 0) doit[D_CBC_RC2]=1;
 		else
 #endif
+#ifndef NO_RC5
+		     if (strcmp(*argv,"rc5-cbc") == 0) doit[D_CBC_RC5]=1;
+		else if (strcmp(*argv,"rc5") == 0) doit[D_CBC_RC5]=1;
+		else
+#endif
 #ifndef NO_IDEA
 		     if (strcmp(*argv,"idea-cbc") == 0) doit[D_CBC_IDEA]=1;
 		else if (strcmp(*argv,"idea") == 0) doit[D_CBC_IDEA]=1;
@@ -437,6 +476,13 @@ char **argv;
 #ifndef NO_BLOWFISH
 		     if (strcmp(*argv,"bf-cbc") == 0) doit[D_CBC_BF]=1;
 		else if (strcmp(*argv,"blowfish") == 0) doit[D_CBC_BF]=1;
+		else if (strcmp(*argv,"bf") == 0) doit[D_CBC_BF]=1;
+		else
+#endif
+#ifndef NO_CAST
+		     if (strcmp(*argv,"cast-cbc") == 0) doit[D_CBC_CAST]=1;
+		else if (strcmp(*argv,"cast") == 0) doit[D_CBC_CAST]=1;
+		else if (strcmp(*argv,"cast5") == 0) doit[D_CBC_CAST]=1;
 		else
 #endif
 #ifndef NO_DES
@@ -467,17 +513,20 @@ char **argv;
 #endif
 			{
 			BIO_printf(bio_err,"bad value, pick one of\n");
-			BIO_printf(bio_err,"md2      mdc2	md5      sha      sha1\n");
+			BIO_printf(bio_err,"md2      mdc2	md5      hmac      sha1    rmd160\n");
 #ifndef NO_IDEA
 			BIO_printf(bio_err,"idea-cbc ");
 #endif
 #ifndef NO_RC2
 			BIO_printf(bio_err,"rc2-cbc  ");
 #endif
-#ifndef NO_RC2
+#ifndef NO_RC5
+			BIO_printf(bio_err,"rc5-cbc  ");
+#endif
+#ifndef NO_BLOWFISH
 			BIO_printf(bio_err,"bf-cbc");
 #endif
-#if !defined(NO_IDEA) && !defined(NO_RC2) && !defined(NO_BLOWFISH)
+#if !defined(NO_IDEA) && !defined(NO_RC2) && !defined(NO_BLOWFISH) && !defined(NO_RC5)
 			BIO_printf(bio_err,"\n");
 #endif
 			BIO_printf(bio_err,"des-cbc  des-ede3 ");
@@ -527,6 +576,14 @@ char **argv;
 			BIO_printf(bio_err,"internal error loading RSA key number %d\n",i);
 			goto end;
 			}
+#if 0
+		else
+			{
+			BIO_printf(bio_err,"Loaded RSA key, %d bit modulus and e= 0x",BN_num_bits(rsa_key[i]->n));
+			BN_print(bio_err,rsa_key[i]->e);
+			BIO_printf(bio_err,"\n");
+			}
+#endif
 		}
 #endif
 
@@ -550,9 +607,15 @@ char **argv;
 #ifndef NO_RC2
 	RC2_set_key(&rc2_ks,16,key16,128);
 #endif
+#ifndef NO_RC5
+	RC5_32_set_key(&rc5_ks,16,key16,12);
+#endif
 #ifndef NO_BLOWFISH
 	BF_set_key(&bf_ks,16,key16);
 #endif
+#ifndef NO_CAST
+	CAST_set_key(&cast_ks,16,key16);
+#endif
 
 	memset(rsa_c,0,sizeof(rsa_c));
 #ifndef SIGALRM
@@ -570,22 +633,26 @@ char **argv;
 	c[D_MD2][0]=count/10;
 	c[D_MDC2][0]=count/10;
 	c[D_MD5][0]=count;
-	c[D_SHA][0]=count;
+	c[D_HMAC][0]=count;
 	c[D_SHA1][0]=count;
+	c[D_RMD160][0]=count;
 	c[D_RC4][0]=count*5;
 	c[D_CBC_DES][0]=count;
 	c[D_EDE3_DES][0]=count/3;
 	c[D_CBC_IDEA][0]=count;
 	c[D_CBC_RC2][0]=count;
+	c[D_CBC_RC5][0]=count;
 	c[D_CBC_BF][0]=count;
+	c[D_CBC_CAST][0]=count;
 
 	for (i=1; i<SIZE_NUM; i++)
 		{
 		c[D_MD2][i]=c[D_MD2][0]*4*lengths[0]/lengths[i];
 		c[D_MDC2][i]=c[D_MDC2][0]*4*lengths[0]/lengths[i];
 		c[D_MD5][i]=c[D_MD5][0]*4*lengths[0]/lengths[i];
-		c[D_SHA][i]=c[D_SHA][0]*4*lengths[0]/lengths[i];
+		c[D_HMAC][i]=c[D_HMAC][0]*4*lengths[0]/lengths[i];
 		c[D_SHA1][i]=c[D_SHA1][0]*4*lengths[0]/lengths[i];
+		c[D_RMD160][i]=c[D_RMD160][0]*4*lengths[0]/lengths[i];
 		}
 	for (i=1; i<SIZE_NUM; i++)
 		{
@@ -598,7 +665,9 @@ char **argv;
 		c[D_EDE3_DES][i]=c[D_EDE3_DES][i-1]*l0/l1;
 		c[D_CBC_IDEA][i]=c[D_CBC_IDEA][i-1]*l0/l1;
 		c[D_CBC_RC2][i]=c[D_CBC_RC2][i-1]*l0/l1;
+		c[D_CBC_RC5][i]=c[D_CBC_RC5][i-1]*l0/l1;
 		c[D_CBC_BF][i]=c[D_CBC_BF][i-1]*l0/l1;
+		c[D_CBC_CAST][i]=c[D_CBC_CAST][i-1]*l0/l1;
 		}
 	rsa_c[R_RSA_512][0]=count/2000;
 	rsa_c[R_RSA_512][1]=count/400;
@@ -636,7 +705,7 @@ char **argv;
 			}				
 		}
 
-#define COND(d)	(count != (d))
+#define COND(d)	(count < (d))
 #define COUNT(d) (d)
 #else
 #define COND(c)	(run)
@@ -685,7 +754,7 @@ char **argv;
 			print_message(names[D_MD5],c[D_MD5][j],lengths[j]);
 			Time_F(START);
 			for (count=0,run=1; COND(c[D_MD5][j]); count++)
-				MD5(buf,(unsigned long)lengths[j],&(md5[0]));
+				MD5(&(buf[0]),(unsigned long)lengths[j],&(md5[0]));
 			d=Time_F(STOP);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
 				count,names[D_MD5],d);
@@ -694,19 +763,27 @@ char **argv;
 		}
 #endif
 
-#ifndef NO_SHA
-	if (doit[D_SHA])
+#ifndef NO_MD5
+	if (doit[D_HMAC])
 		{
+		HMAC_CTX hctx;
+		HMAC_Init(&hctx,(unsigned char *)"This is a key...",
+			16,EVP_md5());
+
 		for (j=0; j<SIZE_NUM; j++)
 			{
-			print_message(names[D_SHA],c[D_SHA][j],lengths[j]);
+			print_message(names[D_HMAC],c[D_HMAC][j],lengths[j]);
 			Time_F(START);
-			for (count=0,run=1; COND(c[D_SHA][j]); count++)
-				SHA(buf,(unsigned long)lengths[j],&(sha[0]));
+			for (count=0,run=1; COND(c[D_HMAC][j]); count++)
+				{
+				HMAC_Init(&hctx,NULL,0,NULL);
+                                HMAC_Update(&hctx,buf,lengths[j]);
+                                HMAC_Final(&hctx,&(hmac[0]),NULL);
+				}
 			d=Time_F(STOP);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
-				count,names[D_SHA],d);
-			results[D_SHA][j]=((double)count)/d*lengths[j];
+				count,names[D_HMAC],d);
+			results[D_HMAC][j]=((double)count)/d*lengths[j];
 			}
 		}
 #endif
@@ -726,6 +803,22 @@ char **argv;
 			}
 		}
 #endif
+#ifndef NO_RMD160
+	if (doit[D_RMD160])
+		{
+		for (j=0; j<SIZE_NUM; j++)
+			{
+			print_message(names[D_RMD160],c[D_RMD160][j],lengths[j]);
+			Time_F(START);
+			for (count=0,run=1; COND(c[D_RMD160][j]); count++)
+				RIPEMD160(buf,(unsigned long)lengths[j],&(rmd160[0]));
+			d=Time_F(STOP);
+			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+				count,names[D_RMD160],d);
+			results[D_RMD160][j]=((double)count)/d*lengths[j];
+			}
+		}
+#endif
 #ifndef NO_RC4
 	if (doit[D_RC4])
 		{
@@ -816,6 +909,24 @@ char **argv;
 			}
 		}
 #endif
+#ifndef NO_RC5
+	if (doit[D_CBC_RC5])
+		{
+		for (j=0; j<SIZE_NUM; j++)
+			{
+			print_message(names[D_CBC_RC5],c[D_CBC_RC5][j],lengths[j]);
+			Time_F(START);
+			for (count=0,run=1; COND(c[D_CBC_RC5][j]); count++)
+				RC5_32_cbc_encrypt(buf,buf,
+					(unsigned long)lengths[j],&rc5_ks,
+					(unsigned char *)&(iv[0]),RC5_ENCRYPT);
+			d=Time_F(STOP);
+			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+				count,names[D_CBC_RC5],d);
+			results[D_CBC_RC5][j]=((double)count)/d*lengths[j];
+			}
+		}
+#endif
 #ifndef NO_BLOWFISH
 	if (doit[D_CBC_BF])
 		{
@@ -834,6 +945,24 @@ char **argv;
 			}
 		}
 #endif
+#ifndef NO_CAST
+	if (doit[D_CBC_CAST])
+		{
+		for (j=0; j<SIZE_NUM; j++)
+			{
+			print_message(names[D_CBC_CAST],c[D_CBC_CAST][j],lengths[j]);
+			Time_F(START);
+			for (count=0,run=1; COND(c[D_CBC_CAST][j]); count++)
+				CAST_cbc_encrypt(buf,buf,
+					(unsigned long)lengths[j],&cast_ks,
+					(unsigned char *)&(iv[0]),CAST_ENCRYPT);
+			d=Time_F(STOP);
+			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+				count,names[D_CBC_CAST],d);
+			results[D_CBC_CAST][j]=((double)count)/d*lengths[j];
+			}
+		}
+#endif
 
 	RAND_bytes(buf,30);
 #ifndef NO_RSA
@@ -842,6 +971,7 @@ char **argv;
 		if (!rsa_doit[j]) continue;
 		pkey_print_message("private","rsa",rsa_c[j][0],rsa_bits[j],
 			RSA_SECONDS);
+/*		RSA_blinding_on(rsa_key[j],NULL); */
 		Time_F(START);
 		for (count=0,run=1; COND(rsa_c[j][0]); count++)
 			{
@@ -861,6 +991,7 @@ char **argv;
 		rsa_results[j][0]=d/(double)count;
 		rsa_count=count;
 
+#if 1
 		pkey_print_message("public","rsa",rsa_c[j][1],rsa_bits[j],
 			RSA_SECONDS);
 		Time_F(START);
@@ -880,6 +1011,7 @@ char **argv;
 		BIO_printf(bio_err,"%ld %d bit public RSA's in %.2fs\n",
 			count,rsa_bits[j],d);
 		rsa_results[j][1]=d/(double)count;
+#endif
 
 		if (rsa_count <= 1)
 			{
@@ -894,6 +1026,8 @@ char **argv;
 #ifndef NO_DSA
 	for (j=0; j<DSA_NUM; j++)
 		{
+		unsigned int kk;
+
 		if (!dsa_doit[j]) continue;
 		DSA_generate_key(dsa_key[j]);
 /*		DSA_sign_setup(dsa_key[j],NULL); */
@@ -966,7 +1100,7 @@ char **argv;
 #ifndef NO_BLOWFISH
 	printf("%s ",BF_options());
 #endif
-	fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_CFLAGS));
+	fprintf(stdout,"\n%s\n",SSLeay_version(SSLEAY_CFLAGS));
 
 	if (pr_header)
 		{
@@ -980,7 +1114,7 @@ char **argv;
 	for (k=0; k<ALGOR_NUM; k++)
 		{
 		if (!doit[k]) continue;
-		fprintf(stdout,"%-12s",names[k]);
+		fprintf(stdout,"%-13s",names[k]);
 		for (j=0; j<SIZE_NUM; j++)
 			{
 			if (results[k][j] > 10000)
@@ -995,9 +1129,14 @@ char **argv;
 	for (k=0; k<RSA_NUM; k++)
 		{
 		if (!rsa_doit[k]) continue;
-		if (j) { printf("%18ssign    verify\n"," "); j=0; }
-		fprintf(stdout,"rsa %4d bits %8.4fs %8.4fs",
-			rsa_bits[k],rsa_results[k][0],rsa_results[k][1]);
+		if (j)
+			{
+			printf("%18ssign    verify    sign/s verify/s\n"," ");
+			j=0;
+			}
+		fprintf(stdout,"rsa %4d bits %8.4fs %8.4fs %8.1f %8.1f",
+			rsa_bits[k],rsa_results[k][0],rsa_results[k][1],
+			1.0/rsa_results[k][0],1.0/rsa_results[k][1]);
 		fprintf(stdout,"\n");
 		}
 #endif
@@ -1006,9 +1145,13 @@ char **argv;
 	for (k=0; k<DSA_NUM; k++)
 		{
 		if (!dsa_doit[k]) continue;
-		if (j) { printf("%18ssign    verify\n"," "); j=0; }
-		fprintf(stdout,"dsa %4d bits %8.4fs %8.4fs",
-			dsa_bits[k],dsa_results[k][0],dsa_results[k][1]);
+		if (j)	{
+			printf("%18ssign    verify    sign/s verify/s\n"," ");
+			j=0;
+			}
+		fprintf(stdout,"dsa %4d bits %8.4fs %8.4fs %8.1f %8.1f",
+			dsa_bits[k],dsa_results[k][0],dsa_results[k][1],
+			1.0/dsa_results[k][0],1.0/dsa_results[k][1]);
 		fprintf(stdout,"\n");
 		}
 #endif
@@ -1066,3 +1209,4 @@ int tm;
 	num=num;
 #endif
 	}
+
diff --git a/apps/ssleay.c b/apps/ssleay.c
index f69f14aa2e..eac411b854 100644
--- a/apps/ssleay.c
+++ b/apps/ssleay.c
@@ -1,5 +1,5 @@
 /* apps/ssleay.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -56,14 +56,13 @@
  * [including the GNU Public Licence.]
  */
 
-#define DEBUG
+#ifndef DEBUG
+#undef DEBUG
+#endif
 
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
-#ifdef WIN16
-#define APPS_WIN16
-#endif
 #include "bio.h"
 #include "crypto.h"
 #include "lhash.h"
@@ -78,19 +77,22 @@
 #include "s_apps.h"
 #include "err.h"
 
+/*
+#ifdef WINDOWS
+#include "bss_file.c"
+#endif
+*/
 
 #ifndef NOPROTO
 static unsigned long MS_CALLBACK hash(FUNCTION *a);
 static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b);
 static LHASH *prog_init(void );
 static int do_cmd(LHASH *prog,int argc,char *argv[]);
-static void sig_stop(int i);
 #else
 static unsigned long MS_CALLBACK hash();
 static int MS_CALLBACK cmp();
 static LHASH *prog_init();
 static int do_cmd();
-static void sig_stop();
 #endif
 
 LHASH *config=NULL;
@@ -143,7 +145,7 @@ char *Argv[];
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
 
@@ -224,6 +226,7 @@ char *Argv[];
 			}
 		if (ret != 0)
 			BIO_printf(bio_err,"error in %s\n",argv[0]);
+		BIO_flush(bio_err);
 		}
 	BIO_printf(bio_err,"bad exit\n");
 	ret=1;
diff --git a/apps/testrsa.h b/apps/testrsa.h
index 5f83878236..9a0e811c73 100644
--- a/apps/testrsa.h
+++ b/apps/testrsa.h
@@ -1,5 +1,5 @@
 /* apps/testrsa.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -57,475 +57,461 @@
  */
 
 static unsigned char test512[]={
-	0x30,0x82,0x01,0x39,0x02,0x01,0x00,0x02,0x40,0x48,
-	0xd3,0xa9,0x8f,0x3b,0x92,0xce,0x20,0xcc,0xc7,0xe8,
-	0x1f,0x28,0x67,0xdb,0xd1,0xb3,0x06,0x94,0x7d,0x9b,
-	0x88,0x05,0x9d,0xf5,0xab,0x36,0xaa,0x3f,0x15,0xcd,
-	0x40,0x0a,0x76,0xfd,0xab,0x33,0xfa,0x07,0x31,0xc8,
-	0x0d,0xa8,0x23,0x60,0x4e,0xd4,0xda,0x2e,0xed,0xbc,
-	0x43,0x8a,0xc0,0xd8,0xd9,0xf4,0xcb,0xfa,0x12,0xa2,
-	0xec,0x49,0x31,0x02,0x03,0x01,0x00,0x01,0x02,0x40,
-	0x02,0x5e,0x80,0x61,0x9c,0x7a,0x86,0x22,0x23,0x07,
-	0x4d,0xd1,0xd5,0xaa,0xab,0x48,0x03,0x1e,0xef,0xad,
-	0xb6,0x65,0x92,0x69,0x35,0x18,0xc0,0xca,0x81,0x0a,
-	0xe0,0x86,0x6f,0xec,0x00,0x0f,0x1d,0x08,0x43,0xc8,
-	0x82,0x7d,0x89,0xc4,0x3a,0xc4,0x44,0x6a,0x10,0xc6,
-	0xdd,0xd0,0x63,0x1c,0x65,0xd6,0x09,0xc5,0x00,0x51,
-	0x2b,0xc3,0x7c,0xc1,0x02,0x21,0x00,0x8f,0x03,0xfc,
-	0x35,0x08,0xae,0x85,0x41,0x35,0x30,0x02,0xbd,0x96,
-	0xaa,0x84,0x60,0x75,0xb5,0x0c,0x2b,0x64,0xbf,0x28,
-	0x26,0xe2,0x76,0xfd,0xec,0xdc,0x94,0x36,0xcd,0x02,
-	0x21,0x00,0x82,0x5c,0x6f,0x13,0x93,0x98,0x41,0xf7,
-	0x81,0x54,0x3f,0xd7,0x8e,0x06,0x64,0xd9,0x29,0x04,
-	0xfc,0x12,0x46,0x17,0xab,0x9a,0x9f,0xa7,0xd3,0x8a,
-	0xa0,0xcd,0x33,0xf5,0x02,0x21,0x00,0x8a,0xf4,0xe7,
-	0x4f,0xac,0x40,0xcd,0xae,0xbe,0xfc,0x08,0x1d,0xa7,
-	0xcf,0xc4,0x51,0x68,0xec,0xe1,0x87,0x24,0x1b,0x6b,
-	0xea,0xe4,0x2d,0x93,0xa9,0x59,0xe5,0x14,0x9d,0x02,
-	0x20,0x70,0x6b,0xd2,0x86,0xe9,0x74,0x16,0xff,0xa1,
-	0x92,0xcc,0x73,0xd2,0x51,0x85,0x4b,0x19,0xea,0xe8,
-	0x8f,0xc1,0xce,0xcb,0xf8,0xce,0xd2,0xe6,0xc5,0xd8,
-	0xa2,0xde,0xb9,0x02,0x20,0x0f,0x73,0xf0,0xf0,0x91,
-	0x53,0xdf,0x4f,0x37,0xf8,0x3f,0x1f,0x82,0x59,0xe3,
-	0xe8,0xaa,0x04,0x64,0xd1,0x51,0x77,0xa8,0x36,0x65,
-	0x8c,0x6d,0x91,0xf8,0xb2,0xc3,0x03,
+	0x30,0x82,0x01,0x3a,0x02,0x01,0x00,0x02,0x41,0x00,
+	0xd6,0x33,0xb9,0xc8,0xfb,0x4f,0x3c,0x7d,0xc0,0x01,
+	0x86,0xd0,0xe7,0xa0,0x55,0xf2,0x95,0x93,0xcc,0x4f,
+	0xb7,0x5b,0x67,0x5b,0x94,0x68,0xc9,0x34,0x15,0xde,
+	0xa5,0x2e,0x1c,0x33,0xc2,0x6e,0xfc,0x34,0x5e,0x71,
+	0x13,0xb7,0xd6,0xee,0xd8,0xa5,0x65,0x05,0x72,0x87,
+	0xa8,0xb0,0x77,0xfe,0x57,0xf5,0xfc,0x5f,0x55,0x83,
+	0x87,0xdd,0x57,0x49,0x02,0x03,0x01,0x00,0x01,0x02,
+	0x41,0x00,0xa7,0xf7,0x91,0xc5,0x0f,0x84,0x57,0xdc,
+	0x07,0xf7,0x6a,0x7f,0x60,0x52,0xb3,0x72,0xf1,0x66,
+	0x1f,0x7d,0x97,0x3b,0x9e,0xb6,0x0a,0x8f,0x8c,0xcf,
+	0x42,0x23,0x00,0x04,0xd4,0x28,0x0e,0x1c,0x90,0xc4,
+	0x11,0x25,0x25,0xa5,0x93,0xa5,0x2f,0x70,0x02,0xdf,
+	0x81,0x9c,0x49,0x03,0xa0,0xf8,0x6d,0x54,0x2e,0x26,
+	0xde,0xaa,0x85,0x59,0xa8,0x31,0x02,0x21,0x00,0xeb,
+	0x47,0xd7,0x3b,0xf6,0xc3,0xdd,0x5a,0x46,0xc5,0xb9,
+	0x2b,0x9a,0xa0,0x09,0x8f,0xa6,0xfb,0xf3,0x78,0x7a,
+	0x33,0x70,0x9d,0x0f,0x42,0x6b,0x13,0x68,0x24,0xd3,
+	0x15,0x02,0x21,0x00,0xe9,0x10,0xb0,0xb3,0x0d,0xe2,
+	0x82,0x68,0x77,0x8a,0x6e,0x7c,0xda,0xbc,0x3e,0x53,
+	0x83,0xfb,0xd6,0x22,0xe7,0xb5,0xae,0x6e,0x80,0xda,
+	0x00,0x55,0x97,0xc1,0xd0,0x65,0x02,0x20,0x4c,0xf8,
+	0x73,0xb1,0x6a,0x49,0x29,0x61,0x1f,0x46,0x10,0x0d,
+	0xf3,0xc7,0xe7,0x58,0xd7,0x88,0x15,0x5e,0x94,0x9b,
+	0xbf,0x7b,0xa2,0x42,0x58,0x45,0x41,0x0c,0xcb,0x01,
+	0x02,0x20,0x12,0x11,0xba,0x31,0x57,0x9d,0x3d,0x11,
+	0x0e,0x5b,0x8c,0x2f,0x5f,0xe2,0x02,0x4f,0x05,0x47,
+	0x8c,0x15,0x8e,0xb3,0x56,0x3f,0xb8,0xfb,0xad,0xd4,
+	0xf4,0xfc,0x10,0xc5,0x02,0x20,0x18,0xa1,0x29,0x99,
+	0x5b,0xd9,0xc8,0xd4,0xfc,0x49,0x7a,0x2a,0x21,0x2c,
+	0x49,0xe4,0x4f,0xeb,0xef,0x51,0xf1,0xab,0x6d,0xfb,
+	0x4b,0x14,0xe9,0x4b,0x52,0xb5,0x82,0x2c,
 	};
 
 static unsigned char test1024[]={
-	0x30,0x82,0x02,0x58,0x02,0x01,0x00,0x02,
-	0x81,0x80,0x53,0x66,0xb3,0x9b,0xd1,0xde,
-	0xb6,0x55,0x67,0xdc,0xe1,0x91,0xdb,0xc7,
-	0xf2,0xef,0xcc,0x98,0x48,0xbe,0x22,0xb2,
-	0xa5,0x92,0x88,0xa2,0xe7,0xf6,0x8a,0xea,
-	0xc1,0x5e,0xd8,0xb3,0xd6,0xb8,0x9a,0xb7,
-	0xf8,0xaa,0x9d,0x0a,0xa1,0x9e,0xb5,0x81,
-	0xd4,0xd9,0x86,0x92,0x49,0x1d,0x30,0x50,
-	0x18,0x4f,0x40,0x52,0x3c,0xf2,0xb7,0x14,
-	0x5f,0x06,0x4d,0x92,0xab,0x0d,0xe5,0x61,
-	0x9a,0xb3,0xdf,0xb0,0xaa,0x88,0x7d,0x47,
-	0x78,0xbf,0xd5,0x15,0x88,0x6b,0xe7,0x43,
-	0xd3,0x96,0x15,0xed,0x5b,0x33,0xff,0x9d,
-	0x06,0x88,0xb6,0xe1,0x21,0xcb,0xe8,0xb5,
-	0xe3,0x3c,0xef,0xb6,0xe7,0x89,0xc0,0x44,
-	0x71,0x6b,0x38,0xe2,0x7a,0xd4,0x92,0x49,
-	0x14,0xcf,0x36,0xc1,0x7d,0xa4,0x13,0x7a,
-	0xb7,0x3f,0x02,0x01,0x03,0x02,0x81,0x80,
-	0x37,0x99,0xcd,0x12,0x8b,0xe9,0xce,0xe3,
-	0x9a,0x93,0x41,0x0b,0xe7,0xda,0xa1,0xf5,
-	0x33,0x10,0x30,0x7e,0xc1,0xcc,0x6e,0x61,
-	0xb0,0x6c,0x9a,0xa4,0x5c,0x9c,0x80,0xe9,
-	0xe5,0xcd,0x39,0xd0,0x67,0x25,0x50,0x71,
-	0xbe,0x07,0x16,0x69,0xce,0x56,0x8d,0xe6,
-	0x59,0xb6,0xdb,0x68,0xca,0xe0,0x10,0x34,
-	0xd5,0x8c,0x28,0xa1,0xcf,0x62,0xea,0x03,
-	0x70,0xc5,0x5e,0x5e,0x08,0x04,0xb3,0x37,
-	0x06,0x45,0x20,0xe5,0x69,0x8a,0x49,0x7d,
-	0x05,0x47,0x1a,0x33,0x0d,0xfd,0x7f,0xf7,
-	0x7b,0xac,0x2a,0x07,0xc3,0x04,0xbf,0xb2,
-	0x41,0x26,0xfa,0xf8,0xf1,0x88,0x06,0x25,
-	0xb7,0xe7,0x57,0xe4,0x4c,0xc6,0x57,0xd1,
-	0x6a,0xbb,0x9a,0xdc,0x45,0x5f,0x48,0x6f,
-	0x8d,0x75,0xb5,0x7d,0xd6,0x6a,0x03,0x2b,
-	0x02,0x41,0x00,0x97,0x52,0x4f,0x91,0xe0,
-	0xc1,0x67,0x42,0xb0,0x41,0xf2,0xc5,0x56,
-	0x6f,0x66,0x5e,0x5c,0x4e,0x7f,0xc7,0xaf,
-	0xef,0x2d,0x60,0xbd,0x00,0x3b,0x07,0xed,
-	0xec,0xfa,0x12,0x14,0xd0,0xc1,0x32,0xd3,
-	0x47,0x50,0xb9,0x0f,0xd5,0xbd,0x0d,0xd1,
-	0xcf,0xef,0x71,0x1c,0x0c,0xa4,0x2c,0x74,
-	0x2a,0xed,0x5d,0x9b,0x00,0x68,0xec,0x51,
-	0x33,0x73,0xa1,0x02,0x41,0x00,0x8d,0x18,
-	0x4d,0xee,0xf8,0x99,0x26,0x9e,0xa6,0x07,
-	0x06,0x6b,0x08,0x88,0xa4,0x25,0xf0,0xdc,
-	0x61,0x57,0xa2,0x58,0x66,0x42,0x1f,0x6a,
-	0xe1,0x20,0x6d,0x28,0xec,0xeb,0x40,0x55,
-	0xe8,0x23,0xab,0x22,0x89,0x4b,0x4c,0x06,
-	0x26,0xa5,0x7b,0x4a,0xfe,0x3f,0xfc,0xbc,
-	0x6e,0x5d,0xb6,0x0f,0x3a,0xca,0x47,0x90,
-	0x84,0x7b,0x00,0xa8,0x3e,0xdf,0x02,0x40,
-	0x64,0xe1,0x8a,0x61,0x40,0x80,0xef,0x81,
-	0xca,0xd6,0xa1,0xd8,0xe4,0x4a,0x44,0x3e,
-	0xe8,0x34,0x55,0x2f,0xca,0x9f,0x73,0x95,
-	0xd3,0x55,0x7c,0xaf,0xf3,0xf3,0x51,0x61,
-	0x63,0x35,0xd6,0x21,0xe2,0x2f,0x8b,0x26,
-	0x0a,0x8e,0x7e,0x09,0x36,0x8a,0x9f,0xa0,
-	0xbd,0x5d,0xc2,0xc8,0x4d,0x71,0xf3,0x93,
-	0xbc,0xaa,0xf0,0x9d,0x8b,0x77,0xa2,0x6b,
-	0x02,0x40,0x5e,0x10,0x33,0xf4,0xa5,0xbb,
-	0x6f,0x14,0x6e,0xaf,0x59,0x9c,0xb0,0x5b,
-	0x18,0x19,0x4b,0x3d,0x96,0x3a,0x6c,0x3a,
-	0xee,0xd6,0xbf,0x9c,0x96,0x15,0x9e,0x1b,
-	0x48,0x9c,0xd5,0x8e,0x9a,0xc2,0x72,0x17,
-	0x06,0x32,0x32,0xae,0xc4,0x6e,0x52,0x31,
-	0xfe,0xd5,0x53,0x28,0x49,0x93,0xce,0xb4,
-	0xd1,0xdc,0x2f,0xb5,0xad,0xa7,0x55,0xc5,
-	0x7f,0x3f,0x02,0x40,0x37,0xa4,0xcc,0xd7,
-	0x63,0x63,0x6b,0x53,0xd6,0xf3,0xf2,0xfe,
-	0xeb,0x8d,0x4a,0x3d,0xab,0x97,0xfe,0xf8,
-	0x27,0xc5,0x87,0xc7,0xbf,0x2c,0xef,0xae,
-	0xcb,0x61,0x62,0x5e,0x30,0x86,0x8f,0xb5,
-	0x0e,0xeb,0x9a,0xa9,0x09,0x6a,0x4e,0x1c,
-	0xc7,0x1e,0xa2,0xce,0x8e,0xc2,0xc8,0x15,
-	0x13,0x06,0x47,0x9e,0x7c,0x2a,0x3c,0x62,
-	0x26,0xf0,0x9c,0x86,
+	0x30,0x82,0x02,0x5c,0x02,0x01,0x00,0x02,0x81,0x81,
+	0x00,0xdc,0x98,0x43,0xe8,0x3d,0x43,0x5b,0xe4,0x05,
+	0xcd,0xd0,0xa9,0x3e,0xcb,0x83,0x75,0xf6,0xb5,0xa5,
+	0x9f,0x6b,0xe9,0x34,0x41,0x29,0x18,0xfa,0x6a,0x55,
+	0x4d,0x70,0xfc,0xec,0xae,0x87,0x38,0x0a,0x20,0xa9,
+	0xc0,0x45,0x77,0x6e,0x57,0x60,0x57,0xf4,0xed,0x96,
+	0x22,0xcb,0x8f,0xe1,0x33,0x3a,0x17,0x1f,0xed,0x37,
+	0xa5,0x6f,0xeb,0xa6,0xbc,0x12,0x80,0x1d,0x53,0xbd,
+	0x70,0xeb,0x21,0x76,0x3e,0xc9,0x2f,0x1a,0x45,0x24,
+	0x82,0xff,0xcd,0x59,0x32,0x06,0x2e,0x12,0x3b,0x23,
+	0x78,0xed,0x12,0x3d,0xe0,0x8d,0xf9,0x67,0x4f,0x37,
+	0x4e,0x47,0x02,0x4c,0x2d,0xc0,0x4f,0x1f,0xb3,0x94,
+	0xe1,0x41,0x2e,0x2d,0x90,0x10,0xfc,0x82,0x91,0x8b,
+	0x0f,0x22,0xd4,0xf2,0xfc,0x2c,0xab,0x53,0x55,0x02,
+	0x03,0x01,0x00,0x01,0x02,0x81,0x80,0x2b,0xcc,0x3f,
+	0x8f,0x58,0xba,0x8b,0x00,0x16,0xf6,0xea,0x3a,0xf0,
+	0x30,0xd0,0x05,0x17,0xda,0xb0,0xeb,0x9a,0x2d,0x4f,
+	0x26,0xb0,0xd6,0x38,0xc1,0xeb,0xf5,0xd8,0x3d,0x1f,
+	0x70,0xf7,0x7f,0xf4,0xe2,0xcf,0x51,0x51,0x79,0x88,
+	0xfa,0xe8,0x32,0x0e,0x7b,0x2d,0x97,0xf2,0xfa,0xba,
+	0x27,0xc5,0x9c,0xd9,0xc5,0xeb,0x8a,0x79,0x52,0x3c,
+	0x64,0x34,0x7d,0xc2,0xcf,0x28,0xc7,0x4e,0xd5,0x43,
+	0x0b,0xd1,0xa6,0xca,0x6d,0x03,0x2d,0x72,0x23,0xbc,
+	0x6d,0x05,0xfa,0x16,0x09,0x2f,0x2e,0x5c,0xb6,0xee,
+	0x74,0xdd,0xd2,0x48,0x8e,0x36,0x0c,0x06,0x3d,0x4d,
+	0xe5,0x10,0x82,0xeb,0x6a,0xf3,0x4b,0x9f,0xd6,0xed,
+	0x11,0xb1,0x6e,0xec,0xf4,0xfe,0x8e,0x75,0x94,0x20,
+	0x2f,0xcb,0xac,0x46,0xf1,0x02,0x41,0x00,0xf9,0x8c,
+	0xa3,0x85,0xb1,0xdd,0x29,0xaf,0x65,0xc1,0x33,0xf3,
+	0x95,0xc5,0x52,0x68,0x0b,0xd4,0xf1,0xe5,0x0e,0x02,
+	0x9f,0x4f,0xfa,0x77,0xdc,0x46,0x9e,0xc7,0xa6,0xe4,
+	0x16,0x29,0xda,0xb0,0x07,0xcf,0x5b,0xa9,0x12,0x8a,
+	0xdd,0x63,0x0a,0xde,0x2e,0x8c,0x66,0x8b,0x8c,0xdc,
+	0x19,0xa3,0x7e,0xf4,0x3b,0xd0,0x1a,0x8c,0xa4,0xc2,
+	0xe1,0xd3,0x02,0x41,0x00,0xe2,0x4c,0x05,0xf2,0x04,
+	0x86,0x4e,0x61,0x43,0xdb,0xb0,0xb9,0x96,0x86,0x52,
+	0x2c,0xca,0x8d,0x7b,0xab,0x0b,0x13,0x0d,0x7e,0x38,
+	0x5b,0xe2,0x2e,0x7b,0x0e,0xe7,0x19,0x99,0x38,0xe7,
+	0xf2,0x21,0xbd,0x85,0x85,0xe3,0xfd,0x28,0x77,0x20,
+	0x31,0x71,0x2c,0xd0,0xff,0xfb,0x2e,0xaf,0x85,0xb4,
+	0x86,0xca,0xf3,0xbb,0xca,0xaa,0x0f,0x95,0x37,0x02,
+	0x40,0x0e,0x41,0x9a,0x95,0xe8,0xb3,0x59,0xce,0x4b,
+	0x61,0xde,0x35,0xec,0x38,0x79,0x9c,0xb8,0x10,0x52,
+	0x41,0x63,0xab,0x82,0xae,0x6f,0x00,0xa9,0xf4,0xde,
+	0xdd,0x49,0x0b,0x7e,0xb8,0xa5,0x65,0xa9,0x0c,0x8f,
+	0x8f,0xf9,0x1f,0x35,0xc6,0x92,0xb8,0x5e,0xb0,0x66,
+	0xab,0x52,0x40,0xc0,0xb6,0x36,0x6a,0x7d,0x80,0x46,
+	0x04,0x02,0xe5,0x9f,0x41,0x02,0x41,0x00,0xc0,0xad,
+	0xcc,0x4e,0x21,0xee,0x1d,0x24,0x91,0xfb,0xa7,0x80,
+	0x8d,0x9a,0xb6,0xb3,0x2e,0x8f,0xc2,0xe1,0x82,0xdf,
+	0x69,0x18,0xb4,0x71,0xff,0xa6,0x65,0xde,0xed,0x84,
+	0x8d,0x42,0xb7,0xb3,0x21,0x69,0x56,0x1c,0x07,0x60,
+	0x51,0x29,0x04,0xff,0x34,0x06,0xdd,0xb9,0x67,0x2c,
+	0x7c,0x04,0x93,0x0e,0x46,0x15,0xbb,0x2a,0xb7,0x1b,
+	0xe7,0x87,0x02,0x40,0x78,0xda,0x5d,0x07,0x51,0x0c,
+	0x16,0x7a,0x9f,0x29,0x20,0x84,0x0d,0x42,0xfa,0xd7,
+	0x00,0xd8,0x77,0x7e,0xb0,0xb0,0x6b,0xd6,0x5b,0x53,
+	0xb8,0x9b,0x7a,0xcd,0xc7,0x2b,0xb8,0x6a,0x63,0xa9,
+	0xfb,0x6f,0xa4,0x72,0xbf,0x4c,0x5d,0x00,0x14,0xba,
+	0xfa,0x59,0x88,0xed,0xe4,0xe0,0x8c,0xa2,0xec,0x14,
+	0x7e,0x2d,0xe2,0xf0,0x46,0x49,0x95,0x45,
 	};
 
 static unsigned char test2048[]={
-	0x30,0x82,0x04,0xa1,0x02,0x01,0x00,0x02,0x82,0x01,
-	0x00,0x7a,0x52,0xa1,0xd0,0xdb,0x8c,0x38,0xcf,0x0f,
-	0x01,0x25,0x98,0xee,0x84,0xc1,0xf3,0x8e,0x90,0xb5,
-	0x85,0x5e,0x5f,0x3a,0x33,0x8f,0xc6,0x49,0xe0,0x07,
-	0xd3,0x66,0x26,0xcc,0x47,0xc3,0x04,0xcf,0x91,0x74,
-	0x65,0x07,0x56,0x35,0x7d,0x0a,0xbf,0xcd,0xd2,0x8a,
-	0xf9,0x05,0x62,0xc0,0x63,0xc2,0x54,0xb8,0x14,0x89,
-	0x88,0x58,0x1c,0xeb,0xbc,0xbf,0xf2,0x0d,0xcb,0x05,
-	0x62,0x1c,0xe9,0x48,0x0f,0x2b,0x8d,0x28,0x67,0x92,
-	0x31,0x86,0xe3,0xa4,0x20,0x80,0xfc,0x5c,0x41,0x9d,
-	0x21,0x6d,0x7f,0x12,0x6b,0x54,0xb1,0x04,0x0f,0x87,
-	0x15,0xd7,0xbf,0xc5,0x6b,0x13,0x81,0x80,0x88,0x1e,
-	0x86,0x16,0x66,0xd9,0xcf,0xa5,0x4e,0xe1,0xcf,0xa4,
-	0x4c,0x38,0xdd,0xf9,0x5d,0x5f,0x30,0xdf,0x0d,0x2b,
-	0xfa,0xa0,0x1f,0xb8,0xe3,0x3c,0x62,0xff,0x13,0xf0,
-	0x61,0xc1,0xcd,0x3c,0xb7,0xc3,0xf7,0xec,0x91,0xcf,
-	0x7c,0x4e,0x11,0x4e,0x96,0x7e,0xe5,0x6c,0x9e,0x1b,
-	0xbe,0x3f,0x71,0xc5,0xb1,0xe6,0xeb,0x7e,0xa3,0x97,
-	0xc1,0xd6,0x1b,0x48,0x4f,0x84,0xaf,0x69,0xc2,0x96,
-	0xed,0xbc,0x81,0xdf,0x5f,0xc6,0xda,0xd3,0x25,0x2d,
-	0xc6,0x9f,0x62,0xd2,0x1c,0xef,0xcb,0x0a,0x75,0xd0,
-	0x23,0x1c,0x3b,0x88,0x22,0x70,0x08,0x05,0x46,0xed,
-	0x8a,0xda,0x45,0x94,0x8d,0x0d,0x9b,0x61,0xf3,0x07,
-	0xdc,0x81,0xaa,0x3c,0xcc,0xad,0x06,0x24,0xd7,0xbc,
-	0x28,0x98,0xb4,0x43,0xe3,0x9b,0x0f,0x93,0xa4,0x6e,
-	0x49,0xea,0x3a,0xe6,0x1e,0x56,0x5a,0xff,0x0c,0x93,
-	0x9e,0x9b,0x28,0x7e,0x63,0xb7,0x71,0x02,0x03,0x01,
-	0x00,0x01,0x02,0x82,0x01,0x00,0x34,0xd9,0x5c,0xb6,
-	0x5b,0x14,0xd3,0x3a,0x8a,0x96,0x09,0x43,0x70,0xd2,
-	0x04,0xe6,0x10,0xd3,0x6e,0xc9,0xc7,0x83,0x47,0x27,
-	0x1d,0xd8,0x22,0xf4,0xdb,0x0c,0xb7,0xd6,0xcd,0x6d,
-	0xb7,0xd1,0x6d,0x48,0xbf,0xcc,0x22,0x86,0x59,0xa7,
-	0xc3,0xac,0x28,0xe5,0xed,0x4b,0x37,0xcb,0x79,0xa9,
-	0xe0,0x3d,0x30,0x27,0x17,0x60,0xc4,0x09,0x02,0xc4,
-	0xd2,0xfd,0x66,0x7e,0x2f,0xbe,0x3b,0x15,0x83,0x1f,
-	0xa2,0xc6,0x63,0x0d,0x94,0x79,0x37,0x79,0x44,0xe1,
-	0x12,0x39,0x76,0x36,0x97,0x07,0xe9,0x41,0xfc,0x98,
-	0x48,0xc8,0x0e,0x24,0x13,0x4e,0x19,0x9f,0xee,0x50,
-	0x9b,0xe5,0xd8,0xbd,0x76,0xca,0xa2,0x05,0x1f,0xd7,
-	0xf9,0xe9,0x01,0xe0,0xef,0x70,0x4b,0x25,0x84,0x66,
-	0x96,0x09,0x0c,0x65,0x0f,0x0b,0xa8,0xd6,0xf5,0xc2,
-	0xe3,0xcb,0x3c,0x43,0x66,0xa4,0x15,0x36,0xa5,0xe2,
-	0x9d,0xe9,0xf7,0x32,0x10,0x0e,0x96,0x57,0xaa,0x84,
-	0xf9,0x4d,0x91,0x37,0x5a,0x80,0x01,0x05,0x63,0x1c,
-	0x6e,0xe6,0x8c,0xf7,0x70,0xc1,0x03,0x4f,0x5d,0xde,
-	0x19,0x90,0x1e,0x53,0x98,0xc9,0xc6,0x41,0x66,0xb0,
-	0xc2,0x6f,0x30,0xfe,0xb1,0x26,0x47,0x82,0x0a,0x7b,
-	0x50,0xf8,0x7c,0x88,0x13,0x4d,0x77,0xa0,0xd0,0xba,
-	0x60,0x87,0x21,0xdd,0x74,0xaa,0x32,0xdb,0xbe,0x23,
-	0xee,0x81,0xc0,0xca,0xc9,0x94,0x2f,0x75,0x78,0x08,
-	0xc4,0x04,0x4e,0x67,0x3c,0xb9,0x99,0xd5,0xe5,0xbc,
-	0x4d,0x6b,0x12,0x59,0xfe,0x55,0xff,0x28,0x0a,0x8d,
-	0x6c,0xb1,0xd3,0x23,0x7c,0x33,0x87,0x35,0xba,0x8c,
-	0xb3,0x51,0x02,0x81,0x81,0x00,0xcb,0xbc,0x6f,0x2c,
-	0xa4,0xbb,0x7b,0x51,0x0e,0xfe,0xdb,0x16,0x83,0x16,
-	0x91,0x4a,0xb9,0x31,0x42,0x81,0x8b,0x39,0x44,0x11,
-	0x8b,0x82,0x6f,0x19,0x58,0xd4,0xba,0x38,0x44,0x95,
-	0xec,0x99,0x32,0x4d,0x98,0xd7,0xad,0x3d,0xd1,0x00,
-	0xd4,0x1e,0x62,0x90,0xc4,0xac,0x65,0x29,0xb7,0x5c,
-	0x7c,0x54,0x55,0x33,0xb9,0x22,0x55,0x61,0xc8,0x08,
-	0xdd,0x5d,0x4d,0xc0,0x19,0xa6,0x89,0x3a,0x33,0x19,
-	0xc7,0x1d,0x43,0x16,0x9e,0x7e,0x47,0xce,0xe3,0xde,
-	0xbb,0x52,0x8d,0xcd,0xe3,0x6a,0xe3,0x79,0x9e,0x27,
-	0x0f,0x6d,0x3b,0x74,0x25,0x39,0xe7,0x87,0x3a,0xad,
-	0x98,0x82,0xfc,0xae,0x7d,0x53,0x41,0x79,0x7e,0xb6,
-	0xdc,0xc5,0x75,0x69,0x47,0xd5,0x83,0x26,0x56,0x32,
-	0xfb,0xdf,0x77,0x9d,0x02,0x81,0x81,0x00,0x99,0xb3,
-	0xb3,0x33,0x1e,0xea,0x65,0x5d,0x57,0x27,0x99,0xad,
-	0xd4,0xb7,0xb5,0x5e,0x6a,0x53,0x9d,0x60,0xe9,0x4f,
-	0xa5,0xd9,0x18,0x24,0x05,0x5b,0xda,0x9a,0x24,0xbe,
-	0xdc,0xb1,0xa9,0x2e,0x18,0xc6,0x54,0xb1,0xff,0x65,
-	0x8a,0xaa,0x2b,0x98,0xab,0x27,0x83,0xe6,0x33,0xf5,
-	0x97,0xa1,0x0b,0x09,0x68,0x98,0x0d,0xa2,0x85,0x06,
-	0x99,0x73,0xec,0x1c,0x6d,0x5c,0x9d,0x23,0x49,0xef,
-	0x05,0xea,0x92,0x99,0xeb,0x0b,0xe8,0x15,0xbc,0x87,
-	0xb3,0x30,0xbf,0x10,0xfe,0x99,0x3b,0xd6,0xe5,0x6c,
-	0x8b,0x58,0xa6,0xfb,0xae,0xe5,0x4f,0x10,0xb0,0x28,
-	0xea,0x85,0x5b,0x9b,0x08,0x38,0x75,0x56,0xc3,0xeb,
-	0x3b,0x47,0xea,0x60,0x86,0x77,0x9b,0x84,0xee,0xc1,
-	0x58,0x60,0x88,0x33,0x18,0xe5,0x02,0x81,0x80,0x17,
-	0x3a,0x74,0xb2,0x72,0x55,0xad,0xc9,0xa0,0x1c,0x0e,
-	0x7e,0x92,0x93,0x90,0x1d,0x24,0xe0,0x28,0xe4,0xfc,
-	0x2a,0x9b,0x48,0x24,0xcf,0xca,0x3a,0xe9,0x95,0xd7,
-	0x65,0x72,0xec,0x64,0xfd,0x52,0x6e,0xe6,0x6e,0x30,
-	0xa2,0x4b,0xa1,0xfc,0x8d,0x3a,0x4f,0xa7,0x1c,0xc0,
-	0xab,0xf0,0xeb,0xea,0x80,0xf2,0xf5,0xe2,0xb5,0xb7,
-	0x66,0x5e,0x98,0x24,0x24,0xef,0x28,0x67,0xc4,0x45,
-	0x01,0x0d,0xb2,0x72,0xb1,0x33,0x64,0xf0,0xcd,0x15,
-	0x02,0xd1,0x98,0x23,0x63,0x56,0x27,0x93,0x36,0x2c,
-	0x99,0x41,0x1e,0xd2,0xf3,0x71,0x43,0xdc,0xba,0xad,
-	0x5b,0x0d,0xa5,0x9d,0x2d,0xd2,0x01,0x52,0xe8,0x9b,
-	0x1e,0x6f,0x04,0x0a,0x47,0xb9,0x0b,0x37,0xd5,0x70,
-	0x0e,0x7e,0xe5,0x71,0x32,0x19,0x41,0x02,0x81,0x80,
-	0x23,0xc3,0x55,0x51,0xf2,0xc2,0x95,0x5d,0x57,0x97,
-	0x26,0x41,0xf5,0x39,0xdd,0xa0,0x9f,0x5a,0xdf,0x46,
-	0x9a,0x62,0xe6,0xf3,0x11,0x93,0xe8,0x0f,0x4c,0x59,
-	0x0b,0x6d,0xc1,0x8a,0x31,0x14,0x41,0xbd,0x7c,0x1d,
-	0x82,0x90,0x8c,0xe8,0x35,0x86,0xab,0x64,0x61,0x63,
-	0x61,0xf9,0xa6,0x13,0x59,0xaf,0x11,0xc0,0x37,0x83,
-	0xf6,0x31,0xe7,0xe8,0xba,0x2a,0x8f,0x23,0xba,0x88,
-	0x68,0x7e,0x8e,0x40,0xdb,0x65,0xa6,0xf4,0x39,0x47,
-	0x3d,0x7b,0xd1,0xac,0xe8,0xf8,0x3a,0x55,0x4b,0x40,
-	0x20,0x57,0xd6,0x40, 0x85,0x72,0x10,0x6a,0xd8,0xaf,
-	0xc8,0x5d,0x6c,0xdc,0x24,0xc9,0x78,0xeb,0x32,0x1a,
-	0x43,0x31,0xeb,0xb4,0x3b,0x0b,0xc4,0x9d,0xf5,0xf8,
-	0xc3,0x59,0x07,0x88,0x46,0x88,0xa5,0x25,0x02,0x81,
-	0x80,0x55,0xf5,0x12,0x2e,0x48,0xce,0xef,0xb3,0x1d,
-	0xbf,0xab,0x06,0xf7,0x09,0x8c,0xf0,0x1a,0xe9,0xfa,
-	0x01,0xf9,0x97,0xa4,0x57,0x6f,0x7a,0x73,0x63,0x2a,
-	0x57,0x30,0x97,0xce,0xf7,0xe5,0xd4,0x8c,0x35,0xa2,
-	0x12,0xb7,0xf3,0xf6,0x66,0x76,0x9e,0x90,0x3f,0xb4,
-	0x70,0x0f,0x99,0x7a,0xc9,0x36,0xcf,0x46,0x74,0x39,
-	0x91,0xf2,0x66,0xa2,0x55,0x19,0x1b,0x70,0xe3,0xd6,
-	0x9a,0x8b,0x94,0x79,0x18,0x8a,0x93,0xcf,0x27,0x2a,
-	0xc1,0xb3,0xda,0x51,0x52,0x9d,0x14,0xb7,0xc9,0x2e,
-	0x2f,0x75,0x6d,0xc9,0xdb,0x8f,0x69,0xa7,0xc9,0x5e,
-	0x1f,0x9d,0x3c,0x6e,0x1f,0xa4,0x08,0x33,0x0a,0x7a,
-	0xde,0x90,0x18,0xf2,0x43,0xf7,0x60,0x8b,0x51,0xa3,
-	0x50,0xf8,0x52,0xfc,0xed,0x5c,0x63,0xbc,0x1a,
+	0x30,0x82,0x04,0xa3,0x02,0x01,0x00,0x02,0x82,0x01,
+	0x01,0x00,0xc0,0xc0,0xce,0x3e,0x3c,0x53,0x67,0x3f,
+	0x4f,0xc5,0x2f,0xa4,0xc2,0x5a,0x2f,0x58,0xfd,0x27,
+	0x52,0x6a,0xe8,0xcf,0x4a,0x73,0x47,0x8d,0x25,0x0f,
+	0x5f,0x03,0x26,0x78,0xef,0xf0,0x22,0x12,0xd3,0xde,
+	0x47,0xb2,0x1c,0x0b,0x38,0x63,0x1a,0x6c,0x85,0x7a,
+	0x80,0xc6,0x8f,0xa0,0x41,0xaf,0x62,0xc4,0x67,0x32,
+	0x88,0xf8,0xa6,0x9c,0xf5,0x23,0x1d,0xe4,0xac,0x3f,
+	0x29,0xf9,0xec,0xe1,0x8b,0x26,0x03,0x2c,0xb2,0xab,
+	0xf3,0x7d,0xb5,0xca,0x49,0xc0,0x8f,0x1c,0xdf,0x33,
+	0x3a,0x60,0xda,0x3c,0xb0,0x16,0xf8,0xa9,0x12,0x8f,
+	0x64,0xac,0x23,0x0c,0x69,0x64,0x97,0x5d,0x99,0xd4,
+	0x09,0x83,0x9b,0x61,0xd3,0xac,0xf0,0xde,0xdd,0x5e,
+	0x9f,0x44,0x94,0xdb,0x3a,0x4d,0x97,0xe8,0x52,0x29,
+	0xf7,0xdb,0x94,0x07,0x45,0x90,0x78,0x1e,0x31,0x0b,
+	0x80,0xf7,0x57,0xad,0x1c,0x79,0xc5,0xcb,0x32,0xb0,
+	0xce,0xcd,0x74,0xb3,0xe2,0x94,0xc5,0x78,0x2f,0x34,
+	0x1a,0x45,0xf7,0x8c,0x52,0xa5,0xbc,0x8d,0xec,0xd1,
+	0x2f,0x31,0x3b,0xf0,0x49,0x59,0x5e,0x88,0x9d,0x15,
+	0x92,0x35,0x32,0xc1,0xe7,0x61,0xec,0x50,0x48,0x7c,
+	0xba,0x05,0xf9,0xf8,0xf8,0xa7,0x8c,0x83,0xe8,0x66,
+	0x5b,0xeb,0xfe,0xd8,0x4f,0xdd,0x6d,0x36,0xc0,0xb2,
+	0x90,0x0f,0xb8,0x52,0xf9,0x04,0x9b,0x40,0x2c,0x27,
+	0xd6,0x36,0x8e,0xc2,0x1b,0x44,0xf3,0x92,0xd5,0x15,
+	0x9e,0x9a,0xbc,0xf3,0x7d,0x03,0xd7,0x02,0x14,0x20,
+	0xe9,0x10,0x92,0xfd,0xf9,0xfc,0x8f,0xe5,0x18,0xe1,
+	0x95,0xcc,0x9e,0x60,0xa6,0xfa,0x38,0x4d,0x02,0x03,
+	0x01,0x00,0x01,0x02,0x82,0x01,0x00,0x00,0xc3,0xc3,
+	0x0d,0xb4,0x27,0x90,0x8d,0x4b,0xbf,0xb8,0x84,0xaa,
+	0xd0,0xb8,0xc7,0x5d,0x99,0xbe,0x55,0xf6,0x3e,0x7c,
+	0x49,0x20,0xcb,0x8a,0x8e,0x19,0x0e,0x66,0x24,0xac,
+	0xaf,0x03,0x33,0x97,0xeb,0x95,0xd5,0x3b,0x0f,0x40,
+	0x56,0x04,0x50,0xd1,0xe6,0xbe,0x84,0x0b,0x25,0xd3,
+	0x9c,0xe2,0x83,0x6c,0xf5,0x62,0x5d,0xba,0x2b,0x7d,
+	0x3d,0x7a,0x6c,0xe1,0xd2,0x0e,0x54,0x93,0x80,0x01,
+	0x91,0x51,0x09,0xe8,0x5b,0x8e,0x47,0xbd,0x64,0xe4,
+	0x0e,0x03,0x83,0x55,0xcf,0x5a,0x37,0xf0,0x25,0xb5,
+	0x7d,0x21,0xd7,0x69,0xdf,0x6f,0xc2,0xcf,0x10,0xc9,
+	0x8a,0x40,0x9f,0x7a,0x70,0xc0,0xe8,0xe8,0xc0,0xe6,
+	0x9a,0x15,0x0a,0x8d,0x4e,0x46,0xcb,0x7a,0xdb,0xb3,
+	0xcb,0x83,0x02,0xc4,0xf0,0xab,0xeb,0x02,0x01,0x0e,
+	0x23,0xfc,0x1d,0xc4,0xbd,0xd4,0xaa,0x5d,0x31,0x46,
+	0x99,0xce,0x9e,0xf8,0x04,0x75,0x10,0x67,0xc4,0x53,
+	0x47,0x44,0xfa,0xc2,0x25,0x73,0x7e,0xd0,0x8e,0x59,
+	0xd1,0xb2,0x5a,0xf4,0xc7,0x18,0x92,0x2f,0x39,0xab,
+	0xcd,0xa3,0xb5,0xc2,0xb9,0xc7,0xb9,0x1b,0x9f,0x48,
+	0xfa,0x13,0xc6,0x98,0x4d,0xca,0x84,0x9c,0x06,0xca,
+	0xe7,0x89,0x01,0x04,0xc4,0x6c,0xfd,0x29,0x59,0x35,
+	0xe7,0xf3,0xdd,0xce,0x64,0x59,0xbf,0x21,0x13,0xa9,
+	0x9f,0x0e,0xc5,0xff,0xbd,0x33,0x00,0xec,0xac,0x6b,
+	0x11,0xef,0x51,0x5e,0xad,0x07,0x15,0xde,0xb8,0x5f,
+	0xc6,0xb9,0xa3,0x22,0x65,0x46,0x83,0x14,0xdf,0xd0,
+	0xf1,0x44,0x8a,0xe1,0x9c,0x23,0x33,0xb4,0x97,0x33,
+	0xe6,0x6b,0x81,0x02,0x81,0x81,0x00,0xec,0x12,0xa7,
+	0x59,0x74,0x6a,0xde,0x3e,0xad,0xd8,0x36,0x80,0x50,
+	0xa2,0xd5,0x21,0x81,0x07,0xf1,0xd0,0x91,0xf2,0x6c,
+	0x12,0x2f,0x9d,0x1a,0x26,0xf8,0x30,0x65,0xdf,0xe8,
+	0xc0,0x9b,0x6a,0x30,0x98,0x82,0x87,0xec,0xa2,0x56,
+	0x87,0x62,0x6f,0xe7,0x9f,0xf6,0x56,0xe6,0x71,0x8f,
+	0x49,0x86,0x93,0x5a,0x4d,0x34,0x58,0xfe,0xd9,0x04,
+	0x13,0xaf,0x79,0xb7,0xad,0x11,0xd1,0x30,0x9a,0x14,
+	0x06,0xa0,0xfa,0xb7,0x55,0xdc,0x6c,0x5a,0x4c,0x2c,
+	0x59,0x56,0xf6,0xe8,0x9d,0xaf,0x0a,0x78,0x99,0x06,
+	0x06,0x9e,0xe7,0x9c,0x51,0x55,0x43,0xfc,0x3b,0x6c,
+	0x0b,0xbf,0x2d,0x41,0xa7,0xaf,0xb7,0xe0,0xe8,0x28,
+	0x18,0xb4,0x13,0xd1,0xe6,0x97,0xd0,0x9f,0x6a,0x80,
+	0xca,0xdd,0x1a,0x7e,0x15,0x02,0x81,0x81,0x00,0xd1,
+	0x06,0x0c,0x1f,0xe3,0xd0,0xab,0xd6,0xca,0x7c,0xbc,
+	0x7d,0x13,0x35,0xce,0x27,0xcd,0xd8,0x49,0x51,0x63,
+	0x64,0x0f,0xca,0x06,0x12,0xfc,0x07,0x3e,0xaf,0x61,
+	0x6d,0xe2,0x53,0x39,0x27,0xae,0xc3,0x11,0x9e,0x94,
+	0x01,0x4f,0xe3,0xf3,0x67,0xf9,0x77,0xf9,0xe7,0x95,
+	0x3a,0x6f,0xe2,0x20,0x73,0x3e,0xa4,0x7a,0x28,0xd4,
+	0x61,0x97,0xf6,0x17,0xa0,0x23,0x10,0x2b,0xce,0x84,
+	0x57,0x7e,0x25,0x1f,0xf4,0xa8,0x54,0xd2,0x65,0x94,
+	0xcc,0x95,0x0a,0xab,0x30,0xc1,0x59,0x1f,0x61,0x8e,
+	0xb9,0x6b,0xd7,0x4e,0xb9,0x83,0x43,0x79,0x85,0x11,
+	0xbc,0x0f,0xae,0x25,0x20,0x05,0xbc,0xd2,0x48,0xa1,
+	0x68,0x09,0x84,0xf6,0x12,0x9a,0x66,0xb9,0x2b,0xbb,
+	0x76,0x03,0x17,0x46,0x4e,0x97,0x59,0x02,0x81,0x80,
+	0x09,0x4c,0xfa,0xd6,0xe5,0x65,0x48,0x78,0x43,0xb5,
+	0x1f,0x00,0x93,0x2c,0xb7,0x24,0xe8,0xc6,0x7d,0x5a,
+	0x70,0x45,0x92,0xc8,0x6c,0xa3,0xcd,0xe1,0xf7,0x29,
+	0x40,0xfa,0x3f,0x5b,0x47,0x44,0x39,0xc1,0xe8,0x72,
+	0x9e,0x7a,0x0e,0xda,0xaa,0xa0,0x2a,0x09,0xfd,0x54,
+	0x93,0x23,0xaa,0x37,0x85,0x5b,0xcc,0xd4,0xf9,0xd8,
+	0xff,0xc1,0x61,0x0d,0xbd,0x7e,0x18,0x24,0x73,0x6d,
+	0x40,0x72,0xf1,0x93,0x09,0x48,0x97,0x6c,0x84,0x90,
+	0xa8,0x46,0x14,0x01,0x39,0x11,0xe5,0x3c,0x41,0x27,
+	0x32,0x75,0x24,0xed,0xa1,0xd9,0x12,0x29,0x8a,0x28,
+	0x71,0x89,0x8d,0xca,0x30,0xb0,0x01,0xc4,0x2f,0x82,
+	0x19,0x14,0x4c,0x70,0x1c,0xb8,0x23,0x2e,0xe8,0x90,
+	0x49,0x97,0x92,0x97,0x6b,0x7a,0x9d,0xb9,0x02,0x81,
+	0x80,0x0f,0x0e,0xa1,0x76,0xf6,0xa1,0x44,0x8f,0xaf,
+	0x7c,0x76,0xd3,0x87,0xbb,0xbb,0x83,0x10,0x88,0x01,
+	0x18,0x14,0xd1,0xd3,0x75,0x59,0x24,0xaa,0xf5,0x16,
+	0xa5,0xe9,0x9d,0xd1,0xcc,0xee,0xf4,0x15,0xd9,0xc5,
+	0x7e,0x27,0xe9,0x44,0x49,0x06,0x72,0xb9,0xfc,0xd3,
+	0x8a,0xc4,0x2c,0x36,0x7d,0x12,0x9b,0x5a,0xaa,0xdc,
+	0x85,0xee,0x6e,0xad,0x54,0xb3,0xf4,0xfc,0x31,0xa1,
+	0x06,0x3a,0x70,0x57,0x0c,0xf3,0x95,0x5b,0x3e,0xe8,
+	0xfd,0x1a,0x4f,0xf6,0x78,0x93,0x46,0x6a,0xd7,0x31,
+	0xb4,0x84,0x64,0x85,0x09,0x38,0x89,0x92,0x94,0x1c,
+	0xbf,0xe2,0x3c,0x2a,0xe0,0xff,0x99,0xa3,0xf0,0x2b,
+	0x31,0xc2,0x36,0xcd,0x60,0xbf,0x9d,0x2d,0x74,0x32,
+	0xe8,0x9c,0x93,0x6e,0xbb,0x91,0x7b,0xfd,0xd9,0x02,
+	0x81,0x81,0x00,0xa2,0x71,0x25,0x38,0xeb,0x2a,0xe9,
+	0x37,0xcd,0xfe,0x44,0xce,0x90,0x3f,0x52,0x87,0x84,
+	0x52,0x1b,0xae,0x8d,0x22,0x94,0xce,0x38,0xe6,0x04,
+	0x88,0x76,0x85,0x9a,0xd3,0x14,0x09,0xe5,0x69,0x9a,
+	0xff,0x58,0x92,0x02,0x6a,0x7d,0x7c,0x1e,0x2c,0xfd,
+	0xa8,0xca,0x32,0x14,0x4f,0x0d,0x84,0x0d,0x37,0x43,
+	0xbf,0xe4,0x5d,0x12,0xc8,0x24,0x91,0x27,0x8d,0x46,
+	0xd9,0x54,0x53,0xe7,0x62,0x71,0xa8,0x2b,0x71,0x41,
+	0x8d,0x75,0xf8,0x3a,0xa0,0x61,0x29,0x46,0xa6,0xe5,
+	0x82,0xfa,0x3a,0xd9,0x08,0xfa,0xfc,0x63,0xfd,0x6b,
+	0x30,0xbc,0xf4,0x4e,0x9e,0x8c,0x25,0x0c,0xb6,0x55,
+	0xe7,0x3c,0xd4,0x4e,0x0b,0xfd,0x8b,0xc3,0x0e,0x1d,
+	0x9c,0x44,0x57,0x8f,0x1f,0x86,0xf7,0xd5,0x1b,0xe4,
+	0x95,
 	};
 
 static unsigned char test4096[]={
-	0x30,0x82,0x09,0x28,0x02,0x01,0x00,0x02,0x82,0x02,
-	0x01,0x00,0x92,0x1f,0x39,0xc3,0x7c,0xc2,0xfe,0x5c,
-	0x2c,0x83,0x5d,0x08,0x5e,0x76,0xe6,0x53,0x30,0x86,
-	0x47,0x62,0xe9,0x21,0x22,0x2c,0xeb,0x3b,0xe5,0xb3,
-	0x30,0xbf,0x1c,0x37,0x23,0xe2,0x4b,0x27,0xf2,0x8c,
-	0x6a,0x8c,0xcb,0x54,0xf0,0x47,0x91,0xbc,0x3b,0x41,
-	0x6d,0xa6,0xe3,0x9b,0x25,0x3e,0x2f,0x3d,0x8e,0x67,
-	0x9d,0xe9,0x2b,0x7d,0xcd,0x39,0xf5,0xc9,0x2b,0xd0,
-	0xe5,0xe6,0xe7,0x62,0x1e,0x6c,0xe1,0x8f,0xc2,0xa3,
-	0xc9,0x02,0x11,0xf3,0x51,0x63,0x27,0x25,0x82,0x01,
-	0xaa,0x0a,0x68,0x6d,0x4c,0x02,0x5c,0xaf,0xb1,0x72,
-	0xb5,0xf4,0x53,0x43,0xb1,0x90,0x28,0x1b,0x54,0xdd,
-	0xfd,0x57,0x36,0xac,0xf8,0x44,0x34,0x7a,0x85,0x66,
-	0x37,0x62,0xe9,0x80,0xd2,0xe2,0xdc,0xa0,0xe8,0x76,
-	0x09,0x6d,0xc1,0x38,0xac,0x55,0x57,0x44,0xbe,0x0e,
-	0x81,0x0d,0x81,0x63,0xb7,0x73,0xd7,0xbf,0x5d,0x84,
-	0x2f,0x31,0xdc,0x79,0x69,0xf5,0xa9,0x7e,0x60,0x5b,
-	0xc1,0x92,0x26,0xb1,0xf0,0xdf,0x0c,0xe4,0x76,0xf7,
-	0xa3,0x68,0x79,0x9f,0x14,0x5c,0x52,0x97,0x21,0x76,
-	0xd7,0x19,0x8b,0x47,0xc0,0xb6,0x36,0x01,0xa8,0x73,
-	0x54,0xfc,0x61,0xd1,0x64,0x44,0xd3,0x36,0x4b,0xbe,
-	0xc8,0x26,0xcd,0x24,0xb5,0x35,0xdc,0x5a,0xe9,0x25,
-	0x26,0xb4,0x60,0x19,0x1f,0xc7,0x57,0x47,0xd6,0xf1,
-	0x5a,0xae,0xc8,0x16,0xfd,0xa8,0x85,0x0b,0x3a,0xbd,
-	0xd7,0x4c,0xfb,0xd1,0x75,0xa4,0x86,0x91,0x4a,0xb8,
-	0x0a,0x1b,0x83,0xe4,0xce,0x10,0xd2,0x2b,0xe3,0xe4,
-	0x87,0x8c,0xfd,0xb9,0xfb,0x8d,0xb6,0x70,0xa5,0x2b,
-	0xbe,0xe6,0x43,0x4c,0x44,0x09,0x6b,0xd6,0x5a,0xcc,
-	0x89,0x78,0xb7,0xd8,0xc9,0xa9,0x24,0xe9,0xa6,0x87,
-	0x2f,0xd4,0x3f,0xad,0x98,0x32,0x57,0x19,0xf0,0xdd,
-	0x65,0x2e,0x69,0x5f,0x83,0x24,0x3c,0xea,0xc0,0x36,
-	0x88,0xd2,0x1c,0x27,0x29,0x83,0x80,0xd0,0xdf,0xf1,
-	0x1e,0x2d,0x62,0x4c,0x24,0xb1,0xb8,0xa2,0x70,0xc7,
-	0xc5,0xdf,0x8d,0xea,0xf7,0xea,0xb8,0x68,0x99,0x7c,
-	0xd6,0xf0,0x3b,0x6b,0xb0,0xc5,0xb0,0x0c,0x96,0xfd,
-	0x07,0x46,0x5f,0xc8,0xde,0xb4,0x4f,0x7b,0x0f,0xd1,
-	0x71,0x1e,0x84,0x27,0x93,0x95,0xfc,0x7b,0x3f,0x3a,
-	0xf1,0xe9,0x82,0x4f,0x09,0xc0,0x79,0x35,0xb1,0xe4,
-	0x45,0x87,0x26,0xe7,0xf9,0x9a,0xcd,0x63,0x42,0x98,
-	0x9a,0xf8,0x11,0x20,0xf1,0x42,0xd2,0x31,0xdc,0x03,
-	0xb5,0xa9,0xeb,0x87,0x08,0x2a,0x76,0xb4,0xbf,0x0e,
-	0x5b,0xa9,0x52,0xd5,0x12,0xda,0x87,0xfa,0x01,0x23,
-	0x5b,0x78,0x97,0x73,0xcc,0xf8,0x0e,0xf0,0xde,0x34,
-	0x9f,0xb2,0xcd,0x8c,0x5a,0xce,0xd6,0x3f,0x17,0xe1,
-	0x45,0xd5,0xeb,0xab,0x6a,0x47,0x0f,0x3c,0x02,0xfb,
-	0xa5,0xcd,0x85,0x54,0x07,0x0b,0xba,0x74,0x16,0x87,
-	0x2e,0x9e,0xe5,0x2a,0x80,0x4c,0x27,0xc6,0x9e,0xe2,
-	0xfd,0x60,0xa7,0x89,0x13,0x3e,0x03,0x7f,0x55,0xf5,
-	0xd2,0x67,0xab,0x37,0x40,0xbf,0x33,0x03,0xe2,0xd1,
-	0x60,0xcb,0x48,0xae,0x80,0x30,0x87,0xf6,0xd8,0x34,
-	0xef,0x61,0xb3,0x9b,0x75,0x25,0x2a,0xe9,0xfa,0xb6,
-	0x08,0xbe,0xbf,0x80,0x63,0x46,0x77,0x89,0xe7,0x9c,
-	0xd0,0xe4,0x50,0xa9,0x02,0x03,0x01,0x00,0x01,0x02,
-	0x82,0x02,0x00,0x73,0xcb,0x78,0xfc,0x18,0xbf,0x71,
-	0xd0,0xdb,0x99,0x92,0x3d,0x12,0x97,0x08,0xb9,0x3e,
-	0x07,0xfb,0x44,0x3f,0xd8,0xf8,0xfb,0x3d,0xc2,0xee,
-	0xa9,0x8c,0xe4,0xb5,0xd8,0x60,0x80,0x70,0xec,0x8c,
-	0x42,0x88,0x21,0x60,0xf4,0xc3,0xa1,0x03,0xb5,0x76,
-	0x03,0xc8,0x80,0x6b,0x78,0x44,0x10,0x3e,0x61,0x7a,
-	0x9b,0x54,0x41,0x36,0x2c,0xf0,0x58,0x91,0x15,0x45,
-	0xba,0xba,0xa5,0xbc,0x11,0x3e,0x69,0x2c,0x6a,0xbf,
-	0x65,0x09,0xe2,0xb1,0x14,0xf0,0x17,0x32,0x2b,0x80,
-	0x16,0x0f,0x89,0x45,0xed,0xef,0x41,0x23,0xf0,0x3b,
-	0x1f,0xdb,0x5f,0x6e,0x28,0x83,0xea,0xe8,0x4d,0x98,
-	0x78,0x7e,0xce,0x01,0x4f,0x1b,0x42,0xf9,0x8f,0x6a,
-	0x6d,0x71,0x50,0xda,0x18,0x33,0x86,0x82,0x2e,0xa5,
-	0x68,0xfc,0xd9,0xd4,0x38,0x34,0x21,0x41,0x12,0x01,
-	0xc6,0xfe,0xb0,0x14,0x2c,0x50,0x71,0xe5,0xb4,0x09,
-	0xc8,0xb9,0x99,0xba,0xcd,0x20,0x92,0x04,0x2a,0x58,
-	0xf3,0xfd,0xb6,0xf3,0x21,0x29,0xef,0xa8,0x88,0xd8,
-	0x5a,0x30,0x4d,0x97,0xab,0xdf,0xf7,0xb5,0x9f,0x7c,
-	0x6e,0x6f,0xd1,0x17,0x55,0xda,0x3a,0xcb,0x1b,0x8f,
-	0x41,0x2e,0x44,0xfe,0xc3,0x6f,0xc1,0x36,0xdb,0x9d,
-	0x34,0xe7,0xea,0x0f,0xc1,0x9a,0x34,0xbf,0x95,0xef,
-	0x92,0x78,0x54,0x92,0x9e,0xf6,0x57,0x03,0x2c,0xb4,
-	0x01,0xf9,0xc9,0xee,0x58,0x81,0xd5,0x6c,0xf1,0x54,
-	0x30,0xa3,0x10,0xa7,0xb1,0xfa,0x97,0x51,0xe8,0x8b,
-	0x9c,0xc2,0xad,0xc1,0x5c,0xad,0x8c,0x18,0xf1,0x9d,
-	0x1c,0x39,0xeb,0x1a,0x1a,0xab,0x65,0x47,0x00,0x54,
-	0x89,0x4d,0xf4,0x22,0xaf,0x35,0x8a,0x2b,0x11,0x9d,
-	0x73,0xb3,0x48,0xf9,0xe9,0x9b,0x73,0xa8,0xeb,0x32,
-	0x4f,0xf2,0x33,0x5e,0xc8,0xc7,0xe3,0xdb,0xbf,0xcd,
-	0x8a,0x5b,0xbe,0x19,0x91,0xe1,0x34,0x2c,0x6a,0xd8,
-	0x56,0xe4,0x92,0x89,0x6f,0x9c,0xda,0x4d,0x9e,0xca,
-	0xd4,0x2d,0xbb,0x06,0x4b,0x77,0x79,0xe1,0x2e,0xab,
-	0x2e,0x14,0x0f,0xe3,0x6b,0xc6,0x44,0x18,0xdb,0xd0,
-	0x51,0xb4,0x72,0xf5,0x77,0x57,0xe8,0x9c,0xad,0x35,
-	0xb2,0x6c,0x24,0x8b,0x67,0xcc,0xc2,0x6a,0xfa,0xf0,
-	0xd4,0x40,0x19,0xf1,0x76,0x24,0x42,0x25,0x7b,0x5b,
-	0xe1,0x25,0xde,0xa4,0x4d,0x00,0xf1,0x80,0x02,0xd0,
-	0x09,0x48,0x65,0x76,0x8c,0xb3,0x2d,0xe2,0xad,0x87,
-	0x4f,0xbb,0x76,0xa9,0xac,0xa3,0x1d,0xb9,0x0d,0x4c,
-	0xb3,0xba,0xdf,0x62,0x91,0xb5,0x3b,0x00,0x11,0x2b,
-	0x6f,0x74,0x87,0x6d,0xe8,0xed,0x04,0xc4,0xc9,0xf4,
-	0xc9,0xa3,0xc7,0x0a,0xb8,0x80,0xd8,0x5d,0x30,0x4b,
-	0xdc,0x79,0x4a,0x5b,0xa4,0x7d,0xf5,0xb2,0x16,0x02,
-	0x48,0x6d,0x89,0x3a,0xb6,0x3f,0x2d,0x1f,0x91,0xaa,
-	0xd3,0xc8,0x54,0x17,0x5e,0xb3,0x59,0x05,0xb5,0xf3,
-	0xe5,0x2e,0xb1,0x41,0xd6,0x87,0xa5,0xcb,0xd1,0xeb,
-	0x03,0x35,0x7b,0x94,0x06,0x09,0xbb,0x7b,0x67,0x14,
-	0x83,0x65,0xa1,0x82,0x52,0x70,0xf8,0x3c,0xf2,0x21,
-	0xb7,0x26,0xa8,0xdd,0x56,0x75,0xc8,0xda,0xc8,0x05,
-	0x6f,0xba,0xea,0x6a,0x14,0x0f,0x13,0xc6,0x9d,0xea,
-	0xc3,0xb4,0x95,0x9b,0xc4,0x6b,0x35,0xbd,0x10,0xce,
-	0xb6,0xf6,0x07,0x72,0xbd,0x02,0x82,0x01,0x01,0x00,
-	0xcb,0x3c,0x4c,0xfb,0xcf,0xae,0xa9,0xb8,0x2a,0xcc,
-	0x31,0xa3,0x5d,0xce,0x43,0xbf,0xf9,0x93,0x18,0xcc,
-	0x17,0x50,0x67,0x7e,0x52,0x6c,0xd5,0xbf,0x3e,0xc2,
-	0x99,0x56,0xbc,0x7a,0x1a,0xc5,0x92,0x76,0xb3,0x38,
-	0xbf,0xf4,0xf8,0xae,0x41,0x17,0xb0,0x17,0x1b,0x1a,
-	0x4d,0x6b,0x3d,0x0c,0xc1,0x25,0x5c,0x54,0xa7,0x39,
-	0x2c,0x38,0x72,0x1f,0x0a,0xe9,0xd4,0x5b,0xa4,0x81,
-	0x5d,0xf1,0xc2,0xf7,0xd2,0x5c,0x4c,0x7e,0x24,0x02,
-	0x81,0xa1,0x3a,0xf5,0xd0,0x11,0x15,0x4e,0x03,0x3d,
-	0x82,0xfa,0xcd,0x32,0x89,0x10,0xe1,0x4f,0x47,0x32,
-	0x54,0xfc,0x95,0xf2,0x3a,0x58,0x8e,0xbb,0x9b,0xbf,
-	0x7c,0x5b,0xc0,0x73,0x25,0xdc,0x04,0xf6,0x98,0xc1,
-	0xed,0xa9,0x2a,0x6a,0x7b,0xc4,0x8d,0x2a,0x0f,0x51,
-	0xb3,0xa3,0x75,0x79,0x40,0x76,0xf6,0xbe,0xb2,0xd9,
-	0xc1,0x6e,0xb1,0xfa,0x96,0xd2,0xea,0x07,0xee,0xe9,
-	0xf2,0xdb,0x3f,0x20,0xdc,0xe0,0x63,0xdc,0x86,0x7f,
-	0xbb,0xfb,0x60,0x2f,0xc6,0xaf,0x5f,0x46,0x26,0x39,
-	0xcf,0xc4,0x10,0x60,0xf1,0x24,0x9b,0x49,0x5f,0x91,
-	0x3e,0xac,0x7a,0x53,0x3e,0x84,0x71,0xcd,0x9d,0x45,
-	0x3a,0x75,0x87,0x2c,0x96,0xfb,0x03,0xa5,0xc7,0x59,
-	0x9a,0xaa,0x99,0xcf,0x8e,0x89,0x3a,0xdc,0x26,0x06,
-	0xdf,0x14,0x6a,0x95,0xf7,0x88,0x72,0xcb,0x4e,0x91,
-	0xde,0xeb,0x14,0x23,0xac,0x58,0x69,0x84,0x2b,0xea,
-	0xdf,0xc8,0x35,0xb2,0x01,0x9d,0x7f,0xaa,0x73,0x51,
-	0xf5,0xc7,0x2e,0xba,0xa0,0xb4,0x49,0xb6,0x74,0xa3,
-	0x73,0x17,0xc2,0xfa,0xc8,0xf3,0x02,0x82,0x01,0x01,
-	0x00,0xb8,0x0e,0xf8,0x50,0x74,0x42,0x79,0x90,0xd0,
-	0x47,0x8d,0x48,0x2e,0x84,0x3b,0x30,0xe0,0x26,0x31,
-	0x95,0x54,0x34,0x93,0xa0,0x30,0xd5,0x03,0x50,0xb2,
-	0x19,0xbf,0xe8,0x22,0x1f,0xbe,0x40,0xec,0x94,0xd8,
-	0x21,0x17,0xaa,0x95,0xf9,0x62,0xa5,0xf5,0x25,0xd1,
-	0x72,0x36,0x22,0x67,0x94,0xcf,0xc0,0x06,0x22,0x93,
-	0x0d,0x6a,0x22,0xfe,0xff,0xb3,0xc2,0xde,0x8f,0x5f,
-	0x75,0x84,0xe4,0x88,0xf3,0xe4,0x04,0xbb,0x9c,0x6b,
-	0xb3,0x14,0x9d,0xb7,0xb4,0xa9,0x63,0x3f,0xdc,0xe8,
-	0x0c,0x05,0xa8,0x76,0xab,0xa1,0xbb,0x23,0x1d,0x6a,
-	0xcd,0x31,0xbc,0x19,0xb5,0x49,0xa1,0x71,0xee,0x93,
-	0x46,0x71,0xce,0xba,0xd2,0xa8,0x4e,0x08,0x8d,0x7b,
-	0x85,0x3d,0x77,0x46,0x9a,0x71,0x71,0xeb,0x03,0x5c,
-	0xd2,0x0f,0xb1,0xf4,0x78,0xb4,0xf4,0x8d,0xd4,0xd9,
-	0x9b,0x79,0x99,0xce,0x9b,0xa9,0x38,0xaa,0xd6,0x76,
-	0x9f,0x9c,0xb1,0xbd,0xd3,0x7c,0x18,0x54,0x62,0xbc,
-	0x54,0x2a,0x0f,0xef,0x76,0x39,0xd5,0x10,0x2f,0xbf,
-	0xc5,0x60,0x92,0x21,0x99,0x46,0xbc,0x36,0x65,0x0b,
-	0x31,0xb6,0x6f,0xa8,0x5d,0x8e,0x2f,0xf0,0xed,0x86,
-	0x8c,0xf2,0x2a,0x83,0xa7,0x34,0x11,0x06,0xd9,0x6f,
-	0xb3,0xf5,0x7b,0x31,0x45,0x17,0x5a,0xdc,0x22,0xc3,
-	0xe8,0xe1,0x89,0x78,0xde,0xae,0x49,0x1a,0x5f,0x4d,
-	0x06,0xf6,0xb5,0x23,0x66,0xe0,0x00,0xd6,0x37,0x8d,
-	0xb4,0x5b,0x67,0xb0,0xdb,0x7a,0x10,0x03,0x91,0x64,
-	0xa6,0xaa,0xc6,0x30,0x49,0x3c,0x81,0x72,0x57,0x9f,
-	0xd9,0x72,0xae,0xa9,0xce,0xa6,0xf3,0x02,0x82,0x01,
-	0x01,0x00,0xa3,0x69,0x55,0xe0,0xf6,0xe9,0x52,0xaf,
-	0xb1,0x41,0xc3,0xfb,0xbe,0x56,0x36,0x25,0x6a,0xef,
-	0xfa,0x75,0x47,0x9d,0xaf,0xc9,0x63,0x4e,0xfd,0x42,
-	0xab,0x9c,0xde,0x9c,0x5e,0x29,0xb3,0xd2,0xfe,0x64,
-	0x10,0xd0,0xe5,0x8f,0x7c,0x50,0xe8,0x27,0xba,0xbf,
-	0xa9,0x5c,0x29,0xb9,0xbb,0x39,0xc1,0x27,0x60,0x28,
-	0xf4,0xd8,0x44,0x95,0x12,0x35,0xa1,0x99,0xc7,0xd4,
-	0xf3,0xdd,0xcd,0x02,0xb2,0x28,0x7f,0x6d,0x15,0x58,
-	0x2b,0x6e,0x14,0x7a,0xe6,0x24,0x75,0xea,0xf6,0x7d,
-	0x66,0x9f,0x93,0xec,0x43,0x07,0x8a,0x2c,0x17,0x6d,
-	0x9e,0x2a,0x7b,0x29,0x29,0x0b,0xbe,0x1c,0x2c,0x8f,
-	0xee,0xb8,0x35,0xae,0xb4,0x7c,0x21,0x89,0xda,0x37,
-	0xc9,0x35,0xcc,0xf9,0x43,0x10,0xa1,0x79,0xb5,0xa3,
-	0x86,0xf3,0xc3,0x83,0xff,0xd5,0xc1,0x9e,0xa5,0xe1,
-	0x49,0x7f,0x4b,0x47,0xcd,0x35,0x57,0x06,0x39,0x84,
-	0xad,0x76,0x50,0x7e,0x37,0x31,0x1e,0x48,0x12,0x23,
-	0x63,0xc5,0xdb,0x09,0x51,0x1a,0xb9,0x1f,0x93,0x74,
-	0x9d,0x11,0xc8,0xdb,0xb5,0xeb,0xac,0x99,0x29,0x7f,
-	0x02,0xa7,0x8f,0x84,0x31,0x4b,0x33,0xae,0x5c,0xae,
-	0xdd,0xf0,0xa7,0x03,0x8e,0xef,0xac,0x6a,0x22,0x51,
-	0xae,0x8b,0x7e,0x90,0x03,0xe2,0x5e,0x92,0x3a,0xd0,
-	0x7e,0x86,0xf1,0xe1,0xc1,0x9d,0xd9,0x8d,0x4d,0xf7,
-	0xe8,0xb1,0xe3,0x52,0x93,0x3b,0xe7,0xbc,0xa3,0x02,
-	0xd2,0x29,0x25,0x4c,0x1e,0xd8,0x84,0xf1,0xf5,0x8f,
-	0xc0,0xef,0xba,0xb6,0x2f,0xfd,0x81,0x6f,0xd5,0x01,
-	0x2e,0xa1,0xa9,0xce,0x06,0x49,0x8d,0x3f,0x02,0x82,
-	0x01,0x00,0x16,0x9d,0x20,0x3d,0x22,0x4b,0x98,0x8c,
-	0x06,0x4b,0x04,0x3c,0xbe,0x1a,0x58,0xfb,0x64,0x4e,
-	0xcd,0x00,0xbf,0xdb,0xc5,0xd7,0x84,0xa8,0x67,0x43,
-	0xde,0xdd,0xf3,0x0a,0x1e,0x47,0x30,0x24,0xe1,0xec,
-	0x57,0xb1,0x99,0x2a,0xc8,0x4a,0x5f,0xa8,0x6c,0x3a,
-	0x3d,0x45,0x7f,0x09,0x33,0x18,0xc1,0x7d,0xa2,0x43,
-	0x55,0x35,0xec,0xb8,0x68,0x04,0x1a,0x9d,0xf2,0xa2,
-	0x42,0xe4,0x39,0x73,0xaa,0xaf,0xec,0x6f,0xf8,0x6c,
-	0xfb,0x7e,0x81,0x25,0xef,0x90,0x2e,0xcf,0x96,0xe5,
-	0x19,0x4d,0x80,0xd4,0x75,0xe0,0x18,0x7a,0xd9,0x91,
-	0x9f,0xb1,0x9e,0x4e,0xb2,0x09,0xe8,0x06,0x01,0xed,
-	0x82,0x02,0xc1,0xb0,0xd8,0x9b,0x51,0x3a,0x65,0x2a,
-	0x9c,0xe6,0x7d,0xea,0xcd,0xad,0xe4,0x0a,0x4f,0x09,
-	0x96,0xb9,0xe8,0x5b,0xc0,0xe1,0xa3,0xb9,0xf8,0x43,
-	0x12,0x89,0x5b,0xa3,0x5e,0x13,0x19,0xf3,0x70,0x69,
-	0xf1,0x21,0x23,0x2b,0x63,0x5b,0x3c,0x7f,0xf0,0xbe,
-	0x40,0xcd,0x46,0x6d,0xb6,0xca,0x1b,0xc8,0xe5,0xb8,
-	0x38,0x23,0x93,0xfd,0xe0,0x4a,0xe8,0xb9,0xef,0x24,
-	0xf2,0xff,0x24,0x9f,0x0b,0x5c,0x93,0x3f,0xa8,0xa6,
-	0x46,0x45,0xc2,0xeb,0x1e,0x49,0xc8,0xc7,0xde,0xc3,
-	0x90,0x49,0xd7,0xfb,0x4e,0xce,0x62,0x54,0x33,0x7f,
-	0xc1,0xfa,0x36,0xdb,0xa1,0x12,0x1a,0xef,0xb8,0x61,
-	0xc5,0x20,0xf9,0xe6,0xbf,0x76,0xc0,0x46,0xda,0x0a,
-	0xf1,0x4a,0x1b,0x80,0xdd,0xe5,0xd9,0x55,0x66,0x5a,
-	0xd2,0xb6,0xf7,0x7c,0x6a,0x2a,0x55,0x58,0xc2,0x27,
-	0xa9,0xe8,0x19,0x83,0x04,0x31,0xf3,0xa9,0x02,0x82,
-	0x01,0x00,0x5f,0x4d,0xd9,0x71,0x24,0x28,0x84,0xbd,
-	0x39,0x5a,0x17,0x19,0x78,0x0a,0x95,0x01,0xf7,0x42,
-	0x23,0x16,0xb9,0x86,0x51,0x4b,0xa0,0x59,0x0e,0x30,
-	0xf3,0xa2,0x61,0xbd,0x66,0x4e,0xa7,0x26,0xc0,0xdc,
-	0xa7,0x31,0x94,0x1e,0xc2,0x96,0x41,0xe6,0x91,0x4e,
-	0x6c,0x9a,0xcc,0x80,0xf4,0xb8,0x0a,0x06,0x58,0xb1,
-	0x20,0x16,0x89,0xb0,0xaa,0x2a,0x31,0x0c,0x7c,0xae,
-	0x79,0x1e,0x63,0x9a,0x3c,0x8c,0xc4,0x02,0x51,0x3a,
-	0x58,0x75,0xf7,0xb7,0x2c,0x02,0xc8,0x4c,0x8b,0x09,
-	0xd2,0x69,0xff,0xcd,0xa3,0x5d,0x9b,0x09,0x1c,0x27,
-	0xb5,0xc0,0xf0,0x0c,0xa7,0x54,0xc0,0xef,0x86,0x0b,
-	0x20,0x71,0x46,0x04,0xe4,0x02,0x82,0x7b,0xac,0x26,
-	0x80,0xc3,0xb1,0x22,0x19,0x6f,0xc6,0x3a,0xdd,0xdc,
-	0x68,0x3d,0x95,0x5c,0xff,0xc5,0xbf,0x0c,0xf1,0x8f,
-	0x5e,0xca,0x74,0xd0,0xf3,0xa9,0xe3,0x21,0x34,0x11,
-	0x11,0xd9,0xc1,0x91,0x65,0xc0,0xde,0x54,0x2e,0xb5,
-	0xac,0x17,0xb1,0x46,0x3f,0x8e,0xbe,0xbc,0x48,0x0c,
-	0x96,0x4f,0x48,0x13,0xd4,0x4e,0xb5,0xe4,0xc4,0xbe,
-	0x55,0xe8,0x7b,0x00,0x36,0x1b,0xd0,0x85,0x24,0xdb,
-	0x29,0xaf,0x76,0x82,0xb5,0x90,0xcb,0xb1,0xbd,0xb4,
-	0x45,0x57,0x61,0xcd,0x6e,0xa8,0x23,0xf2,0x7a,0x47,
-	0x4e,0x01,0x52,0x92,0x55,0x61,0xe5,0xd0,0x4e,0x0a,
-	0xe7,0x18,0x65,0xf1,0x33,0x2b,0x71,0xf3,0x4b,0x8b,
-	0xdb,0x28,0x63,0x65,0x9b,0x02,0x5d,0x00,0xc1,0xd1,
-	0x26,0x9d,0x2a,0x15,0x12,0xf2,0xc8,0xd9,0xb9,0x87,
-	0x56,0x2c,0xe7,0xa6,0x6d,0xc2,0xd7,0x6b,
+	0x30,0x82,0x09,0x29,0x02,0x01,0x00,0x02,0x82,0x02,
+	0x01,0x00,0xc0,0x71,0xac,0x1a,0x13,0x88,0x82,0x43,
+	0x3b,0x51,0x57,0x71,0x8d,0xb6,0x2b,0x82,0x65,0x21,
+	0x53,0x5f,0x28,0x29,0x4f,0x8d,0x7c,0x8a,0xb9,0x44,
+	0xb3,0x28,0x41,0x4f,0xd3,0xfa,0x6a,0xf8,0xb9,0x28,
+	0x50,0x39,0x67,0x53,0x2c,0x3c,0xd7,0xcb,0x96,0x41,
+	0x40,0x32,0xbb,0xeb,0x70,0xae,0x1f,0xb0,0x65,0xf7,
+	0x3a,0xd9,0x22,0xfd,0x10,0xae,0xbd,0x02,0xe2,0xdd,
+	0xf3,0xc2,0x79,0x3c,0xc6,0xfc,0x75,0xbb,0xaf,0x4e,
+	0x3a,0x36,0xc2,0x4f,0xea,0x25,0xdf,0x13,0x16,0x4b,
+	0x20,0xfe,0x4b,0x69,0x16,0xc4,0x7f,0x1a,0x43,0xa6,
+	0x17,0x1b,0xb9,0x0a,0xf3,0x09,0x86,0x28,0x89,0xcf,
+	0x2c,0xd0,0xd4,0x81,0xaf,0xc6,0x6d,0xe6,0x21,0x8d,
+	0xee,0xef,0xea,0xdc,0xb7,0xc6,0x3b,0x63,0x9f,0x0e,
+	0xad,0x89,0x78,0x23,0x18,0xbf,0x70,0x7e,0x84,0xe0,
+	0x37,0xec,0xdb,0x8e,0x9c,0x3e,0x6a,0x19,0xcc,0x99,
+	0x72,0xe6,0xb5,0x7d,0x6d,0xfa,0xe5,0xd3,0xe4,0x90,
+	0xb5,0xb2,0xb2,0x12,0x70,0x4e,0xca,0xf8,0x10,0xf8,
+	0xa3,0x14,0xc2,0x48,0x19,0xeb,0x60,0x99,0xbb,0x2a,
+	0x1f,0xb1,0x7a,0xb1,0x3d,0x24,0xfb,0xa0,0x29,0xda,
+	0xbd,0x1b,0xd7,0xa4,0xbf,0xef,0x60,0x2d,0x22,0xca,
+	0x65,0x98,0xf1,0xc4,0xe1,0xc9,0x02,0x6b,0x16,0x28,
+	0x2f,0xa1,0xaa,0x79,0x00,0xda,0xdc,0x7c,0x43,0xf7,
+	0x42,0x3c,0xa0,0xef,0x68,0xf7,0xdf,0xb9,0x69,0xfb,
+	0x8e,0x01,0xed,0x01,0x42,0xb5,0x4e,0x57,0xa6,0x26,
+	0xb8,0xd0,0x7b,0x56,0x6d,0x03,0xc6,0x40,0x8c,0x8c,
+	0x2a,0x55,0xd7,0x9c,0x35,0x00,0x94,0x93,0xec,0x03,
+	0xeb,0x22,0xef,0x77,0xbb,0x79,0x13,0x3f,0x15,0xa1,
+	0x8f,0xca,0xdf,0xfd,0xd3,0xb8,0xe1,0xd4,0xcc,0x09,
+	0x3f,0x3c,0x2c,0xdb,0xd1,0x49,0x7f,0x38,0x07,0x83,
+	0x6d,0xeb,0x08,0x66,0xe9,0x06,0x44,0x12,0xac,0x95,
+	0x22,0x90,0x23,0x67,0xd4,0x08,0xcc,0xf4,0xb7,0xdc,
+	0xcc,0x87,0xd4,0xac,0x69,0x35,0x4c,0xb5,0x39,0x36,
+	0xcd,0xa4,0xd2,0x95,0xca,0x0d,0xc5,0xda,0xc2,0xc5,
+	0x22,0x32,0x28,0x08,0xe3,0xd2,0x8b,0x38,0x30,0xdc,
+	0x8c,0x75,0x4f,0x6a,0xec,0x7a,0xac,0x16,0x3e,0xa8,
+	0xd4,0x6a,0x45,0xe1,0xa8,0x4f,0x2e,0x80,0x34,0xaa,
+	0x54,0x1b,0x02,0x95,0x7d,0x8a,0x6d,0xcc,0x79,0xca,
+	0xf2,0xa4,0x2e,0x8d,0xfb,0xfe,0x15,0x51,0x10,0x0e,
+	0x4d,0x88,0xb1,0xc7,0xf4,0x79,0xdb,0xf0,0xb4,0x56,
+	0x44,0x37,0xca,0x5a,0xc1,0x8c,0x48,0xac,0xae,0x48,
+	0x80,0x83,0x01,0x3f,0xde,0xd9,0xd3,0x2c,0x51,0x46,
+	0xb1,0x41,0xb6,0xc6,0x91,0x72,0xf9,0x83,0x55,0x1b,
+	0x8c,0xba,0xf3,0x73,0xe5,0x2c,0x74,0x50,0x3a,0xbe,
+	0xc5,0x2f,0xa7,0xb2,0x6d,0x8c,0x9e,0x13,0x77,0xa3,
+	0x13,0xcd,0x6d,0x8c,0x45,0xe1,0xfc,0x0b,0xb7,0x69,
+	0xe9,0x27,0xbc,0x65,0xc3,0xfa,0x9b,0xd0,0xef,0xfe,
+	0xe8,0x1f,0xb3,0x5e,0x34,0xf4,0x8c,0xea,0xfc,0xd3,
+	0x81,0xbf,0x3d,0x30,0xb2,0xb4,0x01,0xe8,0x43,0x0f,
+	0xba,0x02,0x23,0x42,0x76,0x82,0x31,0x73,0x91,0xed,
+	0x07,0x46,0x61,0x0d,0x39,0x83,0x40,0xce,0x7a,0xd4,
+	0xdb,0x80,0x2c,0x1f,0x0d,0xd1,0x34,0xd4,0x92,0xe3,
+	0xd4,0xf1,0xc2,0x01,0x02,0x03,0x01,0x00,0x01,0x02,
+	0x82,0x02,0x01,0x00,0x97,0x6c,0xda,0x6e,0xea,0x4f,
+	0xcf,0xaf,0xf7,0x4c,0xd9,0xf1,0x90,0x00,0x77,0xdb,
+	0xf2,0x97,0x76,0x72,0xb9,0xb7,0x47,0xd1,0x9c,0xdd,
+	0xcb,0x4a,0x33,0x6e,0xc9,0x75,0x76,0xe6,0xe4,0xa5,
+	0x31,0x8c,0x77,0x13,0xb4,0x29,0xcd,0xf5,0x52,0x17,
+	0xef,0xf3,0x08,0x00,0xe3,0xbd,0x2e,0xbc,0xd4,0x52,
+	0x88,0xe9,0x30,0x75,0x0b,0x02,0xf5,0xcd,0x89,0x0c,
+	0x6c,0x57,0x19,0x27,0x3d,0x1e,0x85,0xb4,0xc1,0x2f,
+	0x1d,0x92,0x00,0x5c,0x76,0x29,0x4b,0xa4,0xe1,0x12,
+	0xb3,0xc8,0x09,0xfe,0x0e,0x78,0x72,0x61,0xcb,0x61,
+	0x6f,0x39,0x91,0x95,0x4e,0xd5,0x3e,0xc7,0x8f,0xb8,
+	0xf6,0x36,0xfe,0x9c,0x93,0x9a,0x38,0x25,0x7a,0xf4,
+	0x4a,0x12,0xd4,0xa0,0x13,0xbd,0xf9,0x1d,0x12,0x3e,
+	0x21,0x39,0xfb,0x72,0xe0,0x05,0x3d,0xc3,0xe5,0x50,
+	0xa8,0x5d,0x85,0xa3,0xea,0x5f,0x1c,0xb2,0x3f,0xea,
+	0x6d,0x03,0x91,0x55,0xd8,0x19,0x0a,0x21,0x12,0x16,
+	0xd9,0x12,0xc4,0xe6,0x07,0x18,0x5b,0x26,0xa4,0xae,
+	0xed,0x2b,0xb7,0xa6,0xed,0xf8,0xad,0xec,0x77,0xe6,
+	0x7f,0x4f,0x76,0x00,0xc0,0xfa,0x15,0x92,0xb4,0x2c,
+	0x22,0xc2,0xeb,0x6a,0xad,0x14,0x05,0xb2,0xe5,0x8a,
+	0x9e,0x85,0x83,0xcc,0x04,0xf1,0x56,0x78,0x44,0x5e,
+	0xde,0xe0,0x60,0x1a,0x65,0x79,0x31,0x23,0x05,0xbb,
+	0x01,0xff,0xdd,0x2e,0xb7,0xb3,0xaa,0x74,0xe0,0xa5,
+	0x94,0xaf,0x4b,0xde,0x58,0x0f,0x55,0xde,0x33,0xf6,
+	0xe3,0xd6,0x34,0x36,0x57,0xd6,0x79,0x91,0x2e,0xbe,
+	0x3b,0xd9,0x4e,0xb6,0x9d,0x21,0x5c,0xd3,0x48,0x14,
+	0x7f,0x4a,0xc4,0x60,0xa9,0x29,0xf8,0x53,0x7f,0x88,
+	0x11,0x2d,0xb5,0xc5,0x2d,0x6f,0xee,0x85,0x0b,0xf7,
+	0x8d,0x9a,0xbe,0xb0,0x42,0xf2,0x2e,0x71,0xaf,0x19,
+	0x31,0x6d,0xec,0xcd,0x6f,0x2b,0x23,0xdf,0xb4,0x40,
+	0xaf,0x2c,0x0a,0xc3,0x1b,0x7d,0x7d,0x03,0x1d,0x4b,
+	0xf3,0xb5,0xe0,0x85,0xd8,0xdf,0x91,0x6b,0x0a,0x69,
+	0xf7,0xf2,0x69,0x66,0x5b,0xf1,0xcf,0x46,0x7d,0xe9,
+	0x70,0xfa,0x6d,0x7e,0x75,0x4e,0xa9,0x77,0xe6,0x8c,
+	0x02,0xf7,0x14,0x4d,0xa5,0x41,0x8f,0x3f,0xc1,0x62,
+	0x1e,0x71,0x5e,0x38,0xb4,0xd6,0xe6,0xe1,0x4b,0xc2,
+	0x2c,0x30,0x83,0x81,0x6f,0x49,0x2e,0x96,0xe6,0xc9,
+	0x9a,0xf7,0x5d,0x09,0xa0,0x55,0x02,0xa5,0x3a,0x25,
+	0x23,0xd0,0x92,0xc3,0xa3,0xe3,0x0e,0x12,0x2f,0x4d,
+	0xef,0xf3,0x55,0x5a,0xbe,0xe6,0x19,0x86,0x31,0xab,
+	0x75,0x9a,0xd3,0xf0,0x2c,0xc5,0x41,0x92,0xd9,0x1f,
+	0x5f,0x11,0x8c,0x75,0x1c,0x63,0xd0,0x02,0x80,0x2c,
+	0x68,0xcb,0x93,0xfb,0x51,0x73,0x49,0xb4,0x60,0xda,
+	0xe2,0x26,0xaf,0xa9,0x46,0x12,0xb8,0xec,0x50,0xdd,
+	0x12,0x06,0x5f,0xce,0x59,0xe6,0xf6,0x1c,0xe0,0x54,
+	0x10,0xad,0xf6,0xcd,0x98,0xcc,0x0f,0xfb,0xcb,0x41,
+	0x14,0x9d,0xed,0xe4,0xb4,0x74,0x5f,0x09,0x60,0xc7,
+	0x12,0xf6,0x7b,0x3c,0x8f,0xa7,0x20,0xbc,0xe4,0xb1,
+	0xef,0xeb,0xa4,0x93,0xc5,0x06,0xca,0x9a,0x27,0x9d,
+	0x87,0xf3,0xde,0xca,0xe5,0xe7,0xf6,0x1c,0x01,0x65,
+	0x5b,0xfb,0x19,0x79,0x6e,0x08,0x26,0xc5,0xc8,0x28,
+	0x0e,0xb6,0x3b,0x07,0x08,0xc1,0x02,0x82,0x01,0x01,
+	0x00,0xe8,0x1c,0x73,0xa6,0xb8,0xe0,0x0e,0x6d,0x8d,
+	0x1b,0xb9,0x53,0xed,0x58,0x94,0xe6,0x1d,0x60,0x14,
+	0x5c,0x76,0x43,0xc4,0x58,0x19,0xc4,0x24,0xe8,0xbc,
+	0x1b,0x3b,0x0b,0x13,0x24,0x45,0x54,0x0e,0xcc,0x37,
+	0xf0,0xe0,0x63,0x7d,0xc3,0xf7,0xfb,0x81,0x74,0x81,
+	0xc4,0x0f,0x1a,0x21,0x48,0xaf,0xce,0xc1,0xc4,0x94,
+	0x18,0x06,0x44,0x8d,0xd3,0xd2,0x22,0x2d,0x2d,0x3e,
+	0x5a,0x31,0xdc,0x95,0x8e,0xf4,0x41,0xfc,0x58,0xc9,
+	0x40,0x92,0x17,0x5f,0xe3,0xda,0xac,0x9e,0x3f,0x1c,
+	0x2a,0x6b,0x58,0x5f,0x48,0x78,0x20,0xb1,0xaf,0x24,
+	0x9b,0x3c,0x20,0x8b,0x93,0x25,0x9e,0xe6,0x6b,0xbc,
+	0x13,0x42,0x14,0x6c,0x36,0x31,0xff,0x7a,0xd1,0xc1,
+	0x1a,0x26,0x14,0x7f,0xa9,0x76,0xa7,0x0c,0xf8,0xcc,
+	0xed,0x07,0x6a,0xd2,0xdf,0x62,0xee,0x0a,0x7c,0x84,
+	0xcb,0x49,0x90,0xb2,0x03,0x0d,0xa2,0x82,0x06,0x77,
+	0xf1,0xcd,0x67,0xf2,0x47,0x21,0x02,0x3f,0x43,0x21,
+	0xf0,0x46,0x30,0x62,0x51,0x72,0xb1,0xe7,0x48,0xc6,
+	0x67,0x12,0xcd,0x9e,0xd6,0x15,0xe5,0x21,0xed,0xfa,
+	0x8f,0x30,0xa6,0x41,0xfe,0xb6,0xfa,0x8f,0x34,0x14,
+	0x19,0xe8,0x11,0xf7,0xa5,0x77,0x3e,0xb7,0xf9,0x39,
+	0x07,0x8c,0x67,0x2a,0xab,0x7b,0x08,0xf8,0xb0,0x06,
+	0xa8,0xea,0x2f,0x8f,0xfa,0xcc,0xcc,0x40,0xce,0xf3,
+	0x70,0x4f,0x3f,0x7f,0xe2,0x0c,0xea,0x76,0x4a,0x35,
+	0x4e,0x47,0xad,0x2b,0xa7,0x97,0x5d,0x74,0x43,0x97,
+	0x90,0xd2,0xfb,0xd9,0xf9,0x96,0x01,0x33,0x05,0xed,
+	0x7b,0x03,0x05,0xad,0xf8,0x49,0x03,0x02,0x82,0x01,
+	0x01,0x00,0xd4,0x40,0x17,0x66,0x10,0x92,0x95,0xc8,
+	0xec,0x62,0xa9,0x7a,0xcb,0x93,0x8e,0xe6,0x53,0xd4,
+	0x80,0x48,0x27,0x4b,0x41,0xce,0x61,0xdf,0xbf,0x94,
+	0xa4,0x3d,0x71,0x03,0x0b,0xed,0x25,0x71,0x98,0xa4,
+	0xd6,0xd5,0x4a,0x57,0xf5,0x6c,0x1b,0xda,0x21,0x7d,
+	0x35,0x45,0xb3,0xf3,0x6a,0xd9,0xd3,0x43,0xe8,0x5c,
+	0x54,0x1c,0x83,0x1b,0xb4,0x5f,0xf2,0x97,0x24,0x2e,
+	0xdc,0x40,0xde,0x92,0x23,0x59,0x8e,0xbc,0xd2,0xa1,
+	0xf2,0xe0,0x4c,0xdd,0x0b,0xd1,0xe7,0xae,0x65,0xbc,
+	0xb5,0xf5,0x5b,0x98,0xe9,0xd7,0xc2,0xb7,0x0e,0x55,
+	0x71,0x0e,0x3c,0x0a,0x24,0x6b,0xa6,0xe6,0x14,0x61,
+	0x11,0xfd,0x33,0x42,0x99,0x2b,0x84,0x77,0x74,0x92,
+	0x91,0xf5,0x79,0x79,0xcf,0xad,0x8e,0x04,0xef,0x80,
+	0x1e,0x57,0xf4,0x14,0xf5,0x35,0x09,0x74,0xb2,0x13,
+	0x71,0x58,0x6b,0xea,0x32,0x5d,0xf3,0xd3,0x76,0x48,
+	0x39,0x10,0x23,0x84,0x9d,0xbe,0x92,0x77,0x4a,0xed,
+	0x70,0x3e,0x1a,0xa2,0x6c,0xb3,0x81,0x00,0xc3,0xc9,
+	0xe4,0x52,0xc8,0x24,0x88,0x0c,0x41,0xad,0x87,0x5a,
+	0xea,0xa3,0x7a,0x85,0x1c,0x5e,0x31,0x7f,0xc3,0x35,
+	0xc6,0xfa,0x10,0xc8,0x75,0x10,0xc4,0x96,0x99,0xe7,
+	0xfe,0x01,0xb4,0x74,0xdb,0xb4,0x11,0xc3,0xc8,0x8c,
+	0xf6,0xf7,0x3b,0x66,0x50,0xfc,0xdb,0xeb,0xca,0x47,
+	0x85,0x89,0xe1,0x65,0xd9,0x62,0x34,0x3c,0x70,0xd8,
+	0x2e,0xb4,0x2f,0x65,0x3c,0x4a,0xa6,0x2a,0xe7,0xc7,
+	0xd8,0x41,0x8f,0x8a,0x43,0xbf,0x42,0xf2,0x4d,0xbc,
+	0xfc,0x9e,0x27,0x95,0xfb,0x75,0xff,0xab,0x02,0x82,
+	0x01,0x00,0x41,0x2f,0x44,0x57,0x6d,0x12,0x17,0x5b,
+	0x32,0xc6,0xb7,0x6c,0x57,0x7a,0x8a,0x0e,0x79,0xef,
+	0x72,0xa8,0x68,0xda,0x2d,0x38,0xe4,0xbb,0x8d,0xf6,
+	0x02,0x65,0xcf,0x56,0x13,0xe1,0x1a,0xcb,0x39,0x80,
+	0xa6,0xb1,0x32,0x03,0x1e,0xdd,0xbb,0x35,0xd9,0xac,
+	0x43,0x89,0x31,0x08,0x90,0x92,0x5e,0x35,0x3d,0x7b,
+	0x9c,0x6f,0x86,0xcb,0x17,0xdd,0x85,0xe4,0xed,0x35,
+	0x08,0x8e,0xc1,0xf4,0x05,0xd8,0x68,0xc6,0x63,0x3c,
+	0xf7,0xff,0xf7,0x47,0x33,0x39,0xc5,0x3e,0xb7,0x0e,
+	0x58,0x35,0x9d,0x81,0xea,0xf8,0x6a,0x2c,0x1c,0x5a,
+	0x68,0x78,0x64,0x11,0x6b,0xc1,0x3e,0x4e,0x7a,0xbd,
+	0x84,0xcb,0x0f,0xc2,0xb6,0x85,0x1d,0xd3,0x76,0xc5,
+	0x93,0x6a,0x69,0x89,0x56,0x34,0xdc,0x4a,0x9b,0xbc,
+	0xff,0xa8,0x0d,0x6e,0x35,0x9c,0x60,0xa7,0x23,0x30,
+	0xc7,0x06,0x64,0x39,0x8b,0x94,0x89,0xee,0xba,0x7f,
+	0x60,0x8d,0xfa,0xb6,0x97,0x76,0xdc,0x51,0x4a,0x3c,
+	0xeb,0x3a,0x14,0x2c,0x20,0x60,0x69,0x4a,0x86,0xfe,
+	0x8c,0x21,0x84,0x49,0x54,0xb3,0x20,0xe1,0x01,0x7f,
+	0x58,0xdf,0x7f,0xb5,0x21,0x51,0x8c,0x47,0x9f,0x91,
+	0xeb,0x97,0x3e,0xf2,0x54,0xcf,0x16,0x46,0xf9,0xd9,
+	0xb6,0xe7,0x64,0xc9,0xd0,0x54,0xea,0x2f,0xa1,0xcf,
+	0xa5,0x7f,0x28,0x8d,0x84,0xec,0xd5,0x39,0x03,0x76,
+	0x5b,0x2d,0x8e,0x43,0xf2,0x01,0x24,0xc9,0x6f,0xc0,
+	0xf5,0x69,0x6f,0x7d,0xb5,0x85,0xd2,0x5f,0x7f,0x78,
+	0x40,0x07,0x7f,0x09,0x15,0xb5,0x1f,0x28,0x65,0x10,
+	0xe4,0x19,0xa8,0xc6,0x9e,0x8d,0xdc,0xcb,0x02,0x82,
+	0x01,0x00,0x13,0x01,0xee,0x56,0x80,0x93,0x70,0x00,
+	0x7f,0x52,0xd2,0x94,0xa1,0x98,0x84,0x4a,0x92,0x25,
+	0x4c,0x9b,0xa9,0x91,0x2e,0xc2,0x79,0xb7,0x5c,0xe3,
+	0xc5,0xd5,0x8e,0xc2,0x54,0x16,0x17,0xad,0x55,0x9b,
+	0x25,0x76,0x12,0x63,0x50,0x22,0x2f,0x58,0x58,0x79,
+	0x6b,0x04,0xe3,0xf9,0x9f,0x8f,0x04,0x41,0x67,0x94,
+	0xa5,0x1f,0xac,0x8a,0x15,0x9c,0x26,0x10,0x6c,0xf8,
+	0x19,0x57,0x61,0xd7,0x3a,0x7d,0x31,0xb0,0x2d,0x38,
+	0xbd,0x94,0x62,0xad,0xc4,0xfa,0x36,0x42,0x42,0xf0,
+	0x24,0x67,0x65,0x9d,0x8b,0x0b,0x7c,0x6f,0x82,0x44,
+	0x1a,0x8c,0xc8,0xc9,0xab,0xbb,0x4c,0x45,0xfc,0x7b,
+	0x38,0xee,0x30,0xe1,0xfc,0xef,0x8d,0xbc,0x58,0xdf,
+	0x2b,0x5d,0x0d,0x54,0xe0,0x49,0x4d,0x97,0x99,0x8f,
+	0x22,0xa8,0x83,0xbe,0x40,0xbb,0x50,0x2e,0x78,0x28,
+	0x0f,0x95,0x78,0x8c,0x8f,0x98,0x24,0x56,0xc2,0x97,
+	0xf3,0x2c,0x43,0xd2,0x03,0x82,0x66,0x81,0x72,0x5f,
+	0x53,0x16,0xec,0xb1,0xb1,0x04,0x5e,0x40,0x20,0x48,
+	0x7b,0x3f,0x02,0x97,0x6a,0xeb,0x96,0x12,0x21,0x35,
+	0xfe,0x1f,0x47,0xc0,0x95,0xea,0xc5,0x8a,0x08,0x84,
+	0x4f,0x5e,0x63,0x94,0x60,0x0f,0x71,0x5b,0x7f,0x4a,
+	0xec,0x4f,0x60,0xc6,0xba,0x4a,0x24,0xf1,0x20,0x8b,
+	0xa7,0x2e,0x3a,0xce,0x8d,0xe0,0x27,0x1d,0xb5,0x8e,
+	0xb4,0x21,0xc5,0xe2,0xa6,0x16,0x0a,0x51,0x83,0x55,
+	0x88,0xd1,0x30,0x11,0x63,0xd5,0xd7,0x8d,0xae,0x16,
+	0x12,0x82,0xc4,0x85,0x00,0x4e,0x27,0x83,0xa5,0x7c,
+	0x90,0x2e,0xe5,0xa2,0xa3,0xd3,0x4c,0x63,0x02,0x82,
+	0x01,0x01,0x00,0x86,0x08,0x98,0x98,0xa5,0x00,0x05,
+	0x39,0x77,0xd9,0x66,0xb3,0xcf,0xca,0xa0,0x71,0xb3,
+	0x50,0xce,0x3d,0xb1,0x93,0x95,0x35,0xc4,0xd4,0x2e,
+	0x90,0xdf,0x0f,0xfc,0x60,0xc1,0x94,0x68,0x61,0x43,
+	0xca,0x9a,0x23,0x4a,0x1e,0x45,0x72,0x99,0xb5,0x1e,
+	0x61,0x8d,0x77,0x0f,0xa0,0xbb,0xd7,0x77,0xb4,0x2a,
+	0x15,0x11,0x88,0x2d,0xb3,0x56,0x61,0x5e,0x6a,0xed,
+	0xa4,0x46,0x4a,0x3f,0x50,0x11,0xd6,0xba,0xb6,0xd7,
+	0x95,0x65,0x53,0xc3,0xa1,0x8f,0xe0,0xa3,0xf5,0x1c,
+	0xfd,0xaf,0x6e,0x43,0xd7,0x17,0xa7,0xd3,0x81,0x1b,
+	0xa4,0xdf,0xe0,0x97,0x8a,0x46,0x03,0xd3,0x46,0x0e,
+	0x83,0x48,0x4e,0xd2,0x02,0xcb,0xc0,0xad,0x79,0x95,
+	0x8c,0x96,0xba,0x40,0x34,0x11,0x71,0x5e,0xe9,0x11,
+	0xf9,0xc5,0x4a,0x5e,0x91,0x9d,0xf5,0x92,0x4f,0xeb,
+	0xc6,0x70,0x02,0x2d,0x3d,0x04,0xaa,0xe9,0x3a,0x8e,
+	0xd5,0xa8,0xad,0xf7,0xce,0x0d,0x16,0xb2,0xec,0x0a,
+	0x9c,0xf5,0x94,0x39,0xb9,0x8a,0xfc,0x1e,0xf9,0xcc,
+	0xf2,0x5f,0x21,0x31,0x74,0x72,0x6b,0x64,0xae,0x35,
+	0x61,0x8d,0x0d,0xcb,0xe7,0xda,0x39,0xca,0xf3,0x21,
+	0x66,0x0b,0x95,0xd7,0x0a,0x7c,0xca,0xa1,0xa9,0x5a,
+	0xe8,0xac,0xe0,0x71,0x54,0xaf,0x28,0xcf,0xd5,0x70,
+	0x89,0xe0,0xf3,0x9e,0x43,0x6c,0x8d,0x7b,0x99,0x01,
+	0x68,0x4d,0xa1,0x45,0x46,0x0c,0x43,0xbc,0xcc,0x2c,
+	0xdd,0xc5,0x46,0xc8,0x4e,0x0e,0xbe,0xed,0xb9,0x26,
+	0xab,0x2e,0xdb,0xeb,0x8f,0xff,0xdb,0xb0,0xc6,0x55,
+	0xaf,0xf8,0x2a,0x91,0x9d,0x50,0x44,0x21,0x17,
 	};
diff --git a/apps/verify.c b/apps/verify.c
index 809f4c43fa..8cd675ff0a 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -1,5 +1,5 @@
 /* apps/verify.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -97,7 +97,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	argc--;
 	argv++;
diff --git a/apps/version.c b/apps/version.c
index a84943329c..fcf1f08cfb 100644
--- a/apps/version.c
+++ b/apps/version.c
@@ -1,5 +1,5 @@
 /* apps/version.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -77,7 +77,7 @@ char **argv;
 
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	if (argc == 1) version=1;
 	for (i=1; i<argc; i++)
@@ -121,6 +121,7 @@ char **argv;
 #ifndef NO_BLOWFISH
 		printf("%s ",BF_options());
 #endif
+		printf("\n");
 		}
 	if (cflags)  printf("%s\n",SSLeay_version(SSLEAY_CFLAGS));
 end:
diff --git a/apps/x509.c b/apps/x509.c
index ec20654bad..f5e8be1068 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -1,5 +1,5 @@
 /* apps/x509.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -59,7 +59,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#ifdef WIN16
+#ifdef NO_STDIO
 #define APPS_WIN16
 #endif
 #include "apps.h"
@@ -344,7 +344,7 @@ bad:
 			}
 
 		if (infile == NULL)
-			BIO_set_fp(in,stdin,BIO_NOCLOSE);
+			BIO_set_fp(in,stdin,BIO_NOCLOSE|BIO_FP_TEXT);
 		else
 			{
 			if (BIO_read_filename(in,infile) <= 0)
@@ -416,7 +416,7 @@ bad:
 
 	if (!noout || text)
 		{
-		OBJ_create_and_add_object("2.99999.3",
+		OBJ_create("2.99999.3",
 			"SET.ex3","SET x509v3 extension 3");
 
 		out=BIO_new(BIO_s_file());
@@ -625,7 +625,7 @@ bad:
 
 				BIO_printf(bio_err,"Generating certificate request\n");
 
-				rq=X509_to_X509_REQ(x,pk);
+				rq=X509_to_X509_REQ(x,pk,EVP_md5());
 				EVP_PKEY_free(pk);
 				if (rq == NULL)
 					{
@@ -812,9 +812,11 @@ int days;
 	if (X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days) == NULL)
 		goto end;
 
-	/* don't save DSA parameters in child if parent has them. */
+	/* don't save DSA parameters in child if parent has them
+	 * and the parents and the childs are the same. */
 	upkey=X509_get_pubkey(x);
-	if (!EVP_PKEY_missing_parameters(pkey))
+	if (!EVP_PKEY_missing_parameters(pkey) &&
+		(EVP_PKEY_cmp_parameters(pkey,upkey) == 0))
 		{
 		EVP_PKEY_save_parameters(upkey,0);
 		/* Force a re-write */
diff --git a/bugs/alpha.c b/bugs/alpha.c
index 419379bb6e..701d6a7c74 100644
--- a/bugs/alpha.c
+++ b/bugs/alpha.c
@@ -1,5 +1,5 @@
 /* bugs/alpha.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/bugs/stream.c b/bugs/stream.c
index 155b7b9752..50a3884995 100644
--- a/bugs/stream.c
+++ b/bugs/stream.c
@@ -1,5 +1,5 @@
 /* bugs/stream.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/certs/ICE-CA.pem b/certs/ICE-CA.pem
new file mode 100644
index 0000000000..75652366c2
--- /dev/null
+++ b/certs/ICE-CA.pem
@@ -0,0 +1,59 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
+        Validity
+            Not Before: Apr  2 17:35:53 1997 GMT
+            Not After : Apr  2 17:35:53 1998 GMT
+        Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
+        Subject Public Key Info:
+            Public Key Algorithm: rsa
+            RSA Public Key: (512 bit)
+                Modulus (512 bit):
+                    00:82:75:ba:f6:d1:60:b5:f9:15:b3:6a:dd:29:8f:
+                    8b:a4:6f:1a:88:e0:50:43:40:0b:79:41:d5:d3:16:
+                    44:7d:74:65:17:42:06:52:0b:e9:50:c8:10:cd:24:
+                    e2:ae:8d:22:30:73:e6:b4:b7:93:1f:e5:6e:a2:ae:
+                    49:11:a5:c9:45
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Authority Key Identifier: 
+                0.........z.."p......e..
+            X509v3 Subject Key Identifier: 
+                ..~r..:..B.44fu......3
+            X509v3 Key Usage: critical
+                ....
+            X509v3 Certificate Policies: critical
+                0.0...*...
+            X509v3 Subject Alternative Name: 
+                0!..secude-support@darmstadt.gmd.de
+            X509v3 Issuer Alternative Name: 
+                0I..ice-tel-ca@darmstadt.gmd.de.*http://www.darmstadt.gmd.de/ice-tel/euroca
+            X509v3 Basic Constraints: critical
+                0....
+            X509v3 CRL Distribution Points: 
+                0200...,.*http://www.darmstadt.gmd.de/ice-tel/euroca
+    Signature Algorithm: md5WithRSAEncryption
+        17:a2:88:b7:99:5a:05:41:e4:13:34:67:e6:1f:3e:26:ec:4b:
+        69:f9:3e:28:22:be:9d:1c:ab:41:6f:0c:00:85:fe:45:74:f6:
+        98:f0:ce:9b:65:53:4a:50:42:c7:d4:92:bd:d7:a2:a8:3d:98:
+        88:73:cd:60:28:79:a3:fc:48:7a
+-----BEGIN CERTIFICATE-----
+MIICzDCCAnagAwIBAgIBATANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzU1M1oXDTk4MDQwMjE3MzU1M1owXDEhMB8G
+A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTESMBAGA1UEBxMJRGFybXN0YWR0MFkwCgYEVQgB
+AQICAgADSwAwSAJBAIJ1uvbRYLX5FbNq3SmPi6RvGojgUENAC3lB1dMWRH10ZRdC
+BlIL6VDIEM0k4q6NIjBz5rS3kx/lbqKuSRGlyUUCAwEAAaOCATgwggE0MB8GA1Ud
+IwQYMBaAFIr3yNUOx3ro1yJw4AuJ1bbsZbzPMB0GA1UdDgQWBBR+cvL4OoacQog0
+NGZ1w9T80aIRMzAOBgNVHQ8BAf8EBAMCAfYwFAYDVR0gAQH/BAowCDAGBgQqAwQF
+MCoGA1UdEQQjMCGBH3NlY3VkZS1zdXBwb3J0QGRhcm1zdGFkdC5nbWQuZGUwUgYD
+VR0SBEswSYEbaWNlLXRlbC1jYUBkYXJtc3RhZHQuZ21kLmRlhipodHRwOi8vd3d3
+LmRhcm1zdGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2EwDwYDVR0TAQH/BAUwAwEB
+/zA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vd3d3LmRhcm1zdGFkdC5nbWQuZGUv
+aWNlLXRlbC9ldXJvY2EwDQYJKoZIhvcNAQEEBQADQQAXooi3mVoFQeQTNGfmHz4m
+7Etp+T4oIr6dHKtBbwwAhf5FdPaY8M6bZVNKUELH1JK916KoPZiIc81gKHmj/Eh6
+-----END CERTIFICATE-----
diff --git a/certs/ICE-root.pem b/certs/ICE-root.pem
new file mode 100644
index 0000000000..fa991599c9
--- /dev/null
+++ b/certs/ICE-root.pem
@@ -0,0 +1,48 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 0 (0x0)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
+        Validity
+            Not Before: Apr  2 17:33:36 1997 GMT
+            Not After : Apr  2 17:33:36 1998 GMT
+        Subject: O=European ICE-TEL project, OU=V3-Certification Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsa
+            RSA Public Key: (512 bit)
+                Modulus (512 bit):
+                    00:80:3e:eb:ae:47:a9:fe:10:54:0b:81:8b:9c:2b:
+                    82:ab:3a:61:36:65:8b:f3:73:9f:ac:ac:7a:15:a7:
+                    13:8f:b4:c4:ba:a3:0f:bc:a5:58:8d:cc:b1:93:31:
+                    9e:81:9e:8c:19:61:86:fa:52:73:54:d1:97:76:22:
+                    e7:c7:9f:41:cd
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                ........z.."p......e..
+            X509v3 Key Usage: critical
+                ....
+            X509v3 Subject Alternative Name: 
+                0I.*http://www.darmstadt.gmd.de/ice-tel/euroca..ice-tel-ca@darmstadt.gmd.de
+            X509v3 Basic Constraints: critical
+                0....
+    Signature Algorithm: md5WithRSAEncryption
+        76:69:61:db:b7:cf:8b:06:9e:d8:8c:96:53:d2:4d:a8:23:a6:
+        03:44:e8:8f:24:a5:c0:84:a8:4b:77:d4:2d:2b:7d:37:91:67:
+        f2:2c:ce:02:31:4c:6b:cc:ce:f2:68:a6:11:11:ab:7d:88:b8:
+        7e:22:9f:25:06:60:bd:79:30:3d
+-----BEGIN CERTIFICATE-----
+MIICFjCCAcCgAwIBAgIBADANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzMzNloXDTk4MDQwMjE3MzMzNlowSDEhMB8G
+A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTBZMAoGBFUIAQECAgIAA0sAMEgCQQCAPuuuR6n+
+EFQLgYucK4KrOmE2ZYvzc5+srHoVpxOPtMS6ow+8pViNzLGTMZ6BnowZYYb6UnNU
+0Zd2IufHn0HNAgMBAAGjgZcwgZQwHQYDVR0OBBYEFIr3yNUOx3ro1yJw4AuJ1bbs
+ZbzPMA4GA1UdDwEB/wQEAwIB9jBSBgNVHREESzBJhipodHRwOi8vd3d3LmRhcm1z
+dGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2GBG2ljZS10ZWwtY2FAZGFybXN0YWR0
+LmdtZC5kZTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAdmlh27fP
+iwae2IyWU9JNqCOmA0TojySlwISoS3fULSt9N5Fn8izOAjFMa8zO8mimERGrfYi4
+fiKfJQZgvXkwPQ==
+-----END CERTIFICATE-----
diff --git a/certs/ICE-user.pem b/certs/ICE-user.pem
new file mode 100644
index 0000000000..28065fd37d
--- /dev/null
+++ b/certs/ICE-user.pem
@@ -0,0 +1,63 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
+        Validity
+            Not Before: Apr  2 17:35:59 1997 GMT
+            Not After : Apr  2 17:35:59 1998 GMT
+        Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt, CN=USER
+        Subject Public Key Info:
+            Public Key Algorithm: rsa
+            RSA Public Key: (512 bit)
+                Modulus (512 bit):
+                    00:a8:a8:53:63:49:1b:93:c3:c3:0b:6c:88:11:55:
+                    de:7e:6a:e2:f9:52:a0:dc:69:25:c4:c8:bf:55:e1:
+                    31:a8:ce:e4:a9:29:85:99:8a:15:9a:de:f6:2f:e1:
+                    b4:50:5f:5e:04:75:a6:f4:76:dc:3c:0e:39:dc:3a:
+                    be:3e:a4:61:8b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Authority Key Identifier: 
+                0...~r..:..B.44fu......3
+            X509v3 Subject Key Identifier: 
+                ...... .*...1.*.......
+            X509v3 Key Usage: critical
+                ....
+            X509v3 Certificate Policies: critical
+                0.0...*...0.......
+            X509v3 Subject Alternative Name: 
+                0:..user@darmstadt.gmd.de.!http://www.darmstadt.gmd.de/~user
+            X509v3 Issuer Alternative Name: 
+                0....gmdca@gmd.de..http://www.gmd.de..saturn.darmstadt.gmd.de.\1!0...U.
+..European ICE-TEL project1#0!..U....V3-Certification Authority1.0...U....Darmstadt..141.12.62.26
+            X509v3 Basic Constraints: critical
+                0.
+            X509v3 CRL Distribution Points: 
+                0.0.......gmdca@gmd.de
+    Signature Algorithm: md5WithRSAEncryption
+        69:0c:e1:b7:a7:f2:d8:fb:e8:69:c0:13:cd:37:ad:21:06:22:
+        4d:e8:c6:db:f1:04:0b:b7:e0:b3:d6:0c:81:03:ce:c3:6a:3e:
+        c7:e7:24:24:a4:92:64:c2:83:83:06:42:53:0e:6f:09:1e:84:
+        9a:f7:6f:63:9b:94:99:83:d6:a4
+-----BEGIN CERTIFICATE-----
+MIIDTzCCAvmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHQwHhcNOTcwNDAyMTczNTU5WhcN
+OTgwNDAyMTczNTU5WjBrMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2pl
+Y3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQH
+EwlEYXJtc3RhZHQxDTALBgNVBAMTBFVTRVIwWTAKBgRVCAEBAgICAANLADBIAkEA
+qKhTY0kbk8PDC2yIEVXefmri+VKg3GklxMi/VeExqM7kqSmFmYoVmt72L+G0UF9e
+BHWm9HbcPA453Dq+PqRhiwIDAQABo4IBmDCCAZQwHwYDVR0jBBgwFoAUfnLy+DqG
+nEKINDRmdcPU/NGiETMwHQYDVR0OBBYEFJfc4B8gjSoRmLUx4Sq/ucIYiMrPMA4G
+A1UdDwEB/wQEAwIB8DAcBgNVHSABAf8EEjAQMAYGBCoDBAUwBgYECQgHBjBDBgNV
+HREEPDA6gRV1c2VyQGRhcm1zdGFkdC5nbWQuZGWGIWh0dHA6Ly93d3cuZGFybXN0
+YWR0LmdtZC5kZS9+dXNlcjCBsQYDVR0SBIGpMIGmgQxnbWRjYUBnbWQuZGWGEWh0
+dHA6Ly93d3cuZ21kLmRlghdzYXR1cm4uZGFybXN0YWR0LmdtZC5kZaRcMSEwHwYD
+VQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHSHDDE0MS4xMi42
+Mi4yNjAMBgNVHRMBAf8EAjAAMB0GA1UdHwQWMBQwEqAQoA6BDGdtZGNhQGdtZC5k
+ZTANBgkqhkiG9w0BAQQFAANBAGkM4ben8tj76GnAE803rSEGIk3oxtvxBAu34LPW
+DIEDzsNqPsfnJCSkkmTCg4MGQlMObwkehJr3b2OblJmD1qQ=
+-----END CERTIFICATE-----
diff --git a/certs/ICE.crl b/certs/ICE.crl
new file mode 100644
index 0000000000..21939e8cc4
--- /dev/null
+++ b/certs/ICE.crl
@@ -0,0 +1,9 @@
+-----BEGIN X509 CRL-----
+MIIBNDCBnjANBgkqhkiG9w0BAQIFADBFMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0Ut
+VEVMIFByb2plY3QxIDAeBgNVBAsTF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05
+NzA2MDkxNDQyNDNaFw05NzA3MDkxNDQyNDNaMCgwEgIBChcNOTcwMzAzMTQ0MjU0
+WjASAgEJFw05NjEwMDIxMjI5MjdaMA0GCSqGSIb3DQEBAgUAA4GBAH4vgWo2Tej/
+i7kbiw4Imd30If91iosjClNpBFwvwUDBclPEeMuYimHbLOk4H8Nofc0fw11+U/IO
+KSNouUDcqG7B64oY7c4SXKn+i1MWOb5OJiWeodX3TehHjBlyWzoNMWCnYA8XqFP1
+mOKp8Jla1BibEZf14+/HqCi2hnZUiEXh
+-----END X509 CRL-----
diff --git a/config b/config
new file mode 100755
index 0000000000..0afbcccb1d
--- /dev/null
+++ b/config
@@ -0,0 +1,324 @@
+#!/bin/sh
+#
+# config - this is a merge of minarch and GuessOS from the Apache Group
+#          which then automatically runs Configure from SSLeay after
+#	   mapping the Apache names for OSs into SSLeay names
+#
+# 16-Sep-97 tjh		first cut of merged version
+#
+# Tim Hudson
+# tjh@cryptsoft.com
+#
+
+# Original Apache Group comments on GuessOS
+
+# Simple OS/Platform guesser. Similar to config.guess but
+# much, much smaller. Since it was developed for use with
+# Apache, it follows under Apache's regular licensing
+# with one specific addition: Any changes or additions
+# to this script should be Emailed to the Apache
+# group (apache@apache.org) in general and to
+# Jim Jagielski (jim@jaguNET.com) in specific.
+#
+# Be as similar to the output of config.guess/config.sub
+# as possible.
+
+# First get uname entries that we use below
+
+MACHINE=`(uname -m) 2>/dev/null` || MACHINE="unknown"
+RELEASE=`(uname -r) 2>/dev/null` || RELEASE="unknown"
+SYSTEM=`(uname -s) 2>/dev/null`  || SYSTEM="unknown"
+VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown"
+
+
+# Now test for ISC and SCO, since it is has a braindamaged uname.
+#
+# We need to work around FreeBSD 1.1.5.1 
+(
+XREL=`uname -X 2>/dev/null | grep "^Release" | awk '{print $3}'`
+if [ "x$XREL" != "x" ]; then
+    if [ -f /etc/kconfig ]; then
+	case "$XREL" in
+	    4.0|4.1)
+		    echo "${MACHINE}-whatever-isc4"; exit 0
+		;;
+	esac
+    else
+	case "$XREL" in
+	    3.2v4.2)
+		echo "whatever-whatever-sco3"; exit 0
+		;;
+	    3.2v5.0*)
+		echo "whatever-whatever-sco5"; exit 0
+		;;
+	    4.2MP)
+		if [ "x$VERSION" = "x2.1.1" ]; then
+		    echo "${MACHINE}-whatever-unixware211"; exit 0
+		else
+		    echo "${MACHINE}-whatever-unixware2"; exit 0
+		fi
+		;;
+	    4.2)
+		echo "whatever-whatever-unixware1"; exit 0
+		;;
+	esac
+    fi
+fi
+# Now we simply scan though... In most cases, the SYSTEM info is enough
+#
+case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
+    A/UX:*)
+	echo "m68k-apple-aux3"; exit 0
+	;;
+
+    AIX:*)
+	echo "${MACHINE}-ibm-aix"; exit 0
+	;;
+
+    dgux:*)
+	echo "${MACHINE}-dg-dgux"; exit 0
+	;;
+
+    HI-UX:*)
+	echo "${MACHINE}-hi-hiux"; exit 0
+	;;
+
+    HP-UX:*)
+	HPUXVER=`echo ${RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+	case "$HPUXVER" in
+	    10.*)
+		echo "${MACHINE}-hp-hpux10."; exit 0
+		;;
+	    *)
+		echo "${MACHINE}-hp-hpux"; exit 0
+		;;
+	esac
+	;;
+
+    IRIX:*)
+	echo "${MACHINE}-sgi-irix"; exit 0
+	;;
+
+    IRIX64:*)
+	echo "${MACHINE}-sgi-irix64"; exit 0
+	;;
+
+    Linux:[2-9].*)
+	echo "${MACHINE}-whatever-linux2"; exit 0
+	;;
+
+    Linux:1.*)
+	echo "${MACHINE}-whatever-linux1"; exit 0
+	;;
+
+    LynxOS:*)
+	echo "${MACHINE}-lynx-lynxos"; exit 0
+	;;
+
+    BSD/386:*:*:*486*|BSD/OS:*:*:*:*486*)
+	echo "i486-whatever-bsdi"; exit 0
+	;;
+
+    BSD/386:*|BSD/OS:*)
+	echo "${MACHINE}-whatever-bsdi"; exit 0
+	;;
+
+    FreeBSD:*:*:*486*)
+	echo "i486-whatever-freebsd"; exit 0
+	;;
+
+    FreeBSD:*)
+	echo "${MACHINE}-whatever-freebsd"; exit 0
+	;;
+
+    NetBSD:*:*:*486*)
+	echo "i486-whatever-netbsd"; exit 0
+	;;
+
+    NetBSD:*)
+	echo "${MACHINE}-whatever-netbsd"; exit 0
+	;;
+
+    OpenBSD:*)
+	echo "${MACHINE}-whatever-openbsd"; exit 0
+	;;
+
+    OSF1:*:*:*alpha*)
+	echo "${MACHINE}-dec-osf"; exit 0
+	;;
+
+    QNX:*)
+	case "$VERSION" in
+	    423)
+		echo "${MACHINE}-qssl-qnx32"
+		;;
+	    *)
+		echo "${MACHINE}-qssl-qnx"
+		;;
+	esac
+	exit 0
+	;;
+
+    Paragon*:*:*:*)
+	echo "i860-intel-osf1"; exit 0
+	;;
+
+    SunOS:5.*)
+	echo "${MACHINE}-sun-solaris2"; exit 0
+	;;
+
+    SunOS:*)
+	echo "${MACHINE}-sun-sunos4"; exit 0
+	;;
+
+    UNIX_System_V:4.*:*)
+	echo "${MACHINE}-whatever-sysv4"; exit 0
+	;;
+
+    *:4*:R4*:m88k)
+	echo "${MACHINE}-whatever-sysv4"; exit 0
+	;;
+
+    DYNIX/ptx:4*:*)
+	echo "${MACHINE}-whatever-sysv4"; exit 0
+	;;
+
+    *:4.0:3.0:3[34]?? | *:4.0:3.0:3[34]??,*)
+	echo "i486-ncr-sysv4"; exit 0
+	;;
+
+    ULTRIX:*)
+	echo "${MACHINE}-unknown-ultrix"; exit 0
+	;;
+
+    SINIX*)
+	echo "${MACHINE}-sni-sysv4"; exit 0
+	;;
+
+    machten:*)
+       echo "${MACHINE}-tenon-${SYSTEM}"; exit 0;
+       ;;
+
+    library:*)
+	echo "${MACHINE}-ncr-sysv4"; exit 0
+	;;
+
+    ConvexOS:*:11.0:*)
+	echo "${MACHINE}-v11-${SYSTEM}"; exit 0;
+	;;
+
+esac
+
+#
+# Ugg. These are all we can determine by what we know about
+# the output of uname. Be more creative:
+#
+
+# Do the Apollo stuff first. Here, we just simply assume
+# that the existance of the /usr/apollo directory is proof
+# enough
+if [ -d /usr/apollo ]; then
+    echo "whatever-apollo-whatever"
+    exit 0
+fi
+
+# Now NeXT
+ISNEXT=`hostinfo 2>/dev/null`
+case "$ISNEXT" in
+    *NeXT*)
+	echo "whatever-next-nextstep"; exit 0
+	;;
+esac
+
+# At this point we gone through all the one's
+# we know of: Punt
+
+echo "${MACHINE}-whatever-${SYSTEM}|${RELEASE}|${VERSION}" 
+exit 0
+) 2>/dev/null | (
+
+# ---------------------------------------------------------------------------
+# this is where the translation occurs into SSLeay terms
+# ---------------------------------------------------------------------------
+
+PREFIX=""
+SUFFIX=""
+VERBOSE="false"
+TEST="false"
+
+# pick up any command line args to config
+for i
+do
+case "$i" in 
+-d*) PREFIX="debug-";;
+-v*) VERBOSE="true";;
+-n*|-t*) TEST="true";;
+esac
+done
+
+# figure out if gcc is available and if so we use it otherwise
+# we fallback to whatever cc does on the system
+GCCVER=`gcc -v 2>&1`
+if [ $? = "0" ]; then
+  CC=gcc
+else
+  CC=cc
+fi
+
+# read the output of the embedded GuessOS 
+read GUESSOS
+
+if [ "$VERBOSE" = "true" ]; then
+  echo GUESSOS $GUESSOS
+fi
+
+# now map the output into SSLeay terms ... really should hack into the
+# script above so we end up with values in vars but that would take
+# more time that I want to waste at the moment
+case "$GUESSOS" in
+  *-*-linux2) OUT="linux-elf" ;;
+  *-*-linux) OUT="linux-aout" ;;
+  sun4*-sun-solaris2) OUT="solaris-sparc-$CC" ;;
+  *86*-sun-solaris2) OUT="solaris-x86-$CC" ;;
+  *-*-sunos4) OUT="sunos-$CC" ;;
+  *-freebsd) OUT="FreeBSD" ;;
+  *86*-*-netbsd) OUT="NetBSD-x86" ;;
+  sun3*-*-netbsd) OUT="NetBSD-m68" ;;
+  *-*-netbsd) OUT="NetBSD-sparc" ;;
+  *-*-osf) OUT="alpha-$CC" ;;
+  *-*-unixware*) OUT="unixware-2.0" ;;
+  *-sni-sysv4) OUT="SINIX" ;;
+  # these are all covered by the catchall below
+  # *-hpux) OUT="hpux-$CC" ;;
+  # *-aix) OUT="aix-$CC" ;;
+  # *-dgux) OUT="dgux" ;;
+  *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
+esac
+
+if [ -z "$OUT" ]; then
+  OUT="$CC"
+fi
+
+# run Configure to check to see if we need to specify the 
+# compiler for the platform ... in which case we add it on
+# the end ... otherwise we leave it off
+./Configure 2>&1 | grep '$OUT-$CC' > /dev/null
+if [ $? = "0" ]; then
+  OUT="$OUT-$CC"
+fi
+
+OUT="$PREFIX$OUT"
+
+# at this point we have the answer ... which we could check again
+# and then fallback to a vanilla SSLeay build but then this script
+# wouldn't get updated
+echo Configuring for $OUT
+
+if [ "$TEST" = "true" ]; then
+  echo ./Configure $OUT
+else
+  ./Configure $OUT
+fi
+
+)
+
diff --git a/crypto/Makefile.ssl b/crypto/Makefile.ssl
index 9cb45e4b51..efdbba38ac 100644
--- a/crypto/Makefile.ssl
+++ b/crypto/Makefile.ssl
@@ -24,10 +24,13 @@ EX_LIBS=
  
 CFLAGS= $(INCLUDE) $(CFLAG) -DCFLAGS=" \"$(CC) $(CFLAG)\" "
 
+ERR=crypto
+ERRC=cpt_err
+
 LIBS=
 
-SDIRS=	md sha mdc2 \
-	des rc4 rc2 idea bf \
+SDIRS=	md2 md5 sha mdc2 hmac ripemd \
+	des rc2 rc4 rc5 idea bf cast \
 	bn rsa dsa dh \
 	buffer bio stack lhash rand err objects \
 	evp pem x509 \
@@ -36,8 +39,8 @@ SDIRS=	md sha mdc2 \
 GENERAL=Makefile README
 
 LIB= $(TOP)/libcrypto.a
-LIBSRC=	cryptlib.c mem.c cversion.c
-LIBOBJ= cryptlib.o mem.o cversion.o
+LIBSRC=	cryptlib.c mem.c cversion.c ex_data.c $(ERRC).c
+LIBOBJ= cryptlib.o mem.o cversion.o ex_data.o $(ERRC).o
 
 SRC= $(LIBSRC)
 
@@ -58,7 +61,7 @@ subdirs:
 	@for i in $(SDIRS) ;\
 	do \
 	(cd $$i; echo "making all in $$i..."; \
-	$(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' AR='${AR}' all ); \
+	$(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' all ); \
 	done;
 
 files:
@@ -72,7 +75,7 @@ files:
 links:
 	/bin/rm -f Makefile 
 	$(TOP)/util/point.sh Makefile.ssl Makefile ;
-	$(TOP)/util/mklink.sh ../include $(EXHEADER) ;
+	$(TOP)/util/mklink.sh ../include $(HEADER) ;
 	$(TOP)/util/mklink.sh ../test $(TEST) ;
 	$(TOP)/util/mklink.sh ../apps $(APPS) ;
 	$(TOP)/util/point.sh Makefile.ssl Makefile;
@@ -146,7 +149,9 @@ dclean:
 	done;
 
 errors:
-	perl ./err/err_code.pl */*.c ../ssl/*.c ../rsaref/*.c
+	perl ./err/err_code.pl -conf err/ssleay.ec *.c */*.c ../ssl/*.c ../rsaref/*.c
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl err/err_genc.pl -s $(ERR).h $(ERRC).c
 	@for i in $(SDIRS) ;\
 	do \
 	(cd $$i; echo "making errors in $$i..."; \
diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl
index a39e009d27..30751bd156 100644
--- a/crypto/asn1/Makefile.ssl
+++ b/crypto/asn1/Makefile.ssl
@@ -35,7 +35,8 @@ LIBSRC=	a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c \
 	p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c \
 	f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c \
 	a_hdr.c x_pkey.c a_bool.c x_exten.c \
-	asn1_par.c asn1_lib.c $(ERRC).c a_meth.c a_bytes.c
+	asn1_par.c asn1_lib.c $(ERRC).c a_meth.c a_bytes.c \
+	evp_asn1.c
 LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o \
 	a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
 	a_sign.o a_digest.o a_verify.o \
@@ -49,7 +50,8 @@ LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o \
 	p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o \
 	f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o \
 	a_hdr.o x_pkey.o a_bool.o x_exten.o \
-	asn1_par.o asn1_lib.o $(ERRC).o a_meth.o a_bytes.o
+	asn1_par.o asn1_lib.o $(ERRC).o a_meth.o a_bytes.o \
+	evp_asn1.o
 
 SRC= $(LIBSRC)
 
@@ -113,6 +115,6 @@ clean:
 
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
index eb99ebca2f..2c10120651 100644
--- a/crypto/asn1/a_bitstr.c
+++ b/crypto/asn1/a_bitstr.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_bitstr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -156,3 +156,49 @@ err:
 	return(NULL);
 	}
 
+/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
+ */
+int ASN1_BIT_STRING_set_bit(a,n,value)
+ASN1_BIT_STRING *a;
+int n;
+int value;
+	{
+	int w,v,iv;
+	unsigned char *c;
+
+	w=n/8;
+	v=1<<(7-(n&0x07));
+	iv= ~v;
+
+	if (a == NULL) return(0);
+	if ((a->length < (w+1)) || (a->data == NULL))
+		{
+		if (!value) return(1); /* Don't need to set */
+		if (a->data == NULL)
+			c=(unsigned char *)Malloc(w+1);
+		else
+			c=(unsigned char *)Realloc(a->data,w+1);
+		if (c == NULL) return(0);
+		a->data=c;
+		a->length=w+1;
+		c[w]=0;
+		}
+	a->data[w]=((a->data[w])&iv)|v;
+	while ((a->length > 0) && (a->data[a->length-1] == 0))
+		a->length--;
+	return(1);
+	}
+
+int ASN1_BIT_STRING_get_bit(a,n)
+ASN1_BIT_STRING *a;
+int n;
+	{
+	int w,v;
+
+	w=n/8;
+	v=1<<(7-(n&0x07));
+	if ((a == NULL) || (a->length < (w+1)) || (a->data == NULL))
+		return(0);
+	return((a->data[w]&v) != 0);
+	}
+
diff --git a/crypto/asn1/a_bmp.c b/crypto/asn1/a_bmp.c
new file mode 100644
index 0000000000..774502b1fc
--- /dev/null
+++ b/crypto/asn1/a_bmp.c
@@ -0,0 +1,90 @@
+/* crypto/asn1/a_bmp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_D2I_ASN1_INTEGER,ASN1_R_EXPECTING_AN_INTEGER);
+ */
+
+int i2d_ASN1_BMPSTRING(a, pp)
+ASN1_BMPSTRING *a;
+unsigned char **pp;
+	{
+	return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
+		V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL));
+	}
+
+ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(a, pp, length)
+ASN1_BMPSTRING **a;
+unsigned char **pp;
+long length;
+	{
+	ASN1_BMPSTRING *ret=NULL;
+
+	ret=(ASN1_BMPSTRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
+	pp,length,V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL);
+	if (ret == NULL)
+		{
+		ASN1err(ASN1_F_D2I_ASN1_BMPSTRING,ASN1_R_ERROR_STACK);
+		return(NULL);
+		}
+	return(ret);
+	}
+
diff --git a/crypto/asn1/a_bool.c b/crypto/asn1/a_bool.c
index 83607b58ef..41a95aa278 100644
--- a/crypto/asn1/a_bool.c
+++ b/crypto/asn1/a_bool.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_bool.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/a_bytes.c b/crypto/asn1/a_bytes.c
index 0c9132498c..14168d61ad 100644
--- a/crypto/asn1/a_bytes.c
+++ b/crypto/asn1/a_bytes.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_bytes.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -67,14 +67,14 @@
  */
 
 static unsigned long tag2bit[32]={
-0,	0,	0,	0,	/* tags  0 -  3 */
+0,	0,	0,	B_ASN1_BIT_STRING,	/* tags  0 -  3 */
 B_ASN1_OCTET_STRING,	0,	0,		B_ASN1_UNKNOWN,/* tags  4- 7 */
 B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,/* tags  8-11 */
 B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,/* tags 12-15 */
 0,	0,	B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING,
 B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,0,
 0,B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,
-B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,
+B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN,
 	};
 
 #ifndef NOPROTO
@@ -97,13 +97,6 @@ int type;
 	int inf,tag,xclass;
 	int i=0;
 
-	if ((a == NULL) || ((*a) == NULL))
-		{
-		if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
-		}
-	else
-		ret=(*a);
-
 	p= *pp;
 	inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
 	if (inf & 0x80) goto err;
@@ -118,6 +111,18 @@ int type;
 		i=ASN1_R_WRONG_TYPE;
 		goto err;
 		}
+
+	/* If a bit-string, exit early */
+	if (tag == V_ASN1_BIT_STRING)
+		return(d2i_ASN1_BIT_STRING(a,pp,length));
+
+	if ((a == NULL) || ((*a) == NULL))
+		{
+		if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
+		}
+	else
+		ret=(*a);
+
 	if (len != 0)
 		{
 		s=(unsigned char *)Malloc((int)len+1);
@@ -157,6 +162,10 @@ int xclass;
 	unsigned char *p;
 
 	if (a == NULL)  return(0);
+
+	if (tag == V_ASN1_BIT_STRING)
+		return(i2d_ASN1_BIT_STRING(a,pp));
+		
 	ret=a->length;
 	r=ASN1_object_size(0,ret,tag);
 	if (pp == NULL) return(r);
@@ -229,7 +238,7 @@ int Pclass;
 		{
 		if (len != 0)
 			{
-			if (ret->length < len)
+			if ((ret->length < len) || (ret->data == NULL))
 				{
 				if (ret->data != NULL) Free((char *)ret->data);
 				s=(unsigned char *)Malloc((int)len);
diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c
index 5c9c9cf09b..d952836a91 100644
--- a/crypto/asn1/a_d2i_fp.c
+++ b/crypto/asn1/a_d2i_fp.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_d2i_fp.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -63,7 +63,7 @@
 
 #define HEADER_SIZE   8
 
-#ifndef WIN16
+#ifndef NO_FP_API
 char *ASN1_d2i_fp(xnew,d2i,in,x)
 char *(*xnew)();
 char *(*d2i)();
@@ -108,6 +108,7 @@ unsigned char **x;
 		return(NULL);
 		}
 
+	ERR_clear_error();
 	for (;;)
 		{
 		if (want >= (len-off))
diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c
index 8f395d958a..8ddb65b0dc 100644
--- a/crypto/asn1/a_digest.c
+++ b/crypto/asn1/a_digest.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_digest.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/a_dup.c b/crypto/asn1/a_dup.c
index 51ed105ff2..961b4cb069 100644
--- a/crypto/asn1/a_dup.c
+++ b/crypto/asn1/a_dup.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_dup.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/a_hdr.c b/crypto/asn1/a_hdr.c
index b7de335fc1..4fb7a5fa75 100644
--- a/crypto/asn1/a_hdr.c
+++ b/crypto/asn1/a_hdr.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_hdr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/a_i2d_fp.c b/crypto/asn1/a_i2d_fp.c
index eab127e6e0..66c3df68d5 100644
--- a/crypto/asn1/a_i2d_fp.c
+++ b/crypto/asn1/a_i2d_fp.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_i2d_fp.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -61,7 +61,7 @@
 #include "buffer.h"
 #include "asn1_mac.h"
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int ASN1_i2d_fp(i2d,out,x)
 int (*i2d)();
 FILE *out;
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index ce0921d59a..df79cf99bb 100644
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_int.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -251,7 +251,8 @@ ASN1_INTEGER *a;
 	
 	if (a->length > sizeof(long))
 		{
-		return(0xFFFFFFFFL);
+		/* hmm... a bit ugly */
+		return(0xffffffffL);
 		}
 	if (a->data == NULL)
 		return(0);
diff --git a/crypto/asn1/a_meth.c b/crypto/asn1/a_meth.c
index 0beb958aa6..513625c305 100644
--- a/crypto/asn1/a_meth.c
+++ b/crypto/asn1/a_meth.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_meth.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c
index 897915cf49..5a7eeef8d8 100644
--- a/crypto/asn1/a_object.c
+++ b/crypto/asn1/a_object.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_object.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -64,7 +64,7 @@
 
 /* ASN1err(ASN1_F_ASN1_OBJECT_NEW,ASN1_R_EXPECTING_AN_OBJECT); 
  * ASN1err(ASN1_F_D2I_ASN1_OBJECT,ASN1_R_BAD_OBJECT_HEADER); 
- * ASN1err(ASN1_F_I2A_ASN1_OBJECT,ASN1_R_BAD_OBJECT_HEADER);
+ * ASN1err(ASN1_F_I2T_ASN1_OBJECT,ASN1_R_BAD_OBJECT_HEADER);
  */
 
 int i2d_ASN1_OBJECT(a, pp)
@@ -180,19 +180,23 @@ err:
 	return(0);
 	}
 
-int i2a_ASN1_OBJECT(bp,a)
-BIO *bp;
+int i2t_ASN1_OBJECT(buf,buf_len,a)
+char *buf;
+int buf_len;
 ASN1_OBJECT *a;
 	{
-	int j,i,idx=0,n=0,len,nid,reason=ERR_R_BUF_LIB;
+	int i,idx=0,n=0,len,nid;
 	unsigned long l;
 	unsigned char *p;
-	char buf[20];
 	char *s;
+	char tbuf[32];
+
+	if (buf_len <= 0) return(0);
 
 	if ((a == NULL) || (a->data == NULL))
 		{
-		return(BIO_write(bp,"NULL",4));
+		buf[0]='\0';
+		return(0);
 		}
 
 	nid=OBJ_obj2nid(a);
@@ -215,10 +219,11 @@ ASN1_OBJECT *a;
 		if (i > 2) i=2;
 		l-=(long)(i*40);
 
-		sprintf(buf,"%d.%ld",i,l);
-		i=strlen(buf);
-		if (BIO_write(bp,buf,i) != i)
-				goto err;
+		sprintf(tbuf,"%d.%ld",i,l);
+		i=strlen(tbuf);
+		strncpy(buf,tbuf,buf_len);
+		buf_len-=i;
+		buf+=i;
 		n+=i;
 
 		l=0;
@@ -227,9 +232,12 @@ ASN1_OBJECT *a;
 			l|=p[idx]&0x7f;
 			if (!(p[idx] & 0x80))
 				{
-				sprintf(buf,".%ld",l);
-				i=strlen(buf);
-				if (BIO_write(bp,buf,i) != i) goto err;
+				sprintf(tbuf,".%ld",l);
+				i=strlen(tbuf);
+				if (buf_len > 0)
+					strncpy(buf,tbuf,buf_len);
+				buf_len-=i;
+				buf+=i;
 				n+=i;
 				l=0;
 				}
@@ -241,14 +249,26 @@ ASN1_OBJECT *a;
 		s=(char *)OBJ_nid2ln(nid);
 		if (s == NULL)
 			s=(char *)OBJ_nid2sn(nid);
-		j=strlen(s);
-		if (BIO_write(bp,s,j) != j) goto err;
-		n=j;
+		strncpy(buf,s,buf_len);
+		n=strlen(s);
 		}
+	buf[buf_len-1]='\0';
 	return(n);
-err:
-	ASN1err(ASN1_F_I2A_ASN1_OBJECT,reason);
-	return(-1);
+	}
+
+int i2a_ASN1_OBJECT(bp,a)
+BIO *bp;
+ASN1_OBJECT *a;
+	{
+	char buf[80];
+	int i;
+
+	if ((a == NULL) || (a->data == NULL))
+		return(BIO_write(bp,"NULL",4));
+	i=i2t_ASN1_OBJECT(buf,80,a);
+	if (i > 80) i=80;
+	BIO_write(bp,buf,i);
+	return(i);
 	}
 
 ASN1_OBJECT *d2i_ASN1_OBJECT(a, pp, length)
diff --git a/crypto/asn1/a_octet.c b/crypto/asn1/a_octet.c
index e4ef15a995..be3f172a8c 100644
--- a/crypto/asn1/a_octet.c
+++ b/crypto/asn1/a_octet.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_octet.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/a_print.c b/crypto/asn1/a_print.c
index a1bbc35ca1..3023361dee 100644
--- a/crypto/asn1/a_print.c
+++ b/crypto/asn1/a_print.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_print.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/a_set.c b/crypto/asn1/a_set.c
index 5752fbb5fd..17c49946cf 100644
--- a/crypto/asn1/a_set.c
+++ b/crypto/asn1/a_set.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_set.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c
index 2925ce3ad3..02188e68c4 100644
--- a/crypto/asn1/a_sign.c
+++ b/crypto/asn1/a_sign.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_sign.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/a_type.c b/crypto/asn1/a_type.c
index abaf70dcb8..7c0004084c 100644
--- a/crypto/asn1/a_type.c
+++ b/crypto/asn1/a_type.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_type.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -115,6 +115,9 @@ unsigned char **pp;
 	case V_ASN1_UNIVERSALSTRING:
 		r=M_i2d_ASN1_UNIVERSALSTRING(a->value.universalstring,pp);
 		break;
+	case V_ASN1_BMPSTRING:
+		r=M_i2d_ASN1_BMPSTRING(a->value.bmpstring,pp);
+		break;
 	case V_ASN1_UTCTIME:
 		r=i2d_ASN1_UTCTIME(a->value.utctime,pp);
 		break;
@@ -213,6 +216,11 @@ long length;
 			M_d2i_ASN1_UNIVERSALSTRING(NULL,&p,max-p)) == NULL)
 			goto err;
 		break;
+	case V_ASN1_BMPSTRING:
+		if ((ret->value.bmpstring=
+			M_d2i_ASN1_BMPSTRING(NULL,&p,max-p)) == NULL)
+			goto err;
+		break;
 	case V_ASN1_UTCTIME:
 		if ((ret->value.utctime=
 			d2i_ASN1_UTCTIME(NULL,&p,max-p)) == NULL)
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
index cc3c692fc9..17a7abbb67 100644
--- a/crypto/asn1/a_utctm.c
+++ b/crypto/asn1/a_utctm.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_utctm.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -152,6 +152,28 @@ err:
 	return(0);
 	}
 
+int ASN1_UTCTIME_set_string(s,str)
+ASN1_UTCTIME *s;
+char *str;
+	{
+	ASN1_UTCTIME t;
+
+	t.type=V_ASN1_UTCTIME;
+	t.length=strlen(str);
+	t.data=(unsigned char *)str;
+	if (ASN1_UTCTIME_check(&t))
+		{
+		if (s != NULL)
+			{
+			ASN1_STRING_set((ASN1_STRING *)s,
+				(unsigned char *)str,t.length);
+			}
+		return(1);
+		}
+	else
+		return(0);
+	}
+
 ASN1_UTCTIME *ASN1_UTCTIME_set(s, t)
 ASN1_UTCTIME *s;
 time_t t;
diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
index 567552f782..03fc63dbef 100644
--- a/crypto/asn1/a_verify.c
+++ b/crypto/asn1/a_verify.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/a_verify.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/asn1.err b/crypto/asn1/asn1.err
index cbf27ab5fd..c8b7011488 100644
--- a/crypto/asn1/asn1.err
+++ b/crypto/asn1/asn1.err
@@ -18,108 +18,111 @@
 #define ASN1_F_ASN1_SIGN				 114
 #define ASN1_F_ASN1_STRING_NEW				 115
 #define ASN1_F_ASN1_STRING_TYPE_NEW			 116
-#define ASN1_F_ASN1_TYPE_NEW				 117
-#define ASN1_F_ASN1_UTCTIME_NEW				 118
-#define ASN1_F_ASN1_VERIFY				 119
-#define ASN1_F_BN_TO_ASN1_INTEGER			 120
-#define ASN1_F_D2I_ASN1_BIT_STRING			 121
-#define ASN1_F_D2I_ASN1_BOOLEAN				 122
-#define ASN1_F_D2I_ASN1_BYTES				 123
-#define ASN1_F_D2I_ASN1_HEADER				 124
-#define ASN1_F_D2I_ASN1_INTEGER				 125
-#define ASN1_F_D2I_ASN1_OBJECT				 126
-#define ASN1_F_D2I_ASN1_OCTET_STRING			 127
-#define ASN1_F_D2I_ASN1_PRINT_TYPE			 128
-#define ASN1_F_D2I_ASN1_SET				 129
-#define ASN1_F_D2I_ASN1_TYPE				 130
-#define ASN1_F_D2I_ASN1_TYPE_BYTES			 131
-#define ASN1_F_D2I_ASN1_UTCTIME				 132
-#define ASN1_F_D2I_DHPARAMS				 133
-#define ASN1_F_D2I_DSAPARAMS				 134
-#define ASN1_F_D2I_DSAPRIVATEKEY			 135
-#define ASN1_F_D2I_DSAPUBLICKEY				 136
-#define ASN1_F_D2I_NETSCAPE_PKEY			 137
-#define ASN1_F_D2I_NETSCAPE_RSA				 138
-#define ASN1_F_D2I_NETSCAPE_RSA_2			 139
-#define ASN1_F_D2I_NETSCAPE_SPKAC			 140
-#define ASN1_F_D2I_NETSCAPE_SPKI			 141
-#define ASN1_F_D2I_PKCS7				 142
-#define ASN1_F_D2I_PKCS7_DIGEST				 143
-#define ASN1_F_D2I_PKCS7_ENCRYPT			 144
-#define ASN1_F_D2I_PKCS7_ENC_CONTENT			 145
-#define ASN1_F_D2I_PKCS7_ENVELOPE			 146
-#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL		 147
-#define ASN1_F_D2I_PKCS7_RECIP_INFO			 148
-#define ASN1_F_D2I_PKCS7_SIGNED				 149
-#define ASN1_F_D2I_PKCS7_SIGNER_INFO			 150
-#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE			 151
-#define ASN1_F_D2I_PRIVATEKEY				 152
-#define ASN1_F_D2I_PUBLICKEY				 153
-#define ASN1_F_D2I_RSAPRIVATEKEY			 154
-#define ASN1_F_D2I_RSAPUBLICKEY				 155
-#define ASN1_F_D2I_X509					 156
-#define ASN1_F_D2I_X509_ALGOR				 157
-#define ASN1_F_D2I_X509_ATTRIBUTE			 158
-#define ASN1_F_D2I_X509_CINF				 159
-#define ASN1_F_D2I_X509_CRL				 160
-#define ASN1_F_D2I_X509_CRL_INFO			 161
-#define ASN1_F_D2I_X509_EXTENSION			 162
-#define ASN1_F_D2I_X509_KEY				 163
-#define ASN1_F_D2I_X509_NAME				 164
-#define ASN1_F_D2I_X509_NAME_ENTRY			 165
-#define ASN1_F_D2I_X509_PKEY				 166
-#define ASN1_F_D2I_X509_PUBKEY				 167
-#define ASN1_F_D2I_X509_REQ				 168
-#define ASN1_F_D2I_X509_REQ_INFO			 169
-#define ASN1_F_D2I_X509_REVOKED				 170
-#define ASN1_F_D2I_X509_SIG				 171
-#define ASN1_F_D2I_X509_VAL				 172
-#define ASN1_F_I2A_ASN1_OBJECT				 173
-#define ASN1_F_I2D_ASN1_HEADER				 174
-#define ASN1_F_I2D_DHPARAMS				 175
-#define ASN1_F_I2D_DSAPARAMS				 176
-#define ASN1_F_I2D_DSAPRIVATEKEY			 177
-#define ASN1_F_I2D_DSAPUBLICKEY				 178
-#define ASN1_F_I2D_NETSCAPE_RSA				 179
-#define ASN1_F_I2D_PKCS7				 180
-#define ASN1_F_I2D_PRIVATEKEY				 181
-#define ASN1_F_I2D_PUBLICKEY				 182
-#define ASN1_F_I2D_RSAPRIVATEKEY			 183
-#define ASN1_F_I2D_RSAPUBLICKEY				 184
-#define ASN1_F_I2D_X509_ATTRIBUTE			 185
-#define ASN1_F_NETSCAPE_PKEY_NEW			 186
-#define ASN1_F_NETSCAPE_SPKAC_NEW			 187
-#define ASN1_F_NETSCAPE_SPKI_NEW			 188
-#define ASN1_F_PKCS7_DIGEST_NEW				 189
-#define ASN1_F_PKCS7_ENCRYPT_NEW			 190
-#define ASN1_F_PKCS7_ENC_CONTENT_NEW			 191
-#define ASN1_F_PKCS7_ENVELOPE_NEW			 192
-#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW		 193
-#define ASN1_F_PKCS7_NEW				 194
-#define ASN1_F_PKCS7_RECIP_INFO_NEW			 195
-#define ASN1_F_PKCS7_SIGNED_NEW				 196
-#define ASN1_F_PKCS7_SIGNER_INFO_NEW			 197
-#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW			 198
-#define ASN1_F_X509_ALGOR_NEW				 199
-#define ASN1_F_X509_ATTRIBUTE_NEW			 200
-#define ASN1_F_X509_CINF_NEW				 201
-#define ASN1_F_X509_CRL_INFO_NEW			 202
-#define ASN1_F_X509_CRL_NEW				 203
-#define ASN1_F_X509_DHPARAMS_NEW			 204
-#define ASN1_F_X509_EXTENSION_NEW			 205
-#define ASN1_F_X509_INFO_NEW				 206
-#define ASN1_F_X509_KEY_NEW				 207
-#define ASN1_F_X509_NAME_ENTRY_NEW			 208
-#define ASN1_F_X509_NAME_NEW				 209
-#define ASN1_F_X509_NEW					 210
-#define ASN1_F_X509_PKEY_NEW				 211
-#define ASN1_F_X509_PUBKEY_NEW				 212
-#define ASN1_F_X509_REQ_INFO_NEW			 213
-#define ASN1_F_X509_REQ_NEW				 214
-#define ASN1_F_X509_REVOKED_NEW				 215
-#define ASN1_F_X509_SIG_NEW				 216
-#define ASN1_F_X509_VAL_FREE				 217
-#define ASN1_F_X509_VAL_NEW				 218
+#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING		 117
+#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING		 118
+#define ASN1_F_ASN1_TYPE_NEW				 119
+#define ASN1_F_ASN1_UTCTIME_NEW				 120
+#define ASN1_F_ASN1_VERIFY				 121
+#define ASN1_F_BN_TO_ASN1_INTEGER			 122
+#define ASN1_F_D2I_ASN1_BIT_STRING			 123
+#define ASN1_F_D2I_ASN1_BMPSTRING			 124
+#define ASN1_F_D2I_ASN1_BOOLEAN				 125
+#define ASN1_F_D2I_ASN1_BYTES				 126
+#define ASN1_F_D2I_ASN1_HEADER				 127
+#define ASN1_F_D2I_ASN1_INTEGER				 128
+#define ASN1_F_D2I_ASN1_OBJECT				 129
+#define ASN1_F_D2I_ASN1_OCTET_STRING			 130
+#define ASN1_F_D2I_ASN1_PRINT_TYPE			 131
+#define ASN1_F_D2I_ASN1_SET				 132
+#define ASN1_F_D2I_ASN1_TYPE				 133
+#define ASN1_F_D2I_ASN1_TYPE_BYTES			 134
+#define ASN1_F_D2I_ASN1_UTCTIME				 135
+#define ASN1_F_D2I_DHPARAMS				 136
+#define ASN1_F_D2I_DSAPARAMS				 137
+#define ASN1_F_D2I_DSAPRIVATEKEY			 138
+#define ASN1_F_D2I_DSAPUBLICKEY				 139
+#define ASN1_F_D2I_NETSCAPE_PKEY			 140
+#define ASN1_F_D2I_NETSCAPE_RSA				 141
+#define ASN1_F_D2I_NETSCAPE_RSA_2			 142
+#define ASN1_F_D2I_NETSCAPE_SPKAC			 143
+#define ASN1_F_D2I_NETSCAPE_SPKI			 144
+#define ASN1_F_D2I_PKCS7				 145
+#define ASN1_F_D2I_PKCS7_DIGEST				 146
+#define ASN1_F_D2I_PKCS7_ENCRYPT			 147
+#define ASN1_F_D2I_PKCS7_ENC_CONTENT			 148
+#define ASN1_F_D2I_PKCS7_ENVELOPE			 149
+#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL		 150
+#define ASN1_F_D2I_PKCS7_RECIP_INFO			 151
+#define ASN1_F_D2I_PKCS7_SIGNED				 152
+#define ASN1_F_D2I_PKCS7_SIGNER_INFO			 153
+#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE			 154
+#define ASN1_F_D2I_PRIVATEKEY				 155
+#define ASN1_F_D2I_PUBLICKEY				 156
+#define ASN1_F_D2I_RSAPRIVATEKEY			 157
+#define ASN1_F_D2I_RSAPUBLICKEY				 158
+#define ASN1_F_D2I_X509					 159
+#define ASN1_F_D2I_X509_ALGOR				 160
+#define ASN1_F_D2I_X509_ATTRIBUTE			 161
+#define ASN1_F_D2I_X509_CINF				 162
+#define ASN1_F_D2I_X509_CRL				 163
+#define ASN1_F_D2I_X509_CRL_INFO			 164
+#define ASN1_F_D2I_X509_EXTENSION			 165
+#define ASN1_F_D2I_X509_KEY				 166
+#define ASN1_F_D2I_X509_NAME				 167
+#define ASN1_F_D2I_X509_NAME_ENTRY			 168
+#define ASN1_F_D2I_X509_PKEY				 169
+#define ASN1_F_D2I_X509_PUBKEY				 170
+#define ASN1_F_D2I_X509_REQ				 171
+#define ASN1_F_D2I_X509_REQ_INFO			 172
+#define ASN1_F_D2I_X509_REVOKED				 173
+#define ASN1_F_D2I_X509_SIG				 174
+#define ASN1_F_D2I_X509_VAL				 175
+#define ASN1_F_I2D_ASN1_HEADER				 176
+#define ASN1_F_I2D_DHPARAMS				 177
+#define ASN1_F_I2D_DSAPARAMS				 178
+#define ASN1_F_I2D_DSAPRIVATEKEY			 179
+#define ASN1_F_I2D_DSAPUBLICKEY				 180
+#define ASN1_F_I2D_NETSCAPE_RSA				 181
+#define ASN1_F_I2D_PKCS7				 182
+#define ASN1_F_I2D_PRIVATEKEY				 183
+#define ASN1_F_I2D_PUBLICKEY				 184
+#define ASN1_F_I2D_RSAPRIVATEKEY			 185
+#define ASN1_F_I2D_RSAPUBLICKEY				 186
+#define ASN1_F_I2D_X509_ATTRIBUTE			 187
+#define ASN1_F_I2T_ASN1_OBJECT				 188
+#define ASN1_F_NETSCAPE_PKEY_NEW			 189
+#define ASN1_F_NETSCAPE_SPKAC_NEW			 190
+#define ASN1_F_NETSCAPE_SPKI_NEW			 191
+#define ASN1_F_PKCS7_DIGEST_NEW				 192
+#define ASN1_F_PKCS7_ENCRYPT_NEW			 193
+#define ASN1_F_PKCS7_ENC_CONTENT_NEW			 194
+#define ASN1_F_PKCS7_ENVELOPE_NEW			 195
+#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW		 196
+#define ASN1_F_PKCS7_NEW				 197
+#define ASN1_F_PKCS7_RECIP_INFO_NEW			 198
+#define ASN1_F_PKCS7_SIGNED_NEW				 199
+#define ASN1_F_PKCS7_SIGNER_INFO_NEW			 200
+#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW			 201
+#define ASN1_F_X509_ALGOR_NEW				 202
+#define ASN1_F_X509_ATTRIBUTE_NEW			 203
+#define ASN1_F_X509_CINF_NEW				 204
+#define ASN1_F_X509_CRL_INFO_NEW			 205
+#define ASN1_F_X509_CRL_NEW				 206
+#define ASN1_F_X509_DHPARAMS_NEW			 207
+#define ASN1_F_X509_EXTENSION_NEW			 208
+#define ASN1_F_X509_INFO_NEW				 209
+#define ASN1_F_X509_KEY_NEW				 210
+#define ASN1_F_X509_NAME_ENTRY_NEW			 211
+#define ASN1_F_X509_NAME_NEW				 212
+#define ASN1_F_X509_NEW					 213
+#define ASN1_F_X509_PKEY_NEW				 214
+#define ASN1_F_X509_PUBKEY_NEW				 215
+#define ASN1_F_X509_REQ_INFO_NEW			 216
+#define ASN1_F_X509_REQ_NEW				 217
+#define ASN1_F_X509_REVOKED_NEW				 218
+#define ASN1_F_X509_SIG_NEW				 219
+#define ASN1_F_X509_VAL_FREE				 220
+#define ASN1_F_X509_VAL_NEW				 221
 
 /* Reason codes. */
 #define ASN1_R_BAD_CLASS				 100
@@ -133,46 +136,47 @@
 #define ASN1_R_BN_LIB					 108
 #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH			 109
 #define ASN1_R_BUFFER_TOO_SMALL				 110
-#define ASN1_R_DECODING_ERROR				 111
-#define ASN1_R_ERROR_STACK				 112
-#define ASN1_R_EXPECTING_AN_INTEGER			 113
-#define ASN1_R_EXPECTING_AN_OBJECT			 114
-#define ASN1_R_EXPECTING_AN_OCTET_STRING		 115
-#define ASN1_R_EXPECTING_A_BIT_STRING			 116
-#define ASN1_R_EXPECTING_A_BOOLEAN			 117
-#define ASN1_R_EXPECTING_A_SEQUENCE			 118
-#define ASN1_R_EXPECTING_A_UTCTIME			 119
-#define ASN1_R_FIRST_NUM_TOO_LARGE			 120
-#define ASN1_R_HEADER_TOO_LONG				 121
-#define ASN1_R_INVALID_DIGIT				 122
-#define ASN1_R_INVALID_SEPARATOR			 123
-#define ASN1_R_INVALID_TIME_FORMAT			 124
-#define ASN1_R_IV_TOO_LARGE				 125
-#define ASN1_R_LENGTH_ERROR				 126
-#define ASN1_R_LENGTH_MISMATCH				 127
-#define ASN1_R_MISSING_EOS				 128
-#define ASN1_R_MISSING_SECOND_NUMBER			 129
-#define ASN1_R_NON_HEX_CHARACTERS			 130
-#define ASN1_R_NOT_ENOUGH_DATA				 131
-#define ASN1_R_ODD_NUMBER_OF_CHARS			 132
-#define ASN1_R_PARSING					 133
-#define ASN1_R_PRIVATE_KEY_HEADER_MISSING		 134
-#define ASN1_R_SECOND_NUMBER_TOO_LARGE			 135
-#define ASN1_R_SHORT_LINE				 136
-#define ASN1_R_STRING_TOO_SHORT				 137
-#define ASN1_R_TAG_VALUE_TOO_HIGH			 138
-#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 139
-#define ASN1_R_TOO_LONG					 140
-#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY			 141
-#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY		 142
-#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE			 143
-#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM		 144
-#define ASN1_R_UNKNOWN_OBJECT_TYPE			 145
-#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE			 146
-#define ASN1_R_UNSUPPORTED_CIPHER			 147
-#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM		 148
-#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE		 149
-#define ASN1_R_UTCTIME_TOO_LONG				 150
-#define ASN1_R_WRONG_PRINTABLE_TYPE			 151
-#define ASN1_R_WRONG_TAG				 152
-#define ASN1_R_WRONG_TYPE				 153
+#define ASN1_R_DATA_IS_WRONG				 111
+#define ASN1_R_DECODING_ERROR				 112
+#define ASN1_R_ERROR_STACK				 113
+#define ASN1_R_EXPECTING_AN_INTEGER			 114
+#define ASN1_R_EXPECTING_AN_OBJECT			 115
+#define ASN1_R_EXPECTING_AN_OCTET_STRING		 116
+#define ASN1_R_EXPECTING_A_BIT_STRING			 117
+#define ASN1_R_EXPECTING_A_BOOLEAN			 118
+#define ASN1_R_EXPECTING_A_SEQUENCE			 119
+#define ASN1_R_EXPECTING_A_UTCTIME			 120
+#define ASN1_R_FIRST_NUM_TOO_LARGE			 121
+#define ASN1_R_HEADER_TOO_LONG				 122
+#define ASN1_R_INVALID_DIGIT				 123
+#define ASN1_R_INVALID_SEPARATOR			 124
+#define ASN1_R_INVALID_TIME_FORMAT			 125
+#define ASN1_R_IV_TOO_LARGE				 126
+#define ASN1_R_LENGTH_ERROR				 127
+#define ASN1_R_LENGTH_MISMATCH				 128
+#define ASN1_R_MISSING_EOS				 129
+#define ASN1_R_MISSING_SECOND_NUMBER			 130
+#define ASN1_R_NON_HEX_CHARACTERS			 131
+#define ASN1_R_NOT_ENOUGH_DATA				 132
+#define ASN1_R_ODD_NUMBER_OF_CHARS			 133
+#define ASN1_R_PARSING					 134
+#define ASN1_R_PRIVATE_KEY_HEADER_MISSING		 135
+#define ASN1_R_SECOND_NUMBER_TOO_LARGE			 136
+#define ASN1_R_SHORT_LINE				 137
+#define ASN1_R_STRING_TOO_SHORT				 138
+#define ASN1_R_TAG_VALUE_TOO_HIGH			 139
+#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 140
+#define ASN1_R_TOO_LONG					 141
+#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY			 142
+#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY		 143
+#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE			 144
+#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM		 145
+#define ASN1_R_UNKNOWN_OBJECT_TYPE			 146
+#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE			 147
+#define ASN1_R_UNSUPPORTED_CIPHER			 148
+#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM		 149
+#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE		 150
+#define ASN1_R_UTCTIME_TOO_LONG				 151
+#define ASN1_R_WRONG_PRINTABLE_TYPE			 152
+#define ASN1_R_WRONG_TAG				 153
+#define ASN1_R_WRONG_TYPE				 154
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index cdc342946d..9793db365d 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -1,5 +1,5 @@
 /* crypto/asn1/asn1.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -86,6 +86,8 @@ extern "C" {
 #define V_ASN1_OCTET_STRING		4
 #define V_ASN1_NULL			5
 #define V_ASN1_OBJECT			6
+#define V_ASN1_OBJECT_DESCRIPTOR	7
+#define V_ASN1_EXTERNAL			8
 #define V_ASN1_REAL			9
 #define V_ASN1_ENUMERATED		10	/* microsoft weirdness */
 #define V_ASN1_SEQUENCE			16
@@ -103,6 +105,7 @@ extern "C" {
 #define V_ASN1_VISIBLESTRING		26	/* alias */
 #define V_ASN1_GENERALSTRING		27	/**/
 #define V_ASN1_UNIVERSALSTRING		28	/**/
+#define V_ASN1_BMPSTRING		30
 
 /* For use with d2i_ASN1_type_bytes() */
 #define B_ASN1_NUMERICSTRING	0x0001
@@ -115,6 +118,8 @@ extern "C" {
 #define B_ASN1_GENERALSTRING	0x0080
 #define B_ASN1_UNIVERSALSTRING	0x0100
 #define B_ASN1_OCTET_STRING	0x0200
+#define B_ASN1_BIT_STRING	0x0400
+#define B_ASN1_BMPSTRING	0x0800
 #define B_ASN1_UNKNOWN		0x1000
 
 #ifndef DEBUG
@@ -126,8 +131,10 @@ extern "C" {
 #define ASN1_T61STRING		ASN1_STRING
 #define ASN1_IA5STRING		ASN1_STRING
 #define ASN1_UTCTIME		ASN1_STRING
+#define ASN1_GENERALIZEDTIME	ASN1_STRING
 #define ASN1_GENERALSTRING	ASN1_STRING
 #define ASN1_UNIVERSALSTRING	ASN1_STRING
+#define ASN1_BMPSTRING		ASN1_STRING
 
 #else
 
@@ -187,6 +194,13 @@ typedef struct asn1_universalstring_st
 	unsigned char *data;
 	} ASN1_UNIVERSALSTRING;
 
+typedef struct asn1_bmpstring_st
+	{
+	int length;
+	int type;
+	unsigned char *data;
+	} ASN1_BMPSTRING;
+
 typedef struct asn1_utctime_st
 	{
 	int length;
@@ -194,6 +208,13 @@ typedef struct asn1_utctime_st
 	unsigned char *data;
 	} ASN1_UTCTIME;
 
+typedef struct asn1_generalizedtime_st
+	{
+	int length;
+	int type;
+	unsigned char *data;
+	} ASN1_GENERALIZEDTIME;
+
 #endif
 
 typedef struct asn1_ctx_st
@@ -247,8 +268,10 @@ typedef struct asn1_type_st
 		ASN1_T61STRING *	t61string;
 		ASN1_IA5STRING *	ia5string;
 		ASN1_GENERALSTRING *	generalstring;
+		ASN1_BMPSTRING *	bmpstring;
 		ASN1_UNIVERSALSTRING *	universalstring;
 		ASN1_UTCTIME *		utctime;
+		ASN1_GENERALIZEDTIME *	generalizedtime;
 		/* set and sequence are left complete and still
 		 * contain the set or sequence bytes */
 		ASN1_STRING *		set;
@@ -272,6 +295,7 @@ typedef struct asn1_header_st
 	ASN1_METHOD *meth;
 	} ASN1_HEADER;
 
+#define ASN1_STRING_length(x)	((x)->length)
 #define ASN1_STRING_type(x)	((x)->type)
 #define ASN1_STRING_data(x)	((x)->data)
 
@@ -321,7 +345,9 @@ typedef struct asn1_header_st
 			B_ASN1_PRINTABLESTRING| \
 			B_ASN1_T61STRING| \
 			B_ASN1_IA5STRING| \
+			B_ASN1_BIT_STRING| \
 			B_ASN1_UNIVERSALSTRING|\
+			B_ASN1_BMPSTRING|\
 			B_ASN1_UNKNOWN)
 
 #define ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING_STRING *)\
@@ -362,7 +388,16 @@ typedef struct asn1_header_st
 /* d2i_ASN1_UTCTIME() is a function */
 /* ASN1_UTCTIME_set() is a function */
 /* ASN1_UTCTIME_check() is a function */
-/* ASN1_UTCTIME_set() is a function */
+
+#define ASN1_GENERALIZEDTIME_new()	(ASN1_GENERALIZEDTIME *)\
+		ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
+#define ASN1_GENERALIZEDTIME_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
+#define ASN1_GENERALIZEDTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup(\
+	(ASN1_STRING *)a)
+/* DOES NOT EXIST YET i2d_ASN1_GENERALIZEDTIME() is a function */
+/* DOES NOT EXIST YET d2i_ASN1_GENERALIZEDTIME() is a function */
+/* DOES NOT EXIST YET ASN1_GENERALIZEDTIME_set() is a function */
+/* DOES NOT EXIST YET ASN1_GENERALIZEDTIME_check() is a function */
 
 #define ASN1_GENERALSTRING_new()	(ASN1_GENERALSTRING *)\
 		ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
@@ -384,6 +419,16 @@ typedef struct asn1_header_st
 		(ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\
 		((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING)
 
+#define ASN1_BMPSTRING_new()	(ASN1_BMPSTRING *)\
+		ASN1_STRING_type_new(V_ASN1_BMPSTRING)
+#define ASN1_BMPSTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_BMPSTRING(a,pp) \
+		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\
+			V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_BMPSTRING(a,pp,l) \
+		(ASN1_BMPSTRING *)d2i_ASN1_type_bytes\
+		((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING)
+
 #ifndef NOPROTO
 ASN1_TYPE *	ASN1_TYPE_new(void );
 void		ASN1_TYPE_free(ASN1_TYPE *a);
@@ -408,6 +453,9 @@ int 		ASN1_STRING_set(ASN1_STRING *str,unsigned char *data, int len);
 int		i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
 ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp,
 			long length);
+int		ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
+int		ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
+
 
 int		i2d_ASN1_BOOLEAN(int a,unsigned char **pp);
 int 		d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length);
@@ -418,6 +466,7 @@ ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
 
 int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
 ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
+int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str); 
 
 int		i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a,unsigned char **pp);
 ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
@@ -451,6 +500,7 @@ int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *a);
 int a2i_ASN1_STRING(BIO *bp,ASN1_STRING *bs,char *buf,int size);
 int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
 #endif
+int i2t_ASN1_OBJECT(char *buf,int buf_len,ASN1_OBJECT *a);
 
 int a2d_ASN1_OBJECT(unsigned char *out,int olen, char *buf, int num);
 ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len,
@@ -486,7 +536,7 @@ int ASN1_object_size(int constructed, int length, int tag);
 /* Used to implement other functions */
 char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x);
 
-#ifndef WIN16
+#ifndef NO_FP_API
 char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x);
 int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x);
 #endif
@@ -515,6 +565,15 @@ ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
 ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void);
 ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void);
 
+int ASN1_TYPE_set_octetstring(ASN1_TYPE *a,
+	unsigned char *data, int len);
+int ASN1_TYPE_get_octetstring(ASN1_TYPE *a,
+	unsigned char *data, int max_len);
+int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
+	unsigned char *data, int len);
+int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num,
+	unsigned char *data, int max_len);
+
 #else
 
 ASN1_TYPE *	ASN1_TYPE_new();
@@ -536,12 +595,15 @@ int 		ASN1_STRING_cmp();
 int 		ASN1_STRING_set();
 int		i2d_ASN1_BIT_STRING();
 ASN1_BIT_STRING *d2i_ASN1_BIT_STRING();
+int		ASN1_BIT_STRING_set_bit();
+int		ASN1_BIT_STRING_get_bit();
 int		i2d_ASN1_BOOLEAN();
 int 		d2i_ASN1_BOOLEAN();
 int		i2d_ASN1_INTEGER();
 ASN1_INTEGER *d2i_ASN1_INTEGER();
 int ASN1_UTCTIME_check();
 ASN1_UTCTIME *ASN1_UTCTIME_set();
+int ASN1_UTCTIME_set_string();
 int		i2d_ASN1_OCTET_STRING();
 ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING();
 int i2d_ASN1_PRINTABLE();
@@ -570,7 +632,7 @@ int ASN1_check_infinite_end();
 void ASN1_put_object();
 int ASN1_object_size();
 char *ASN1_dup();
-#ifndef WIN16
+#ifndef NO_FP_API
 char *ASN1_d2i_fp();
 int ASN1_i2d_fp();
 #endif
@@ -583,6 +645,7 @@ int ASN1_parse();
 int i2a_ASN1_INTEGER();
 int a2i_ASN1_INTEGER();
 int i2a_ASN1_OBJECT();
+int i2t_ASN1_OBJECT();
 int a2i_ASN1_STRING();
 int i2a_ASN1_STRING();
 
@@ -597,6 +660,12 @@ ASN1_METHOD *ASN1_IA5STRING_asn1_meth();
 ASN1_METHOD *ASN1_BIT_STRING_asn1_meth();
 
 int ASN1_UNIVERSALSTRING_to_string();
+
+int ASN1_TYPE_set_octetstring();
+int ASN1_TYPE_get_octetstring();
+int ASN1_TYPE_set_int_octetstring();
+int ASN1_TYPE_get_int_octetstring();
+
 #endif
 
 /* BEGIN ERROR CODES */
@@ -620,108 +689,111 @@ int ASN1_UNIVERSALSTRING_to_string();
 #define ASN1_F_ASN1_SIGN				 114
 #define ASN1_F_ASN1_STRING_NEW				 115
 #define ASN1_F_ASN1_STRING_TYPE_NEW			 116
-#define ASN1_F_ASN1_TYPE_NEW				 117
-#define ASN1_F_ASN1_UTCTIME_NEW				 118
-#define ASN1_F_ASN1_VERIFY				 119
-#define ASN1_F_BN_TO_ASN1_INTEGER			 120
-#define ASN1_F_D2I_ASN1_BIT_STRING			 121
-#define ASN1_F_D2I_ASN1_BOOLEAN				 122
-#define ASN1_F_D2I_ASN1_BYTES				 123
-#define ASN1_F_D2I_ASN1_HEADER				 124
-#define ASN1_F_D2I_ASN1_INTEGER				 125
-#define ASN1_F_D2I_ASN1_OBJECT				 126
-#define ASN1_F_D2I_ASN1_OCTET_STRING			 127
-#define ASN1_F_D2I_ASN1_PRINT_TYPE			 128
-#define ASN1_F_D2I_ASN1_SET				 129
-#define ASN1_F_D2I_ASN1_TYPE				 130
-#define ASN1_F_D2I_ASN1_TYPE_BYTES			 131
-#define ASN1_F_D2I_ASN1_UTCTIME				 132
-#define ASN1_F_D2I_DHPARAMS				 133
-#define ASN1_F_D2I_DSAPARAMS				 134
-#define ASN1_F_D2I_DSAPRIVATEKEY			 135
-#define ASN1_F_D2I_DSAPUBLICKEY				 136
-#define ASN1_F_D2I_NETSCAPE_PKEY			 137
-#define ASN1_F_D2I_NETSCAPE_RSA				 138
-#define ASN1_F_D2I_NETSCAPE_RSA_2			 139
-#define ASN1_F_D2I_NETSCAPE_SPKAC			 140
-#define ASN1_F_D2I_NETSCAPE_SPKI			 141
-#define ASN1_F_D2I_PKCS7				 142
-#define ASN1_F_D2I_PKCS7_DIGEST				 143
-#define ASN1_F_D2I_PKCS7_ENCRYPT			 144
-#define ASN1_F_D2I_PKCS7_ENC_CONTENT			 145
-#define ASN1_F_D2I_PKCS7_ENVELOPE			 146
-#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL		 147
-#define ASN1_F_D2I_PKCS7_RECIP_INFO			 148
-#define ASN1_F_D2I_PKCS7_SIGNED				 149
-#define ASN1_F_D2I_PKCS7_SIGNER_INFO			 150
-#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE			 151
-#define ASN1_F_D2I_PRIVATEKEY				 152
-#define ASN1_F_D2I_PUBLICKEY				 153
-#define ASN1_F_D2I_RSAPRIVATEKEY			 154
-#define ASN1_F_D2I_RSAPUBLICKEY				 155
-#define ASN1_F_D2I_X509					 156
-#define ASN1_F_D2I_X509_ALGOR				 157
-#define ASN1_F_D2I_X509_ATTRIBUTE			 158
-#define ASN1_F_D2I_X509_CINF				 159
-#define ASN1_F_D2I_X509_CRL				 160
-#define ASN1_F_D2I_X509_CRL_INFO			 161
-#define ASN1_F_D2I_X509_EXTENSION			 162
-#define ASN1_F_D2I_X509_KEY				 163
-#define ASN1_F_D2I_X509_NAME				 164
-#define ASN1_F_D2I_X509_NAME_ENTRY			 165
-#define ASN1_F_D2I_X509_PKEY				 166
-#define ASN1_F_D2I_X509_PUBKEY				 167
-#define ASN1_F_D2I_X509_REQ				 168
-#define ASN1_F_D2I_X509_REQ_INFO			 169
-#define ASN1_F_D2I_X509_REVOKED				 170
-#define ASN1_F_D2I_X509_SIG				 171
-#define ASN1_F_D2I_X509_VAL				 172
-#define ASN1_F_I2A_ASN1_OBJECT				 173
-#define ASN1_F_I2D_ASN1_HEADER				 174
-#define ASN1_F_I2D_DHPARAMS				 175
-#define ASN1_F_I2D_DSAPARAMS				 176
-#define ASN1_F_I2D_DSAPRIVATEKEY			 177
-#define ASN1_F_I2D_DSAPUBLICKEY				 178
-#define ASN1_F_I2D_NETSCAPE_RSA				 179
-#define ASN1_F_I2D_PKCS7				 180
-#define ASN1_F_I2D_PRIVATEKEY				 181
-#define ASN1_F_I2D_PUBLICKEY				 182
-#define ASN1_F_I2D_RSAPRIVATEKEY			 183
-#define ASN1_F_I2D_RSAPUBLICKEY				 184
-#define ASN1_F_I2D_X509_ATTRIBUTE			 185
-#define ASN1_F_NETSCAPE_PKEY_NEW			 186
-#define ASN1_F_NETSCAPE_SPKAC_NEW			 187
-#define ASN1_F_NETSCAPE_SPKI_NEW			 188
-#define ASN1_F_PKCS7_DIGEST_NEW				 189
-#define ASN1_F_PKCS7_ENCRYPT_NEW			 190
-#define ASN1_F_PKCS7_ENC_CONTENT_NEW			 191
-#define ASN1_F_PKCS7_ENVELOPE_NEW			 192
-#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW		 193
-#define ASN1_F_PKCS7_NEW				 194
-#define ASN1_F_PKCS7_RECIP_INFO_NEW			 195
-#define ASN1_F_PKCS7_SIGNED_NEW				 196
-#define ASN1_F_PKCS7_SIGNER_INFO_NEW			 197
-#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW			 198
-#define ASN1_F_X509_ALGOR_NEW				 199
-#define ASN1_F_X509_ATTRIBUTE_NEW			 200
-#define ASN1_F_X509_CINF_NEW				 201
-#define ASN1_F_X509_CRL_INFO_NEW			 202
-#define ASN1_F_X509_CRL_NEW				 203
-#define ASN1_F_X509_DHPARAMS_NEW			 204
-#define ASN1_F_X509_EXTENSION_NEW			 205
-#define ASN1_F_X509_INFO_NEW				 206
-#define ASN1_F_X509_KEY_NEW				 207
-#define ASN1_F_X509_NAME_ENTRY_NEW			 208
-#define ASN1_F_X509_NAME_NEW				 209
-#define ASN1_F_X509_NEW					 210
-#define ASN1_F_X509_PKEY_NEW				 211
-#define ASN1_F_X509_PUBKEY_NEW				 212
-#define ASN1_F_X509_REQ_INFO_NEW			 213
-#define ASN1_F_X509_REQ_NEW				 214
-#define ASN1_F_X509_REVOKED_NEW				 215
-#define ASN1_F_X509_SIG_NEW				 216
-#define ASN1_F_X509_VAL_FREE				 217
-#define ASN1_F_X509_VAL_NEW				 218
+#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING		 117
+#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING		 118
+#define ASN1_F_ASN1_TYPE_NEW				 119
+#define ASN1_F_ASN1_UTCTIME_NEW				 120
+#define ASN1_F_ASN1_VERIFY				 121
+#define ASN1_F_BN_TO_ASN1_INTEGER			 122
+#define ASN1_F_D2I_ASN1_BIT_STRING			 123
+#define ASN1_F_D2I_ASN1_BMPSTRING			 124
+#define ASN1_F_D2I_ASN1_BOOLEAN				 125
+#define ASN1_F_D2I_ASN1_BYTES				 126
+#define ASN1_F_D2I_ASN1_HEADER				 127
+#define ASN1_F_D2I_ASN1_INTEGER				 128
+#define ASN1_F_D2I_ASN1_OBJECT				 129
+#define ASN1_F_D2I_ASN1_OCTET_STRING			 130
+#define ASN1_F_D2I_ASN1_PRINT_TYPE			 131
+#define ASN1_F_D2I_ASN1_SET				 132
+#define ASN1_F_D2I_ASN1_TYPE				 133
+#define ASN1_F_D2I_ASN1_TYPE_BYTES			 134
+#define ASN1_F_D2I_ASN1_UTCTIME				 135
+#define ASN1_F_D2I_DHPARAMS				 136
+#define ASN1_F_D2I_DSAPARAMS				 137
+#define ASN1_F_D2I_DSAPRIVATEKEY			 138
+#define ASN1_F_D2I_DSAPUBLICKEY				 139
+#define ASN1_F_D2I_NETSCAPE_PKEY			 140
+#define ASN1_F_D2I_NETSCAPE_RSA				 141
+#define ASN1_F_D2I_NETSCAPE_RSA_2			 142
+#define ASN1_F_D2I_NETSCAPE_SPKAC			 143
+#define ASN1_F_D2I_NETSCAPE_SPKI			 144
+#define ASN1_F_D2I_PKCS7				 145
+#define ASN1_F_D2I_PKCS7_DIGEST				 146
+#define ASN1_F_D2I_PKCS7_ENCRYPT			 147
+#define ASN1_F_D2I_PKCS7_ENC_CONTENT			 148
+#define ASN1_F_D2I_PKCS7_ENVELOPE			 149
+#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL		 150
+#define ASN1_F_D2I_PKCS7_RECIP_INFO			 151
+#define ASN1_F_D2I_PKCS7_SIGNED				 152
+#define ASN1_F_D2I_PKCS7_SIGNER_INFO			 153
+#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE			 154
+#define ASN1_F_D2I_PRIVATEKEY				 155
+#define ASN1_F_D2I_PUBLICKEY				 156
+#define ASN1_F_D2I_RSAPRIVATEKEY			 157
+#define ASN1_F_D2I_RSAPUBLICKEY				 158
+#define ASN1_F_D2I_X509					 159
+#define ASN1_F_D2I_X509_ALGOR				 160
+#define ASN1_F_D2I_X509_ATTRIBUTE			 161
+#define ASN1_F_D2I_X509_CINF				 162
+#define ASN1_F_D2I_X509_CRL				 163
+#define ASN1_F_D2I_X509_CRL_INFO			 164
+#define ASN1_F_D2I_X509_EXTENSION			 165
+#define ASN1_F_D2I_X509_KEY				 166
+#define ASN1_F_D2I_X509_NAME				 167
+#define ASN1_F_D2I_X509_NAME_ENTRY			 168
+#define ASN1_F_D2I_X509_PKEY				 169
+#define ASN1_F_D2I_X509_PUBKEY				 170
+#define ASN1_F_D2I_X509_REQ				 171
+#define ASN1_F_D2I_X509_REQ_INFO			 172
+#define ASN1_F_D2I_X509_REVOKED				 173
+#define ASN1_F_D2I_X509_SIG				 174
+#define ASN1_F_D2I_X509_VAL				 175
+#define ASN1_F_I2D_ASN1_HEADER				 176
+#define ASN1_F_I2D_DHPARAMS				 177
+#define ASN1_F_I2D_DSAPARAMS				 178
+#define ASN1_F_I2D_DSAPRIVATEKEY			 179
+#define ASN1_F_I2D_DSAPUBLICKEY				 180
+#define ASN1_F_I2D_NETSCAPE_RSA				 181
+#define ASN1_F_I2D_PKCS7				 182
+#define ASN1_F_I2D_PRIVATEKEY				 183
+#define ASN1_F_I2D_PUBLICKEY				 184
+#define ASN1_F_I2D_RSAPRIVATEKEY			 185
+#define ASN1_F_I2D_RSAPUBLICKEY				 186
+#define ASN1_F_I2D_X509_ATTRIBUTE			 187
+#define ASN1_F_I2T_ASN1_OBJECT				 188
+#define ASN1_F_NETSCAPE_PKEY_NEW			 189
+#define ASN1_F_NETSCAPE_SPKAC_NEW			 190
+#define ASN1_F_NETSCAPE_SPKI_NEW			 191
+#define ASN1_F_PKCS7_DIGEST_NEW				 192
+#define ASN1_F_PKCS7_ENCRYPT_NEW			 193
+#define ASN1_F_PKCS7_ENC_CONTENT_NEW			 194
+#define ASN1_F_PKCS7_ENVELOPE_NEW			 195
+#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW		 196
+#define ASN1_F_PKCS7_NEW				 197
+#define ASN1_F_PKCS7_RECIP_INFO_NEW			 198
+#define ASN1_F_PKCS7_SIGNED_NEW				 199
+#define ASN1_F_PKCS7_SIGNER_INFO_NEW			 200
+#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW			 201
+#define ASN1_F_X509_ALGOR_NEW				 202
+#define ASN1_F_X509_ATTRIBUTE_NEW			 203
+#define ASN1_F_X509_CINF_NEW				 204
+#define ASN1_F_X509_CRL_INFO_NEW			 205
+#define ASN1_F_X509_CRL_NEW				 206
+#define ASN1_F_X509_DHPARAMS_NEW			 207
+#define ASN1_F_X509_EXTENSION_NEW			 208
+#define ASN1_F_X509_INFO_NEW				 209
+#define ASN1_F_X509_KEY_NEW				 210
+#define ASN1_F_X509_NAME_ENTRY_NEW			 211
+#define ASN1_F_X509_NAME_NEW				 212
+#define ASN1_F_X509_NEW					 213
+#define ASN1_F_X509_PKEY_NEW				 214
+#define ASN1_F_X509_PUBKEY_NEW				 215
+#define ASN1_F_X509_REQ_INFO_NEW			 216
+#define ASN1_F_X509_REQ_NEW				 217
+#define ASN1_F_X509_REVOKED_NEW				 218
+#define ASN1_F_X509_SIG_NEW				 219
+#define ASN1_F_X509_VAL_FREE				 220
+#define ASN1_F_X509_VAL_NEW				 221
 
 /* Reason codes. */
 #define ASN1_R_BAD_CLASS				 100
@@ -735,49 +807,50 @@ int ASN1_UNIVERSALSTRING_to_string();
 #define ASN1_R_BN_LIB					 108
 #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH			 109
 #define ASN1_R_BUFFER_TOO_SMALL				 110
-#define ASN1_R_DECODING_ERROR				 111
-#define ASN1_R_ERROR_STACK				 112
-#define ASN1_R_EXPECTING_AN_INTEGER			 113
-#define ASN1_R_EXPECTING_AN_OBJECT			 114
-#define ASN1_R_EXPECTING_AN_OCTET_STRING		 115
-#define ASN1_R_EXPECTING_A_BIT_STRING			 116
-#define ASN1_R_EXPECTING_A_BOOLEAN			 117
-#define ASN1_R_EXPECTING_A_SEQUENCE			 118
-#define ASN1_R_EXPECTING_A_UTCTIME			 119
-#define ASN1_R_FIRST_NUM_TOO_LARGE			 120
-#define ASN1_R_HEADER_TOO_LONG				 121
-#define ASN1_R_INVALID_DIGIT				 122
-#define ASN1_R_INVALID_SEPARATOR			 123
-#define ASN1_R_INVALID_TIME_FORMAT			 124
-#define ASN1_R_IV_TOO_LARGE				 125
-#define ASN1_R_LENGTH_ERROR				 126
-#define ASN1_R_LENGTH_MISMATCH				 127
-#define ASN1_R_MISSING_EOS				 128
-#define ASN1_R_MISSING_SECOND_NUMBER			 129
-#define ASN1_R_NON_HEX_CHARACTERS			 130
-#define ASN1_R_NOT_ENOUGH_DATA				 131
-#define ASN1_R_ODD_NUMBER_OF_CHARS			 132
-#define ASN1_R_PARSING					 133
-#define ASN1_R_PRIVATE_KEY_HEADER_MISSING		 134
-#define ASN1_R_SECOND_NUMBER_TOO_LARGE			 135
-#define ASN1_R_SHORT_LINE				 136
-#define ASN1_R_STRING_TOO_SHORT				 137
-#define ASN1_R_TAG_VALUE_TOO_HIGH			 138
-#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 139
-#define ASN1_R_TOO_LONG					 140
-#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY			 141
-#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY		 142
-#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE			 143
-#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM		 144
-#define ASN1_R_UNKNOWN_OBJECT_TYPE			 145
-#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE			 146
-#define ASN1_R_UNSUPPORTED_CIPHER			 147
-#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM		 148
-#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE		 149
-#define ASN1_R_UTCTIME_TOO_LONG				 150
-#define ASN1_R_WRONG_PRINTABLE_TYPE			 151
-#define ASN1_R_WRONG_TAG				 152
-#define ASN1_R_WRONG_TYPE				 153
+#define ASN1_R_DATA_IS_WRONG				 111
+#define ASN1_R_DECODING_ERROR				 112
+#define ASN1_R_ERROR_STACK				 113
+#define ASN1_R_EXPECTING_AN_INTEGER			 114
+#define ASN1_R_EXPECTING_AN_OBJECT			 115
+#define ASN1_R_EXPECTING_AN_OCTET_STRING		 116
+#define ASN1_R_EXPECTING_A_BIT_STRING			 117
+#define ASN1_R_EXPECTING_A_BOOLEAN			 118
+#define ASN1_R_EXPECTING_A_SEQUENCE			 119
+#define ASN1_R_EXPECTING_A_UTCTIME			 120
+#define ASN1_R_FIRST_NUM_TOO_LARGE			 121
+#define ASN1_R_HEADER_TOO_LONG				 122
+#define ASN1_R_INVALID_DIGIT				 123
+#define ASN1_R_INVALID_SEPARATOR			 124
+#define ASN1_R_INVALID_TIME_FORMAT			 125
+#define ASN1_R_IV_TOO_LARGE				 126
+#define ASN1_R_LENGTH_ERROR				 127
+#define ASN1_R_LENGTH_MISMATCH				 128
+#define ASN1_R_MISSING_EOS				 129
+#define ASN1_R_MISSING_SECOND_NUMBER			 130
+#define ASN1_R_NON_HEX_CHARACTERS			 131
+#define ASN1_R_NOT_ENOUGH_DATA				 132
+#define ASN1_R_ODD_NUMBER_OF_CHARS			 133
+#define ASN1_R_PARSING					 134
+#define ASN1_R_PRIVATE_KEY_HEADER_MISSING		 135
+#define ASN1_R_SECOND_NUMBER_TOO_LARGE			 136
+#define ASN1_R_SHORT_LINE				 137
+#define ASN1_R_STRING_TOO_SHORT				 138
+#define ASN1_R_TAG_VALUE_TOO_HIGH			 139
+#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 140
+#define ASN1_R_TOO_LONG					 141
+#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY			 142
+#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY		 143
+#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE			 144
+#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM		 145
+#define ASN1_R_UNKNOWN_OBJECT_TYPE			 146
+#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE			 147
+#define ASN1_R_UNSUPPORTED_CIPHER			 148
+#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM		 149
+#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE		 150
+#define ASN1_R_UTCTIME_TOO_LONG				 151
+#define ASN1_R_WRONG_PRINTABLE_TYPE			 152
+#define ASN1_R_WRONG_TAG				 153
+#define ASN1_R_WRONG_TYPE				 154
  
 #ifdef  __cplusplus
 }
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index 5e6a41b952..03c2858e7d 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -60,6 +60,7 @@
 #include "asn1.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA ASN1_str_functs[]=
 	{
 {ERR_PACK(0,ASN1_F_A2D_ASN1_OBJECT,0),	"a2d_ASN1_OBJECT"},
@@ -79,11 +80,14 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_ASN1_SIGN,0),	"ASN1_SIGN"},
 {ERR_PACK(0,ASN1_F_ASN1_STRING_NEW,0),	"ASN1_STRING_new"},
 {ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0),	"ASN1_STRING_type_new"},
+{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0),	"ASN1_TYPE_get_int_octetstring"},
+{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0),	"ASN1_TYPE_get_octetstring"},
 {ERR_PACK(0,ASN1_F_ASN1_TYPE_NEW,0),	"ASN1_TYPE_new"},
 {ERR_PACK(0,ASN1_F_ASN1_UTCTIME_NEW,0),	"ASN1_UTCTIME_NEW"},
 {ERR_PACK(0,ASN1_F_ASN1_VERIFY,0),	"ASN1_VERIFY"},
 {ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0),	"BN_to_ASN1_INTEGER"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0),	"d2i_ASN1_BIT_STRING"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0),	"D2I_ASN1_BMPSTRING"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0),	"d2i_ASN1_BOOLEAN"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0),	"d2i_ASN1_bytes"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0),	"d2i_ASN1_HEADER"},
@@ -135,7 +139,6 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_D2I_X509_REVOKED,0),	"D2I_X509_REVOKED"},
 {ERR_PACK(0,ASN1_F_D2I_X509_SIG,0),	"D2I_X509_SIG"},
 {ERR_PACK(0,ASN1_F_D2I_X509_VAL,0),	"D2I_X509_VAL"},
-{ERR_PACK(0,ASN1_F_I2A_ASN1_OBJECT,0),	"i2a_ASN1_OBJECT"},
 {ERR_PACK(0,ASN1_F_I2D_ASN1_HEADER,0),	"i2d_ASN1_HEADER"},
 {ERR_PACK(0,ASN1_F_I2D_DHPARAMS,0),	"I2D_DHPARAMS"},
 {ERR_PACK(0,ASN1_F_I2D_DSAPARAMS,0),	"I2D_DSAPARAMS"},
@@ -148,6 +151,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_I2D_RSAPRIVATEKEY,0),	"I2D_RSAPRIVATEKEY"},
 {ERR_PACK(0,ASN1_F_I2D_RSAPUBLICKEY,0),	"I2D_RSAPUBLICKEY"},
 {ERR_PACK(0,ASN1_F_I2D_X509_ATTRIBUTE,0),	"I2D_X509_ATTRIBUTE"},
+{ERR_PACK(0,ASN1_F_I2T_ASN1_OBJECT,0),	"i2t_ASN1_OBJECT"},
 {ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0),	"NETSCAPE_PKEY_NEW"},
 {ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0),	"NETSCAPE_SPKAC_NEW"},
 {ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0),	"NETSCAPE_SPKI_NEW"},
@@ -197,6 +201,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
 {ASN1_R_BN_LIB                           ,"bn lib"},
 {ASN1_R_BOOLEAN_IS_WRONG_LENGTH          ,"boolean is wrong length"},
 {ASN1_R_BUFFER_TOO_SMALL                 ,"buffer too small"},
+{ASN1_R_DATA_IS_WRONG                    ,"data is wrong"},
 {ASN1_R_DECODING_ERROR                   ,"decoding error"},
 {ASN1_R_ERROR_STACK                      ,"error stack"},
 {ASN1_R_EXPECTING_AN_INTEGER             ,"expecting an integer"},
@@ -243,14 +248,19 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_ASN1_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs);
 		ERR_load_strings(ERR_LIB_ASN1,ASN1_str_reasons);
+#endif
+
 		}
 	}
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index bdd706bcf1..ff30b25836 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/asn1_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -69,7 +69,7 @@ static int asn1_get_length();
 static void asn1_put_length();
 #endif
 
-char *ASN1_version="ASN1 part of SSLeay 0.8.1b 29-Jun-1998";
+char *ASN1_version="ASN1 part of SSLeay 0.9.0b 29-Jun-1998";
 
 int ASN1_check_infinite_end(p,len)
 unsigned char **p;
@@ -133,8 +133,8 @@ long omax;
 #ifdef undef
 	fprintf(stderr,"p=%d + *plength=%d > omax=%d + *pp=%d  (%d > %d)\n", 
 		p,*plength,omax,*pp,(p+ *plength),omax+ *pp);
-#endif
 
+#endif
 	if ((p+ *plength) > (omax+ *pp))
 		{
 		ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
@@ -431,3 +431,14 @@ ASN1_STRING *a,*b;
 		return(i);
 	}
 
+void asn1_add_error(address,offset)
+unsigned char *address;
+int offset;
+	{
+	char buf1[16],buf2[16];
+
+	sprintf(buf1,"%lu",(unsigned long)address);
+	sprintf(buf2,"%d",offset);
+	ERR_add_error_data(4,"address=",buf1," offset=",buf2);
+	}
+
diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h
index e4ce0aaa7c..4fba70e4bb 100644
--- a/crypto/asn1/asn1_mac.h
+++ b/crypto/asn1/asn1_mac.h
@@ -1,5 +1,5 @@
 /* crypto/asn1/asn1_mac.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -91,6 +91,7 @@ extern "C" {
 	M_ASN1_D2I_Finish_2(a); \
 err:\
 	ASN1err((e),c.error); \
+	asn1_add_error(*pp,(int)(c.q- *pp)); \
 	if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
 	return(NULL)
 
@@ -257,7 +258,7 @@ err:\
 			{ \
 			unsigned char *q=p; \
 			f(a,&p); \
-			*q=(V_ASN1_CONTEXT_SPECIFIC|t); \
+			*q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\
 			}
 
 #define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
@@ -307,8 +308,10 @@ err:\
 
 #ifndef NOPROTO
 int asn1_GetSequence(ASN1_CTX *c, long *length);
+void asn1_add_error(unsigned char *address,int offset);
 #else 
 int asn1_GetSequence();
+void asn1_add_error();
 #endif
 
 #ifdef  __cplusplus
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index c6cbe1dfa5..3906227d21 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/asn1_par.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -144,7 +144,8 @@ int indent;
 		p="GENERALSTRING";
 	else if (tag == V_ASN1_UNIVERSALSTRING)
 		p="UNIVERSALSTRING";
-
+	else if (tag == V_ASN1_BMPSTRING)
+		p="BMPSTRING";
 	else
 		p2="(unknown)";
 		
@@ -184,6 +185,7 @@ int indent;
 	int nl,hl,j,r;
 	ASN1_OBJECT *o=NULL;
 	ASN1_OCTET_STRING *os=NULL;
+	/* ASN1_BMPSTRING *bmp=NULL;*/
 
 	p= *pp;
 	tot=p+length;
@@ -299,6 +301,10 @@ int indent;
 					}
 				BIO_printf(bp,":%d",ii);
 				}
+			else if (tag == V_ASN1_BMPSTRING)
+				{
+				/* do the BMP thang */
+				}
 			else if (tag == V_ASN1_OCTET_STRING)
 				{
 				int i,printable=1;
diff --git a/crypto/asn1/d2i_dhp.c b/crypto/asn1/d2i_dhp.c
index 6ae3e0efa3..616a308100 100644
--- a/crypto/asn1/d2i_dhp.c
+++ b/crypto/asn1/d2i_dhp.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/d2i_dhp.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/d2i_dsap.c b/crypto/asn1/d2i_dsap.c
index d0732af23a..2c8ac7bbcf 100644
--- a/crypto/asn1/d2i_dsap.c
+++ b/crypto/asn1/d2i_dsap.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/d2i_dsap.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
index 0b60aee4c0..b9eaa9629b 100644
--- a/crypto/asn1/d2i_pr.c
+++ b/crypto/asn1/d2i_pr.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/d2i_pr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c
index 142742e844..5d6192f1e5 100644
--- a/crypto/asn1/d2i_pu.c
+++ b/crypto/asn1/d2i_pu.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/d2i_pu.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/d2i_r_pr.c b/crypto/asn1/d2i_r_pr.c
index af95f30a56..0c53aa94bf 100644
--- a/crypto/asn1/d2i_r_pr.c
+++ b/crypto/asn1/d2i_r_pr.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/d2i_r_pr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/d2i_r_pu.c b/crypto/asn1/d2i_r_pu.c
index 0febef6b36..778b792b1e 100644
--- a/crypto/asn1/d2i_r_pu.c
+++ b/crypto/asn1/d2i_r_pu.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/d2i_r_pu.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/d2i_s_pr.c b/crypto/asn1/d2i_s_pr.c
index 987db4e3c2..32ff8ba4b3 100644
--- a/crypto/asn1/d2i_s_pr.c
+++ b/crypto/asn1/d2i_s_pr.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/d2i_s_pr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/d2i_s_pu.c b/crypto/asn1/d2i_s_pu.c
index dfffa82030..1002f41cd8 100644
--- a/crypto/asn1/d2i_s_pu.c
+++ b/crypto/asn1/d2i_s_pu.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/d2i_s_pu.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/evp_asn1.c b/crypto/asn1/evp_asn1.c
new file mode 100644
index 0000000000..ebe34a3362
--- /dev/null
+++ b/crypto/asn1/evp_asn1.c
@@ -0,0 +1,193 @@
+/* crypto/asn1/evp_asn1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+#include "asn1_mac.h"
+
+int ASN1_TYPE_set_octetstring(a,data,len)
+ASN1_TYPE *a;
+unsigned char *data;
+int len;
+	{
+	ASN1_STRING *os;
+
+	if ((os=ASN1_OCTET_STRING_new()) == NULL) return(0);
+	if (!ASN1_OCTET_STRING_set(os,data,len)) return(0);
+	ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,(char *)os);
+	return(1);
+	}
+
+int ASN1_TYPE_get_octetstring(a,data,max_len)
+ASN1_TYPE *a;
+unsigned char *data;
+int max_len; /* for returned value */
+	{
+	int ret,num;
+	unsigned char *p;
+
+	if ((a->type != V_ASN1_OCTET_STRING) || (a->value.octet_string == NULL))
+		{
+		ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
+		return(-1);
+		}
+	p=ASN1_STRING_data(a->value.octet_string);
+	ret=ASN1_STRING_length(a->value.octet_string);
+	if (ret < max_len)
+		num=ret;
+	else
+		num=max_len;
+	memcpy(data,p,num);
+	return(ret);
+	}
+
+int ASN1_TYPE_set_int_octetstring(a,num,data,len)
+ASN1_TYPE *a;
+long num;
+unsigned char *data;
+int len;
+	{
+	int n,size;
+	ASN1_OCTET_STRING os,*osp;
+	ASN1_INTEGER in;
+	unsigned char *p;
+	unsigned char buf[32]; /* when they have 256bit longs, 
+				* I'll be in trouble */
+	in.data=buf;
+	in.length=32;
+	os.data=data;
+	os.type=V_ASN1_OCTET_STRING;
+	os.length=len;
+	ASN1_INTEGER_set(&in,num);
+	n =  i2d_ASN1_INTEGER(&in,NULL);
+	n+=M_i2d_ASN1_OCTET_STRING(&os,NULL);
+
+	size=ASN1_object_size(1,n,V_ASN1_SEQUENCE);
+
+	if ((osp=ASN1_STRING_new()) == NULL) return(0);
+	/* Grow the 'string' */
+	ASN1_STRING_set(osp,NULL,size);
+
+	ASN1_STRING_length(osp)=size;
+	p=ASN1_STRING_data(osp);
+
+	ASN1_put_object(&p,1,n,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+	  i2d_ASN1_INTEGER(&in,&p);
+	M_i2d_ASN1_OCTET_STRING(&os,&p);
+
+	ASN1_TYPE_set(a,V_ASN1_SEQUENCE,(char *)osp);
+	return(1);
+	}
+
+/* we return the actual length... */
+int ASN1_TYPE_get_int_octetstring(a,num,data,max_len)
+ASN1_TYPE *a;
+long *num;
+unsigned char *data;
+int max_len; /* for returned value */
+	{
+	int ret= -1,n;
+	ASN1_INTEGER *ai=NULL;
+	ASN1_OCTET_STRING *os=NULL;
+	unsigned char *p;
+	long length;
+	ASN1_CTX c;
+
+	if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL))
+		{
+		goto err;
+		}
+	p=ASN1_STRING_data(a->value.sequence);
+	length=ASN1_STRING_length(a->value.sequence);
+
+	c.pp= &p;
+	c.p=p;
+	c.max=p+length;
+	c.error=ASN1_R_DATA_IS_WRONG;
+
+	M_ASN1_D2I_start_sequence();
+	c.q=c.p;
+	if ((ai=d2i_ASN1_INTEGER(NULL,&c.p,c.slen)) == NULL) goto err;
+        c.slen-=(c.p-c.q);
+	c.q=c.p;
+	if ((os=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) goto err;
+        c.slen-=(c.p-c.q);
+	if (!M_ASN1_D2I_end_sequence()) goto err;
+
+	if (num != NULL)
+		*num=ASN1_INTEGER_get(ai);
+
+	ret=ASN1_STRING_length(os);
+	if (max_len > ret)
+		n=ret;
+	else
+		n=max_len;
+
+	if (data != NULL)
+		memcpy(data,ASN1_STRING_data(os),n);
+	if (0)
+		{
+err:
+		ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
+		}
+	if (os != NULL) ASN1_OCTET_STRING_free(os);
+	if (ai != NULL) ASN1_INTEGER_free(ai);
+	return(ret);
+	}
+
diff --git a/crypto/asn1/f.c b/crypto/asn1/f.c
new file mode 100644
index 0000000000..2ab3a262ac
--- /dev/null
+++ b/crypto/asn1/f.c
@@ -0,0 +1,80 @@
+/* crypto/asn1/f.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "asn1.h"
+#include "err.h"
+
+main()
+	{
+	ASN1_TYPE *at;
+	char buf[512];
+	int n;
+	long l;
+
+	at=ASN1_TYPE_new();
+
+	n=ASN1_TYPE_set_int_octetstring(at,98736,"01234567",8);
+	printf("%d\n",n);
+	n=ASN1_TYPE_get_int_octetstring(at,&l,buf,8);
+	buf[8]='\0';
+	printf("%ld %d %d\n",l,n,buf[8]);
+	buf[8]='\0';
+	printf("%s\n",buf);
+	ERR_load_crypto_strings();
+	ERR_print_errors_fp(stderr);
+	}
diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c
index f786b12d68..4817c45cb7 100644
--- a/crypto/asn1/f_int.c
+++ b/crypto/asn1/f_int.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/f_int.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/f_string.c b/crypto/asn1/f_string.c
index 68001c3245..ab2837824e 100644
--- a/crypto/asn1/f_string.c
+++ b/crypto/asn1/f_string.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/f_string.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/i2d_dhp.c b/crypto/asn1/i2d_dhp.c
index 087b6b8f6c..a454025ce3 100644
--- a/crypto/asn1/i2d_dhp.c
+++ b/crypto/asn1/i2d_dhp.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/i2d_dhp.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/i2d_dsap.c b/crypto/asn1/i2d_dsap.c
index e051c99886..94ecff1525 100644
--- a/crypto/asn1/i2d_dsap.c
+++ b/crypto/asn1/i2d_dsap.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/i2d_dsap.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c
index 361beb9fdd..b6b821d73c 100644
--- a/crypto/asn1/i2d_pr.c
+++ b/crypto/asn1/i2d_pr.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/i2d_pr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/i2d_pu.c b/crypto/asn1/i2d_pu.c
index 2694cd4423..1b854252b7 100644
--- a/crypto/asn1/i2d_pu.c
+++ b/crypto/asn1/i2d_pu.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/i2d_pu.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/i2d_r_pr.c b/crypto/asn1/i2d_r_pr.c
index fa9389760a..aadbb92d8e 100644
--- a/crypto/asn1/i2d_r_pr.c
+++ b/crypto/asn1/i2d_r_pr.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/i2d_r_pr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/i2d_r_pu.c b/crypto/asn1/i2d_r_pu.c
index 31dc8363ba..3c54f6709d 100644
--- a/crypto/asn1/i2d_r_pu.c
+++ b/crypto/asn1/i2d_r_pu.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/i2d_r_pu.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/i2d_s_pr.c b/crypto/asn1/i2d_s_pr.c
index 0c0a5c6f57..6e95305548 100644
--- a/crypto/asn1/i2d_s_pr.c
+++ b/crypto/asn1/i2d_s_pr.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/i2d_s_pr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/i2d_s_pu.c b/crypto/asn1/i2d_s_pu.c
index cfb7c11f8b..5cf2877069 100644
--- a/crypto/asn1/i2d_s_pu.c
+++ b/crypto/asn1/i2d_s_pu.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/i2d_s_pu.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c
index 6353d18c53..5110c91bec 100644
--- a/crypto/asn1/n_pkey.c
+++ b/crypto/asn1/n_pkey.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/n_pkey.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -81,14 +81,11 @@ typedef struct netscape_pkey_st
  * ASN1err(ASN1_F_NETSCAPE_PKEY_NEW,ASN1_R_DECODING_ERROR);
  */
 #ifndef NOPROTO
-static RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length,
-	int (*cb)());
 static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp);
 static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length);
 static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void);
 static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *);
 #else
-static RSA *d2i_Netscape_RSA_2();
 static int i2d_NETSCAPE_PKEY();
 static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY();
 static NETSCAPE_PKEY *NETSCAPE_PKEY_new();
@@ -183,6 +180,8 @@ int (*cb)();
 	EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,
 		strlen((char *)buf),1,key,NULL);
 	memset(buf,0,256);
+
+	EVP_CIPHER_CTX_init(&ctx);
 	EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL);
 	EVP_EncryptUpdate(&ctx,os2.data,&i,os2.data,os2.length);
 	EVP_EncryptFinal(&ctx,&(os2.data[i]),&j);
@@ -234,7 +233,7 @@ int (*cb)();
 	M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA);
 	}
 
-static RSA *d2i_Netscape_RSA_2(a,pp,length,cb)
+RSA *d2i_Netscape_RSA_2(a,pp,length,cb)
 RSA **a;
 unsigned char **pp;
 long length;
@@ -274,6 +273,8 @@ int (*cb)();
 	EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,
 		strlen((char *)buf),1,key,NULL);
 	memset(buf,0,256);
+
+	EVP_CIPHER_CTX_init(&ctx);
 	EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL);
 	EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length);
 	EVP_DecryptFinal(&ctx,&(os->data[i]),&j);
diff --git a/crypto/asn1/p7_dgst.c b/crypto/asn1/p7_dgst.c
index 206c2a6bb3..f71ed8eb1d 100644
--- a/crypto/asn1/p7_dgst.c
+++ b/crypto/asn1/p7_dgst.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/p7_dgst.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/p7_enc.c b/crypto/asn1/p7_enc.c
index ce4bedb113..874dd78389 100644
--- a/crypto/asn1/p7_enc.c
+++ b/crypto/asn1/p7_enc.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/p7_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/p7_enc_c.c b/crypto/asn1/p7_enc_c.c
index b27d443533..2860d3e925 100644
--- a/crypto/asn1/p7_enc_c.c
+++ b/crypto/asn1/p7_enc_c.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/p7_enc_c.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/p7_evp.c b/crypto/asn1/p7_evp.c
index a41d09db77..4db0a7fe62 100644
--- a/crypto/asn1/p7_evp.c
+++ b/crypto/asn1/p7_evp.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/p7_evp.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/p7_i_s.c b/crypto/asn1/p7_i_s.c
index 413c7e1e69..9b00c556d9 100644
--- a/crypto/asn1/p7_i_s.c
+++ b/crypto/asn1/p7_i_s.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/p7_i_s.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/p7_lib.c b/crypto/asn1/p7_lib.c
index b745df0944..2134e0974a 100644
--- a/crypto/asn1/p7_lib.c
+++ b/crypto/asn1/p7_lib.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/p7_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/p7_recip.c b/crypto/asn1/p7_recip.c
index e4ebda0060..f02233f5a8 100644
--- a/crypto/asn1/p7_recip.c
+++ b/crypto/asn1/p7_recip.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/p7_recip.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -113,6 +113,7 @@ PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new()
 	M_ASN1_New(ret->issuer_and_serial,PKCS7_ISSUER_AND_SERIAL_new);
 	M_ASN1_New(ret->key_enc_algor,X509_ALGOR_new);
 	M_ASN1_New(ret->enc_key,ASN1_OCTET_STRING_new);
+	ret->cert=NULL;
 	return(ret);
 	M_ASN1_New_Error(ASN1_F_PKCS7_RECIP_INFO_NEW);
 	}
@@ -125,6 +126,7 @@ PKCS7_RECIP_INFO *a;
 	PKCS7_ISSUER_AND_SERIAL_free(a->issuer_and_serial);
 	X509_ALGOR_free(a->key_enc_algor);
 	ASN1_OCTET_STRING_free(a->enc_key);
+	if (a->cert != NULL) X509_free(a->cert);
 	Free((char *)a);
 	}
 
diff --git a/crypto/asn1/p7_s_e.c b/crypto/asn1/p7_s_e.c
index df5fa3ff8c..d344211456 100644
--- a/crypto/asn1/p7_s_e.c
+++ b/crypto/asn1/p7_s_e.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/p7_s_e.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/p7_signd.c b/crypto/asn1/p7_signd.c
index 23dc7ce268..40f9a44fa8 100644
--- a/crypto/asn1/p7_signd.c
+++ b/crypto/asn1/p7_signd.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/p7_signd.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/p7_signi.c b/crypto/asn1/p7_signi.c
index d6682e0359..0da92169fc 100644
--- a/crypto/asn1/p7_signi.c
+++ b/crypto/asn1/p7_signi.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/p7_signi.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/pkcs8.c b/crypto/asn1/pkcs8.c
index bd0d191530..03fdadd51a 100644
--- a/crypto/asn1/pkcs8.c
+++ b/crypto/asn1/pkcs8.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/pkcs8.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -122,6 +122,9 @@ X509 *a;
 	if (a == NULL) return;
 
 	i=CRYPTO_add_lock(&a->references,-1,CRYPTO_LOCK_X509_KEY);
+#ifdef REF_PRINT
+	REF_PRINT("X509_KEY",a);
+#endif
 	if (i > 0) return;
 #ifdef REF_CHECK
 	if (i < 0)
diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c
index 09a5abec67..bc518d59a2 100644
--- a/crypto/asn1/t_pkey.c
+++ b/crypto/asn1/t_pkey.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/t_pkey.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -82,7 +82,7 @@ static int print();
 #endif
 
 #ifndef NO_RSA
-#ifndef WIN16
+#ifndef NO_FP_API
 int RSA_print_fp(fp,x,off)
 FILE *fp;
 RSA *x;
@@ -153,7 +153,7 @@ err:
 #endif /* NO_RSA */
 
 #ifndef NO_DSA
-#ifndef WIN16
+#ifndef NO_FP_API
 int DSA_print_fp(fp,x,off)
 FILE *fp;
 DSA *x;
@@ -283,7 +283,7 @@ int off;
 	}
 
 #ifndef NO_DH
-#ifndef WIN16
+#ifndef NO_FP_API
 int DHparams_print_fp(fp,x)
 FILE *fp;
 DH *x;
@@ -329,15 +329,18 @@ DH *x;
 			(int)x->length) <= 0) goto err;
 		}
 	ret=1;
+	if (0)
+		{
 err:
+		DHerr(DH_F_DHPARAMS_PRINT,reason);
+		}
 	if (m != NULL) Free((char *)m);
-	DHerr(DH_F_DHPARAMS_PRINT,reason);
 	return(ret);
 	}
 #endif
 
 #ifndef NO_DSA
-#ifndef WIN16
+#ifndef NO_FP_API
 int DSAparams_print_fp(fp,x)
 FILE *fp;
 DSA *x;
diff --git a/crypto/asn1/t_req.c b/crypto/asn1/t_req.c
index 922f6b3923..7df749a48f 100644
--- a/crypto/asn1/t_req.c
+++ b/crypto/asn1/t_req.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/t_req.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -63,7 +63,7 @@
 #include "objects.h"
 #include "x509.h"
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int X509_REQ_print_fp(fp,x)
 FILE *fp;
 X509_REQ *x;
diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c
index 8ff0a85166..b10fbbb992 100644
--- a/crypto/asn1/t_x509.c
+++ b/crypto/asn1/t_x509.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/t_x509.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -69,7 +69,7 @@
 #include "objects.h"
 #include "x509.h"
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int X509_print_fp(fp,x)
 FILE *fp;
 X509 *x;
@@ -304,7 +304,7 @@ ASN1_UTCTIME *tm;
 	for (i=0; i<10; i++)
 		if ((v[i] > '9') || (v[i] < '0')) goto err;
 	y= (v[0]-'0')*10+(v[1]-'0');
-	if (y < 70) y+=100;
+	if (y < 50) y+=100;
 	M= (v[2]-'0')*10+(v[3]-'0');
 	if ((M > 12) || (M < 1)) goto err;
 	d= (v[4]-'0')*10+(v[5]-'0');
diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c
index 1a23812c96..0ed2c87b64 100644
--- a/crypto/asn1/x_algor.c
+++ b/crypto/asn1/x_algor.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_algor.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/x_attrib.c b/crypto/asn1/x_attrib.c
index bce6f3aad5..e52ced8627 100644
--- a/crypto/asn1/x_attrib.c
+++ b/crypto/asn1/x_attrib.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_attrib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/x_cinf.c b/crypto/asn1/x_cinf.c
index e5cc2af722..4fc2cc9f6e 100644
--- a/crypto/asn1/x_cinf.c
+++ b/crypto/asn1/x_cinf.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_cinf.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c
index 22cb99fb00..13acdab427 100644
--- a/crypto/asn1/x_crl.c
+++ b/crypto/asn1/x_crl.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_crl.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -130,7 +130,8 @@ unsigned char **pp;
 	M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
 	M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
 	M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_UTCTIME);
-	M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_UTCTIME);
+	if (a->nextUpdate != NULL)
+		{ M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_UTCTIME); }
 	M_ASN1_I2D_len_SEQ_opt(a->revoked,i2d_X509_REVOKED);
 	M_ASN1_I2D_len_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
 		V_ASN1_SEQUENCE,v1);
@@ -144,7 +145,8 @@ unsigned char **pp;
 	M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
 	M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
 	M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_UTCTIME);
-	M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_UTCTIME);
+	if (a->nextUpdate != NULL)
+		{ M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_UTCTIME); }
 	M_ASN1_I2D_put_SEQ_opt(a->revoked,i2d_X509_REVOKED);
 	M_ASN1_I2D_put_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
 		V_ASN1_SEQUENCE,v1);
@@ -175,7 +177,7 @@ long length;
 	M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
 	M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
 	M_ASN1_D2I_get(ret->lastUpdate,d2i_ASN1_UTCTIME);
-	M_ASN1_D2I_get(ret->nextUpdate,d2i_ASN1_UTCTIME);
+	M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_UTCTIME,V_ASN1_UTCTIME);
 	if (ret->revoked != NULL)
 		{
 		while (sk_num(ret->revoked))
@@ -264,7 +266,7 @@ X509_CRL_INFO *X509_CRL_INFO_new()
 	M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
 	M_ASN1_New(ret->issuer,X509_NAME_new);
 	M_ASN1_New(ret->lastUpdate,ASN1_UTCTIME_new);
-	M_ASN1_New(ret->nextUpdate,ASN1_UTCTIME_new);
+	ret->nextUpdate=NULL;
 	M_ASN1_New(ret->revoked,sk_new_null);
 	M_ASN1_New(ret->extensions,sk_new_null);
 	ret->revoked->comp=(int (*)())X509_REVOKED_cmp;
@@ -303,7 +305,8 @@ X509_CRL_INFO *a;
 	X509_ALGOR_free(a->sig_alg);
 	X509_NAME_free(a->issuer);
 	ASN1_UTCTIME_free(a->lastUpdate);
-	ASN1_UTCTIME_free(a->nextUpdate);
+	if (a->nextUpdate)
+		ASN1_UTCTIME_free(a->nextUpdate);
 	sk_pop_free(a->revoked,X509_REVOKED_free);
 	sk_pop_free(a->extensions,X509_EXTENSION_free);
 	Free((char *)a);
@@ -317,6 +320,9 @@ X509_CRL *a;
 	if (a == NULL) return;
 
 	i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_CRL);
+#ifdef REF_PRINT
+	REF_PRINT("X509_CRL",a);
+#endif
 	if (i > 0) return;
 #ifdef REF_CHECK
 	if (i < 0)
diff --git a/crypto/asn1/x_exten.c b/crypto/asn1/x_exten.c
index 89daf3f226..54ffe2f00b 100644
--- a/crypto/asn1/x_exten.c
+++ b/crypto/asn1/x_exten.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_exten.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -108,6 +108,10 @@ long length;
 	M_ASN1_D2I_start_sequence();
 	M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
 
+	if ((ret->argp != NULL) && (ret->ex_free != NULL))
+		ret->ex_free(ret);
+	ret->argl=0;
+	ret->argp=NULL;
 	ret->netscape_hack=0;
 	if ((c.slen != 0) &&
 		(M_ASN1_next == (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN)))
@@ -132,6 +136,9 @@ X509_EXTENSION *X509_EXTENSION_new()
 	M_ASN1_New(ret->value,ASN1_OCTET_STRING_new);
 	ret->critical=0;
 	ret->netscape_hack=0;
+	ret->argl=0L;
+	ret->argp=NULL;
+	ret->ex_free=NULL;
 	return(ret);
 	M_ASN1_New_Error(ASN1_F_X509_EXTENSION_NEW);
 	}
@@ -140,6 +147,8 @@ void X509_EXTENSION_free(a)
 X509_EXTENSION *a;
 	{
 	if (a == NULL) return;
+	if ((a->argp != NULL) && (a->ex_free != NULL))
+		a->ex_free(a);
 	ASN1_OBJECT_free(a->object);
 	ASN1_OCTET_STRING_free(a->value);
 	Free((char *)a);
diff --git a/crypto/asn1/x_info.c b/crypto/asn1/x_info.c
index e46c67298f..b55f0ce77a 100644
--- a/crypto/asn1/x_info.c
+++ b/crypto/asn1/x_info.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_info.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -92,6 +92,9 @@ X509_INFO *x;
 	if (x == NULL) return;
 
 	i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_INFO);
+#ifdef REF_PRINT
+	REF_PRINT("X509_INFO",x);
+#endif
 	if (i > 0) return;
 #ifdef REF_CHECK
 	if (i < 0)
diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c
index c03f9169cb..28b9c34b58 100644
--- a/crypto/asn1/x_name.c
+++ b/crypto/asn1/x_name.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_name.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c
index ced975b40e..1d4d926129 100644
--- a/crypto/asn1/x_pkey.c
+++ b/crypto/asn1/x_pkey.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_pkey.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -136,6 +136,9 @@ X509_PKEY *x;
 	if (x == NULL) return;
 
 	i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_PKEY);
+#ifdef REF_PRINT
+	REF_PRINT("X509_PKEY",x);
+#endif
 	if (i > 0) return;
 #ifdef REF_CHECK
 	if (i < 0)
diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
index b1a2499d34..a309cf74a7 100644
--- a/crypto/asn1/x_pubkey.c
+++ b/crypto/asn1/x_pubkey.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_pubkey.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -211,12 +211,16 @@ X509_PUBKEY *key;
 	long j;
 	int type;
 	unsigned char *p;
+#ifndef NO_DSA
 	X509_ALGOR *a;
+#endif
+
+	if (key == NULL) goto err;
+
+	if (key->pkey != NULL) return(key->pkey);
+
+	if (key->public_key == NULL) goto err;
 
-	if (key->pkey != NULL)
-		{
-		return(key->pkey);
-		}
 	type=OBJ_obj2nid(key->algor->algorithm);
 	p=key->public_key->data;
         j=key->public_key->length;
diff --git a/crypto/asn1/x_req.c b/crypto/asn1/x_req.c
index 02b31add17..ff0be13d37 100644
--- a/crypto/asn1/x_req.c
+++ b/crypto/asn1/x_req.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_req.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -226,6 +226,9 @@ X509_REQ *a;
 	if (a == NULL) return;
 
 	i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_REQ);
+#ifdef REF_PRINT
+	REF_PRINT("X509_REQ",a);
+#endif
 	if (i > 0) return;
 #ifdef REF_CHECK
 	if (i < 0)
diff --git a/crypto/asn1/x_sig.c b/crypto/asn1/x_sig.c
index 186c404e86..f0a2e4c27a 100644
--- a/crypto/asn1/x_sig.c
+++ b/crypto/asn1/x_sig.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_sig.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/x_spki.c b/crypto/asn1/x_spki.c
index bfeb0659a6..4a80df44b8 100644
--- a/crypto/asn1/x_spki.c
+++ b/crypto/asn1/x_spki.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_spki.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/x_val.c b/crypto/asn1/x_val.c
index e2e4d00436..a9c390f88c 100644
--- a/crypto/asn1/x_val.c
+++ b/crypto/asn1/x_val.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_val.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c
index d80a5cbc01..bc466ce0f6 100644
--- a/crypto/asn1/x_x509.c
+++ b/crypto/asn1/x_x509.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_x509.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -137,6 +137,9 @@ X509 *a;
 	if (a == NULL) return;
 
 	i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509);
+#ifdef REF_PRINT
+	REF_PRINT("X509",a);
+#endif
 	if (i > 0) return;
 #ifdef REF_CHECK
 	if (i < 0)
diff --git a/crypto/bf/Makefile.ssl b/crypto/bf/Makefile.ssl
index 1a44992a1a..236671f238 100644
--- a/crypto/bf/Makefile.ssl
+++ b/crypto/bf/Makefile.ssl
@@ -25,8 +25,8 @@ TEST=bftest.c
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c 
-LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cbc.o bf_cfb64.o bf_ofb64.o
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c 
+LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o
 
 SRC= $(LIBSRC)
 
@@ -46,23 +46,26 @@ lib:	$(LIBOBJ)
 	@touch lib
 
 # elf
-asm/bx86-elf.o: asm/bx86-cpp.s asm/bx86unix.cpp
+asm/bx86-elf.o: asm/bx86unix.cpp
 	$(CPP) -DELF asm/bx86unix.cpp | as -o asm/bx86-elf.o
 
 # solaris
-asm/bx86-sol.o: asm/bx86-cpp.s asm/bx86unix.cpp
+asm/bx86-sol.o: asm/bx86unix.cpp
 	$(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s
 	as -o asm/bx86-sol.o asm/bx86-sol.s
 	rm -f asm/bx86-sol.s
 
 # a.out
-asm/bx86-out.o: asm/bx86-cpp.s asm/bx86unix.cpp
+asm/bx86-out.o: asm/bx86unix.cpp
 	$(CPP) -DOUT asm/bx86unix.cpp | as -o asm/bx86-out.o
 
 # bsdi
-asm/bx86bsdi.o: asm/bx86-cpp.s asm/bx86unix.cpp
+asm/bx86bsdi.o: asm/bx86unix.cpp
 	$(CPP) -DBSDI asm/bx86unix.cpp | as -o asm/bx86bsdi.o
 
+asm/bx86unix.cpp:
+	(cd asm; perl bf-586.pl cpp >bx86unix.cpp)
+
 files:
 	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
@@ -73,10 +76,6 @@ links:
 	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
 	$(TOP)/util/mklink.sh ../../test $(TEST)
 	$(TOP)/util/mklink.sh ../../apps $(APPS)
-	/bin/rm -f asm/x86ms.pl asm/x86unix.pl
-	$(TOP)/util/point.sh ../../perlasm/x86ms.pl asm/x86ms.pl
-	$(TOP)/util/point.sh ../../perlasm/x86unix.pl asm/x86unix.pl
-
 
 install:
 	@for i in $(EXHEADER) ; \
diff --git a/crypto/bf/Makefile.uni b/crypto/bf/Makefile.uni
index 8517295475..9ba5b0c854 100644
--- a/crypto/bf/Makefile.uni
+++ b/crypto/bf/Makefile.uni
@@ -7,6 +7,8 @@
 # make x86-solaris
 # make x86-bdsi
 
+DIR=	bf
+TOP=	.
 # use BF_PTR2 for intel boxes,
 # BF_PTR for sparc and MIPS/SGI
 # use nothing for Alpha and HP.
@@ -42,14 +44,14 @@ MANDIR=/usr/local/man
 MAN1=1
 MAN3=3
 SHELL=/bin/sh
-LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cbc.o bf_cfb64.o bf_ofb64.o
-LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c
 
 GENERAL=Makefile Makefile.ssl Makefile.uni asm bf_locl.org README \
 	COPYRIGHT blowfish.doc INSTALL
-   
-TESTING=    bftest bfspeed
-TESTING_SRC=bftest.c bfspeed.c
+
+TESTING=    bftest bfspeed bf_opts
+TESTING_SRC=bftest.c bfspeed.c bf_opts.c
 HEADERS=bf_locl.h blowfish.h bf_pi.h
 
 ALL=	$(GENERAL) $(TESTING_SRC) $(LIBSRC) $(HEADERS)
@@ -77,23 +79,26 @@ x86-bsdi:
 	$(MAKE) BF_ENC='asm/bx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
 
 # elf
-asm/bx86-elf.o: asm/bx86-cpp.s asm/bx86unix.cpp
+asm/bx86-elf.o: asm/bx86unix.cpp
 	$(CPP) -DELF asm/bx86unix.cpp | $(AS) -o asm/bx86-elf.o
 
 # solaris
-asm/bx86-sol.o: asm/bx86-cpp.s asm/bx86unix.cpp
+asm/bx86-sol.o: asm/bx86unix.cpp
 	$(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s
 	as -o asm/bx86-sol.o asm/bx86-sol.s
 	rm -f asm/bx86-sol.s
 
 # a.out
-asm/bx86-out.o: asm/bx86-cpp.s asm/bx86unix.cpp
+asm/bx86-out.o: asm/bx86unix.cpp
 	$(CPP) -DOUT asm/bx86unix.cpp | $(AS) -o asm/bx86-out.o
 
 # bsdi
-asm/bx86bsdi.o: asm/bx86-cpp.s asm/bx86unix.cpp
+asm/bx86bsdi.o: asm/bx86unix.cpp
 	$(CPP) -DBSDI asm/bx86unix.cpp | $(AS) -o asm/bx86bsdi.o
 
+asm/bx86unix.cpp:
+	(cd asm; perl bf-586.pl cpp >bx86unix.cpp)
+	
 test:	all
 	./bftest
 
@@ -110,6 +115,9 @@ bftest: bftest.o $(BLIB)
 bfspeed: bfspeed.o $(BLIB)
 	$(CC) $(CFLAGS) -o bfspeed bfspeed.o $(BLIB)
 
+bf_opts: bf_opts.o $(BLIB)
+	$(CC) $(CFLAGS) -o bf_opts bf_opts.o $(BLIB)
+
 tags:
 	ctags $(TESTING_SRC) $(LIBBF)
 
@@ -157,4 +165,5 @@ install: $(BLIB)
 	    cp blowfish.h $(INCDIR)/blowfish.h; \
 	    chmod 644 $(INCDIR)/blowfish.h; \
 	fi
+
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/bf/asm/b-win32.asm b/crypto/bf/asm/b-win32.asm
index bef272eebb..138c99d0aa 100644
--- a/crypto/bf/asm/b-win32.asm
+++ b/crypto/bf/asm/b-win32.asm
@@ -1,662 +1,906 @@
-	; Don't even think of reading this code
-	; It was automatically generated by bf586.pl
-	; Which is a perl program used to generate the x86 assember for
-	; any of elf, a.out, Win32, or Solaris
-	; It can be found in SSLeay 0.7.0+
-	; eric <eay@cryptsoft.com>
-	; 
-	TITLE	bfx86xxxx.asm
-        .386
-.model FLAT
-_TEXT	SEGMENT
-PUBLIC	_BF_encrypt
-_BF_encrypt PROC NEAR
-	push	ebp
-	push	ebx
-	push	esi
-	push	edi
-	; 
-	; Load the 2 words
-	mov	eax,		DWORD PTR 20[esp]
-	mov	ecx,		DWORD PTR [eax]
-	mov	edx,		DWORD PTR 4[eax]
-	; 
-	; P pointer, s and enc flag
-	mov	edi,		DWORD PTR 24[esp]
-	xor	eax,		eax
-	xor	ebx,		ebx
-	mov	ebp,		DWORD PTR 28[esp]
-	cmp	ebp,		0
-	je	$L000start_decrypt
-	xor	ecx,		DWORD PTR [edi]
-	; 
-	; Round 0
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 4[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 1
-	ror	edx,		16
-	mov	esi,		DWORD PTR 8[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	; 
-	; Round 2
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 12[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 3
-	ror	edx,		16
-	mov	esi,		DWORD PTR 16[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	; 
-	; Round 4
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 20[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 5
-	ror	edx,		16
-	mov	esi,		DWORD PTR 24[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	; 
-	; Round 6
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 28[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 7
-	ror	edx,		16
-	mov	esi,		DWORD PTR 32[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	; 
-	; Round 8
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 36[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 9
-	ror	edx,		16
-	mov	esi,		DWORD PTR 40[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	; 
-	; Round 10
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 44[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 11
-	ror	edx,		16
-	mov	esi,		DWORD PTR 48[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	; 
-	; Round 12
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 52[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 13
-	ror	edx,		16
-	mov	esi,		DWORD PTR 56[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	; 
-	; Round 14
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 60[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 15
-	ror	edx,		16
-	mov	esi,		DWORD PTR 64[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	xor	edx,		DWORD PTR 68[edi]
-	mov	eax,		DWORD PTR 20[esp]
-	mov	DWORD PTR [eax],edx
-	mov	DWORD PTR 4[eax],ecx
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-$L000start_decrypt:
-	xor	ecx,		DWORD PTR 68[edi]
-	; 
-	; Round 16
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 64[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 15
-	ror	edx,		16
-	mov	esi,		DWORD PTR 60[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	; 
-	; Round 14
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 56[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 13
-	ror	edx,		16
-	mov	esi,		DWORD PTR 52[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	; 
-	; Round 12
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 48[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 11
-	ror	edx,		16
-	mov	esi,		DWORD PTR 44[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	; 
-	; Round 10
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 40[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 9
-	ror	edx,		16
-	mov	esi,		DWORD PTR 36[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	; 
-	; Round 8
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 32[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 7
-	ror	edx,		16
-	mov	esi,		DWORD PTR 28[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	; 
-	; Round 6
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 24[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 5
-	ror	edx,		16
-	mov	esi,		DWORD PTR 20[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	; 
-	; Round 4
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 16[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 3
-	ror	edx,		16
-	mov	esi,		DWORD PTR 12[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	; 
-	; Round 2
-	ror	ecx,		16
-	mov	esi,		DWORD PTR 8[edi]
-	mov	al,		ch
-	mov	bl,		cl
-	ror	ecx,		16
-	xor	edx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		ch
-	mov	bl,		cl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	edx,		esi
-	; 
-	; Round 1
-	ror	edx,		16
-	mov	esi,		DWORD PTR 4[edi]
-	mov	al,		dh
-	mov	bl,		dl
-	ror	edx,		16
-	xor	ecx,		esi
-	mov	esi,		DWORD PTR 72[eax*4+edi]
-	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
-	mov	al,		dh
-	mov	bl,		dl
-	add	esi,		ebp
-	mov	eax,		DWORD PTR 2120[eax*4+edi]
-	xor	esi,		eax
-	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
-	add	esi,		ebp
-	xor	eax,		eax
-	xor	ecx,		esi
-	xor	edx,		DWORD PTR [edi]
-	mov	eax,		DWORD PTR 20[esp]
-	mov	DWORD PTR [eax],edx
-	mov	DWORD PTR 4[eax],ecx
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-_BF_encrypt ENDP
-_TEXT	ENDS
-END
+	; Don't even think of reading this code
+	; It was automatically generated by bf-586.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, BSDI,Win32, or Solaris
+	; eric <eay@cryptsoft.com>
+	; 
+	TITLE	bf-586.asm
+        .486
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_BF_encrypt
+
+_BF_encrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	mov	ebx,		DWORD PTR 12[esp]
+	mov	ebp,		DWORD PTR 16[esp]
+	push	esi
+	push	edi
+	; Load the 2 words
+	mov	edi,		DWORD PTR [ebx]
+	mov	esi,		DWORD PTR 4[ebx]
+	xor	eax,		eax
+	mov	ebx,		DWORD PTR [ebp]
+	xor	ecx,		ecx
+	xor	edi,		ebx
+	; 
+	; Round 0
+	mov	edx,		DWORD PTR 4[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 1
+	mov	edx,		DWORD PTR 8[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 2
+	mov	edx,		DWORD PTR 12[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 3
+	mov	edx,		DWORD PTR 16[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 4
+	mov	edx,		DWORD PTR 20[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 5
+	mov	edx,		DWORD PTR 24[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 6
+	mov	edx,		DWORD PTR 28[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 7
+	mov	edx,		DWORD PTR 32[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 8
+	mov	edx,		DWORD PTR 36[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 9
+	mov	edx,		DWORD PTR 40[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 10
+	mov	edx,		DWORD PTR 44[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 11
+	mov	edx,		DWORD PTR 48[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 12
+	mov	edx,		DWORD PTR 52[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 13
+	mov	edx,		DWORD PTR 56[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 14
+	mov	edx,		DWORD PTR 60[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 15
+	mov	edx,		DWORD PTR 64[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	; Load parameter 0 (16) enc=1
+	mov	eax,		DWORD PTR 20[esp]
+	xor	edi,		ebx
+	mov	edx,		DWORD PTR 68[ebp]
+	xor	esi,		edx
+	mov	DWORD PTR 4[eax],edi
+	mov	DWORD PTR [eax],esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_BF_encrypt ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_BF_decrypt
+
+_BF_decrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	mov	ebx,		DWORD PTR 12[esp]
+	mov	ebp,		DWORD PTR 16[esp]
+	push	esi
+	push	edi
+	; Load the 2 words
+	mov	edi,		DWORD PTR [ebx]
+	mov	esi,		DWORD PTR 4[ebx]
+	xor	eax,		eax
+	mov	ebx,		DWORD PTR 68[ebp]
+	xor	ecx,		ecx
+	xor	edi,		ebx
+	; 
+	; Round 16
+	mov	edx,		DWORD PTR 64[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 15
+	mov	edx,		DWORD PTR 60[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 14
+	mov	edx,		DWORD PTR 56[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 13
+	mov	edx,		DWORD PTR 52[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 12
+	mov	edx,		DWORD PTR 48[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 11
+	mov	edx,		DWORD PTR 44[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 10
+	mov	edx,		DWORD PTR 40[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 9
+	mov	edx,		DWORD PTR 36[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 8
+	mov	edx,		DWORD PTR 32[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 7
+	mov	edx,		DWORD PTR 28[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 6
+	mov	edx,		DWORD PTR 24[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 5
+	mov	edx,		DWORD PTR 20[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 4
+	mov	edx,		DWORD PTR 16[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 3
+	mov	edx,		DWORD PTR 12[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 2
+	mov	edx,		DWORD PTR 8[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 1
+	mov	edx,		DWORD PTR 4[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	; Load parameter 0 (1) enc=0
+	mov	eax,		DWORD PTR 20[esp]
+	xor	edi,		ebx
+	mov	edx,		DWORD PTR [ebp]
+	xor	esi,		edx
+	mov	DWORD PTR 4[eax],edi
+	mov	DWORD PTR [eax],esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_BF_decrypt ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_BF_cbc_encrypt
+
+_BF_cbc_encrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	mov	ebp,		DWORD PTR 28[esp]
+	; getting iv ptr from parameter 4
+	mov	ebx,		DWORD PTR 36[esp]
+	mov	esi,		DWORD PTR [ebx]
+	mov	edi,		DWORD PTR 4[ebx]
+	push	edi
+	push	esi
+	push	edi
+	push	esi
+	mov	ebx,		esp
+	mov	esi,		DWORD PTR 36[esp]
+	mov	edi,		DWORD PTR 40[esp]
+	; getting encrypt flag from parameter 5
+	mov	ecx,		DWORD PTR 56[esp]
+	; get and push parameter 3
+	mov	eax,		DWORD PTR 48[esp]
+	push	eax
+	push	ebx
+	cmp	ecx,		0
+	jz	$L000decrypt
+	and	ebp,		4294967288
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	jz	$L001encrypt_finish
+L002encrypt_loop:
+	mov	ecx,		DWORD PTR [esi]
+	mov	edx,		DWORD PTR 4[esi]
+	xor	eax,		ecx
+	xor	ebx,		edx
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_BF_encrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR [edi],eax
+	mov	DWORD PTR 4[edi],ebx
+	add	esi,		8
+	add	edi,		8
+	sub	ebp,		8
+	jnz	L002encrypt_loop
+$L001encrypt_finish:
+	mov	ebp,		DWORD PTR 52[esp]
+	and	ebp,		7
+	jz	$L003finish
+	xor	ecx,		ecx
+	xor	edx,		edx
+	mov	ebp,		DWORD PTR $L004cbc_enc_jmp_table[ebp*4]
+	jmp	 ebp
+L005ej7:
+	mov	dh,		BYTE PTR 6[esi]
+	shl	edx,		8
+L006ej6:
+	mov	dh,		BYTE PTR 5[esi]
+L007ej5:
+	mov	dl,		BYTE PTR 4[esi]
+L008ej4:
+	mov	ecx,		DWORD PTR [esi]
+	jmp	$L009ejend
+L010ej3:
+	mov	ch,		BYTE PTR 2[esi]
+	shl	ecx,		8
+L011ej2:
+	mov	ch,		BYTE PTR 1[esi]
+L012ej1:
+	mov	cl,		BYTE PTR [esi]
+$L009ejend:
+	xor	eax,		ecx
+	xor	ebx,		edx
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_BF_encrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR [edi],eax
+	mov	DWORD PTR 4[edi],ebx
+	jmp	$L003finish
+$L000decrypt:
+	and	ebp,		4294967288
+	mov	eax,		DWORD PTR 16[esp]
+	mov	ebx,		DWORD PTR 20[esp]
+	jz	$L013decrypt_finish
+L014decrypt_loop:
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_BF_decrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	ecx,		DWORD PTR 16[esp]
+	mov	edx,		DWORD PTR 20[esp]
+	xor	ecx,		eax
+	xor	edx,		ebx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	mov	DWORD PTR [edi],ecx
+	mov	DWORD PTR 4[edi],edx
+	mov	DWORD PTR 16[esp],eax
+	mov	DWORD PTR 20[esp],ebx
+	add	esi,		8
+	add	edi,		8
+	sub	ebp,		8
+	jnz	L014decrypt_loop
+$L013decrypt_finish:
+	mov	ebp,		DWORD PTR 52[esp]
+	and	ebp,		7
+	jz	$L003finish
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_BF_decrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	ecx,		DWORD PTR 16[esp]
+	mov	edx,		DWORD PTR 20[esp]
+	xor	ecx,		eax
+	xor	edx,		ebx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+L015dj7:
+	ror	edx,		16
+	mov	BYTE PTR 6[edi],dl
+	shr	edx,		16
+L016dj6:
+	mov	BYTE PTR 5[edi],dh
+L017dj5:
+	mov	BYTE PTR 4[edi],dl
+L018dj4:
+	mov	DWORD PTR [edi],ecx
+	jmp	$L019djend
+L020dj3:
+	ror	ecx,		16
+	mov	BYTE PTR 2[edi],cl
+	shl	ecx,		16
+L021dj2:
+	mov	BYTE PTR 1[esi],ch
+L022dj1:
+	mov	BYTE PTR [esi],	cl
+$L019djend:
+	jmp	$L003finish
+$L003finish:
+	mov	ecx,		DWORD PTR 60[esp]
+	add	esp,		24
+	mov	DWORD PTR [ecx],eax
+	mov	DWORD PTR 4[ecx],ebx
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+$L004cbc_enc_jmp_table:
+	DD	0
+	DD	L012ej1
+	DD	L011ej2
+	DD	L010ej3
+	DD	L008ej4
+	DD	L007ej5
+	DD	L006ej6
+	DD	L005ej7
+L023cbc_dec_jmp_table:
+	DD	0
+	DD	L022dj1
+	DD	L021dj2
+	DD	L020dj3
+	DD	L018dj4
+	DD	L017dj5
+	DD	L016dj6
+	DD	L015dj7
+_BF_cbc_encrypt ENDP
+_TEXT	ENDS
+END
diff --git a/crypto/bf/asm/bf-586.pl b/crypto/bf/asm/bf-586.pl
new file mode 100644
index 0000000000..252abb710d
--- /dev/null
+++ b/crypto/bf/asm/bf-586.pl
@@ -0,0 +1,136 @@
+#!/usr/local/bin/perl
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+
+&asm_init($ARGV[0],"bf-586.pl");
+
+$BF_ROUNDS=16;
+$BF_OFF=($BF_ROUNDS+2)*4;
+$L="edi";
+$R="esi";
+$P="ebp";
+$tmp1="eax";
+$tmp2="ebx";
+$tmp3="ecx";
+$tmp4="edx";
+
+&BF_encrypt("BF_encrypt",1);
+&BF_encrypt("BF_decrypt",0);
+&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1);
+&asm_finish();
+
+sub BF_encrypt
+	{
+	local($name,$enc)=@_;
+
+	&function_begin_B($name,"");
+
+	&comment("");
+
+	&push("ebp");
+	&push("ebx");
+	&mov($tmp2,&wparam(0));
+	&mov($P,&wparam(1));
+	&push("esi");
+	&push("edi");
+
+	&comment("Load the 2 words");
+	&mov($L,&DWP(0,$tmp2,"",0));
+	&mov($R,&DWP(4,$tmp2,"",0));
+
+	&xor(	$tmp1,	$tmp1);
+
+	# encrypting part
+
+	if ($enc)
+		{
+		 &mov($tmp2,&DWP(0,$P,"",0));
+		&xor(	$tmp3,	$tmp3);
+
+		&xor($L,$tmp2);
+		for ($i=0; $i<$BF_ROUNDS; $i+=2)
+			{
+			&comment("");
+			&comment("Round $i");
+			&BF_ENCRYPT($i+1,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
+
+			&comment("");
+			&comment("Round ".sprintf("%d",$i+1));
+			&BF_ENCRYPT($i+2,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
+			}
+		# &mov($tmp1,&wparam(0)); In last loop
+		&mov($tmp4,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+		}
+	else
+		{
+		 &mov($tmp2,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+		&xor(	$tmp3,	$tmp3);
+
+		&xor($L,$tmp2);
+		for ($i=$BF_ROUNDS; $i>0; $i-=2)
+			{
+			&comment("");
+			&comment("Round $i");
+			&BF_ENCRYPT($i,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
+			&comment("");
+			&comment("Round ".sprintf("%d",$i-1));
+			&BF_ENCRYPT($i-1,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
+			}
+		# &mov($tmp1,&wparam(0)); In last loop
+		&mov($tmp4,&DWP(0,$P,"",0));
+		}
+
+	&xor($R,$tmp4);
+	&mov(&DWP(4,$tmp1,"",0),$L);
+
+	&mov(&DWP(0,$tmp1,"",0),$R);
+	&function_end($name);
+	}
+
+sub BF_ENCRYPT
+	{
+	local($i,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,$enc)=@_;
+
+	&mov(	$tmp4,		&DWP(&n2a($i*4),$P,"",0)); # for next round
+
+	&mov(	$tmp2,		$R);
+	&xor(	$L,		$tmp4);
+
+	&shr(	$tmp2,		16);
+	&mov(	$tmp4,		$R);
+
+	&movb(	&LB($tmp1),	&HB($tmp2));	# A
+	&and(	$tmp2,		0xff);		# B
+
+	&movb(	&LB($tmp3),	&HB($tmp4));	# C
+	&and(	$tmp4,		0xff);		# D
+
+	&mov(	$tmp1,		&DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));
+	&mov(	$tmp2,		&DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));
+
+	&add(	$tmp2,		$tmp1);
+	&mov(	$tmp1,		&DWP(&n2a($BF_OFF+0x0800),$P,$tmp3,4));
+
+	&xor(	$tmp2,		$tmp1);
+	&mov(	$tmp4,		&DWP(&n2a($BF_OFF+0x0C00),$P,$tmp4,4));
+
+	&add(	$tmp2,		$tmp4);
+	if (($enc && ($i != 16)) || ((!$enc) && ($i != 1)))
+		{ &xor(	$tmp1,		$tmp1); }
+	else
+		{
+		&comment("Load parameter 0 ($i) enc=$enc");
+		&mov($tmp1,&wparam(0));
+		} # In last loop
+
+	&xor(	$L,		$tmp2);
+	# delay
+	}
+
+sub n2a
+	{
+	sprintf("%d",$_[0]);
+	}
+
diff --git a/crypto/bf/asm/bf-686.pl b/crypto/bf/asm/bf-686.pl
new file mode 100644
index 0000000000..7a62f67161
--- /dev/null
+++ b/crypto/bf/asm/bf-686.pl
@@ -0,0 +1,128 @@
+#!/usr/local/bin/perl
+#!/usr/local/bin/perl
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+
+&asm_init($ARGV[0],"bf-686.pl");
+
+$BF_ROUNDS=16;
+$BF_OFF=($BF_ROUNDS+2)*4;
+$L="ecx";
+$R="edx";
+$P="edi";
+$tot="esi";
+$tmp1="eax";
+$tmp2="ebx";
+$tmp3="ebp";
+
+&des_encrypt("BF_encrypt",1);
+&des_encrypt("BF_decrypt",0);
+&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1);
+
+&asm_finish();
+
+&file_end();
+
+sub des_encrypt
+	{
+	local($name,$enc)=@_;
+
+	&function_begin($name,"");
+
+	&comment("");
+	&comment("Load the 2 words");
+	&mov("eax",&wparam(0));
+	&mov($L,&DWP(0,"eax","",0));
+	&mov($R,&DWP(4,"eax","",0));
+
+	&comment("");
+	&comment("P pointer, s and enc flag");
+	&mov($P,&wparam(1));
+
+	&xor(	$tmp1,	$tmp1);
+	&xor(	$tmp2,	$tmp2);
+
+	# encrypting part
+
+	if ($enc)
+		{
+		&xor($L,&DWP(0,$P,"",0));
+		for ($i=0; $i<$BF_ROUNDS; $i+=2)
+			{
+			&comment("");
+			&comment("Round $i");
+			&BF_ENCRYPT($i+1,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3);
+
+			&comment("");
+			&comment("Round ".sprintf("%d",$i+1));
+			&BF_ENCRYPT($i+2,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3);
+			}
+		&xor($R,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+
+		&mov("eax",&wparam(0));
+		&mov(&DWP(0,"eax","",0),$R);
+		&mov(&DWP(4,"eax","",0),$L);
+		&function_end_A($name);
+		}
+	else
+		{
+		&xor($L,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+		for ($i=$BF_ROUNDS; $i>0; $i-=2)
+			{
+			&comment("");
+			&comment("Round $i");
+			&BF_ENCRYPT($i,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3);
+			&comment("");
+			&comment("Round ".sprintf("%d",$i-1));
+			&BF_ENCRYPT($i-1,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3);
+			}
+		&xor($R,&DWP(0,$P,"",0));
+
+		&mov("eax",&wparam(0));
+		&mov(&DWP(0,"eax","",0),$R);
+		&mov(&DWP(4,"eax","",0),$L);
+		&function_end_A($name);
+		}
+
+	&function_end_B($name);
+	}
+
+sub BF_ENCRYPT
+	{
+	local($i,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3)=@_;
+
+	&rotr(	$R,		16);
+	&mov(	$tot,		&DWP(&n2a($i*4),$P,"",0));
+
+	&movb(	&LB($tmp1),	&HB($R));
+	&movb(	&LB($tmp2),	&LB($R));
+
+	&rotr(	$R,		16);
+	&xor(	$L,		$tot);
+
+	&mov(	$tot,		&DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));
+	&mov(	$tmp3,		&DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));
+
+	&movb(	&LB($tmp1),	&HB($R));
+	&movb(	&LB($tmp2),	&LB($R));
+
+	&add(	$tot,		$tmp3);
+	&mov(	$tmp1,		&DWP(&n2a($BF_OFF+0x0800),$P,$tmp1,4)); # delay
+
+	&xor(	$tot,		$tmp1);
+	&mov(	$tmp3,		&DWP(&n2a($BF_OFF+0x0C00),$P,$tmp2,4));
+
+	&add(	$tot,		$tmp3);
+	&xor(	$tmp1,		$tmp1);
+
+	&xor(	$L,		$tot);					
+	# delay
+	}
+
+sub n2a
+	{
+	sprintf("%d",$_[0]);
+	}
+
diff --git a/crypto/bf/asm/bx86unix.cpp b/crypto/bf/asm/bx86unix.cpp
index dcb10d23dd..cdaa269378 100644
--- a/crypto/bf/asm/bx86unix.cpp
+++ b/crypto/bf/asm/bx86unix.cpp
@@ -1,24 +1,37 @@
+/* Run the C pre-processor over this file with one of the following defined
+ * ELF - elf object files,
+ * OUT - a.out object files,
+ * BSDI - BSDI style a.out object files
+ * SOL - Solaris style elf
+ */
 
-#define TYPE(a,b)	.type	a,b
-#define SIZE(a,b)	.size	a,b
+#define TYPE(a,b)       .type   a,b
+#define SIZE(a,b)       .size   a,b
+
+#if defined(OUT) || defined(BSDI)
+#define BF_encrypt _BF_encrypt
+#define BF_decrypt _BF_decrypt
+#define BF_cbc_encrypt _BF_cbc_encrypt
+
+#endif
 
 #ifdef OUT
-#define OK		1
-#define BF_encrypt	_BF_encrypt
-#define ALIGN		4
+#define OK	1
+#define ALIGN	4
 #endif
 
 #ifdef BSDI
-#define OK		1
-#define BF_encrypt	_BF_encrypt
-#define ALIGN		4
+#define OK              1
+#define ALIGN           4
 #undef SIZE
 #undef TYPE
+#define SIZE(a,b)
+#define TYPE(a,b)
 #endif
 
 #if defined(ELF) || defined(SOL)
-#define OK		1
-#define ALIGN		16
+#define OK              1
+#define ALIGN           16
 #endif
 
 #ifndef OK
@@ -29,5 +42,935 @@ SOL - solaris systems, which are elf with strange comment lines
 BSDI - a.out with a very primative version of as.
 #endif
 
-#include "bx86-cpp.s" 
+/* Let the Assembler begin :-) */
+	/* Don't even think of reading this code */
+	/* It was automatically generated by bf-586.pl */
+	/* Which is a perl program used to generate the x86 assember for */
+	/* any of elf, a.out, BSDI,Win32, or Solaris */
+	/* eric <eay@cryptsoft.com> */
+
+	.file	"bf-586.s"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align ALIGN
+.globl BF_encrypt
+	TYPE(BF_encrypt,@function)
+BF_encrypt:
+
+	pushl	%ebp
+	pushl	%ebx
+	movl	12(%esp),	%ebx
+	movl	16(%esp),	%ebp
+	pushl	%esi
+	pushl	%edi
+	/* Load the 2 words */
+	movl	(%ebx),		%edi
+	movl	4(%ebx),	%esi
+	xorl	%eax,		%eax
+	movl	(%ebp),		%ebx
+	xorl	%ecx,		%ecx
+	xorl	%ebx,		%edi
+
+	/* Round 0 */
+	movl	4(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 1 */
+	movl	8(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%edi
+
+	/* Round 2 */
+	movl	12(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 3 */
+	movl	16(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%edi
+
+	/* Round 4 */
+	movl	20(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 5 */
+	movl	24(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%edi
+
+	/* Round 6 */
+	movl	28(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 7 */
+	movl	32(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%edi
+
+	/* Round 8 */
+	movl	36(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 9 */
+	movl	40(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%edi
+
+	/* Round 10 */
+	movl	44(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 11 */
+	movl	48(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%edi
+
+	/* Round 12 */
+	movl	52(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 13 */
+	movl	56(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%edi
+
+	/* Round 14 */
+	movl	60(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 15 */
+	movl	64(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	/* Load parameter 0 (16) enc=1 */
+	movl	20(%esp),	%eax
+	xorl	%ebx,		%edi
+	movl	68(%ebp),	%edx
+	xorl	%edx,		%esi
+	movl	%edi,		4(%eax)
+	movl	%esi,		(%eax)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.BF_encrypt_end:
+	SIZE(BF_encrypt,.BF_encrypt_end-BF_encrypt)
+.ident	"BF_encrypt"
+.text
+	.align ALIGN
+.globl BF_decrypt
+	TYPE(BF_decrypt,@function)
+BF_decrypt:
+
+	pushl	%ebp
+	pushl	%ebx
+	movl	12(%esp),	%ebx
+	movl	16(%esp),	%ebp
+	pushl	%esi
+	pushl	%edi
+	/* Load the 2 words */
+	movl	(%ebx),		%edi
+	movl	4(%ebx),	%esi
+	xorl	%eax,		%eax
+	movl	68(%ebp),	%ebx
+	xorl	%ecx,		%ecx
+	xorl	%ebx,		%edi
+
+	/* Round 16 */
+	movl	64(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 15 */
+	movl	60(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%edi
+
+	/* Round 14 */
+	movl	56(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 13 */
+	movl	52(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%edi
+
+	/* Round 12 */
+	movl	48(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 11 */
+	movl	44(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%edi
+
+	/* Round 10 */
+	movl	40(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 9 */
+	movl	36(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%edi
+
+	/* Round 8 */
+	movl	32(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 7 */
+	movl	28(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%edi
+
+	/* Round 6 */
+	movl	24(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 5 */
+	movl	20(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%edi
+
+	/* Round 4 */
+	movl	16(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 3 */
+	movl	12(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%edi
+
+	/* Round 2 */
+	movl	8(%ebp),	%edx
+	movl	%edi,		%ebx
+	xorl	%edx,		%esi
+	shrl	$16,		%ebx
+	movl	%edi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	xorl	%eax,		%eax
+	xorl	%ebx,		%esi
+
+	/* Round 1 */
+	movl	4(%ebp),	%edx
+	movl	%esi,		%ebx
+	xorl	%edx,		%edi
+	shrl	$16,		%ebx
+	movl	%esi,		%edx
+	movb	%bh,		%al
+	andl	$255,		%ebx
+	movb	%dh,		%cl
+	andl	$255,		%edx
+	movl	72(%ebp,%eax,4),%eax
+	movl	1096(%ebp,%ebx,4),%ebx
+	addl	%eax,		%ebx
+	movl	2120(%ebp,%ecx,4),%eax
+	xorl	%eax,		%ebx
+	movl	3144(%ebp,%edx,4),%edx
+	addl	%edx,		%ebx
+	/* Load parameter 0 (1) enc=0 */
+	movl	20(%esp),	%eax
+	xorl	%ebx,		%edi
+	movl	(%ebp),		%edx
+	xorl	%edx,		%esi
+	movl	%edi,		4(%eax)
+	movl	%esi,		(%eax)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.BF_decrypt_end:
+	SIZE(BF_decrypt,.BF_decrypt_end-BF_decrypt)
+.ident	"BF_decrypt"
+.text
+	.align ALIGN
+.globl BF_cbc_encrypt
+	TYPE(BF_cbc_encrypt,@function)
+BF_cbc_encrypt:
 
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	28(%esp),	%ebp
+	/* getting iv ptr from parameter 4 */
+	movl	36(%esp),	%ebx
+	movl	(%ebx),		%esi
+	movl	4(%ebx),	%edi
+	pushl	%edi
+	pushl	%esi
+	pushl	%edi
+	pushl	%esi
+	movl	%esp,		%ebx
+	movl	36(%esp),	%esi
+	movl	40(%esp),	%edi
+	/* getting encrypt flag from parameter 5 */
+	movl	56(%esp),	%ecx
+	/* get and push parameter 3 */
+	movl	48(%esp),	%eax
+	pushl	%eax
+	pushl	%ebx
+	cmpl	$0,		%ecx
+	jz	.L000decrypt
+	andl	$4294967288,	%ebp
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+	jz	.L001encrypt_finish
+.L002encrypt_loop:
+	movl	(%esi),		%ecx
+	movl	4(%esi),	%edx
+	xorl	%ecx,		%eax
+	xorl	%edx,		%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	%eax,		8(%esp)
+	movl	%ebx,		12(%esp)
+	call	BF_encrypt
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	%eax,		(%edi)
+	movl	%ebx,		4(%edi)
+	addl	$8,		%esi
+	addl	$8,		%edi
+	subl	$8,		%ebp
+	jnz	.L002encrypt_loop
+.L001encrypt_finish:
+	movl	52(%esp),	%ebp
+	andl	$7,		%ebp
+	jz	.L003finish
+	xorl	%ecx,		%ecx
+	xorl	%edx,		%edx
+	movl	.L004cbc_enc_jmp_table(,%ebp,4),%ebp
+	jmp	*%ebp
+.L005ej7:
+	movb	6(%esi),	%dh
+	sall	$8,		%edx
+.L006ej6:
+	movb	5(%esi),	%dh
+.L007ej5:
+	movb	4(%esi),	%dl
+.L008ej4:
+	movl	(%esi),		%ecx
+	jmp	.L009ejend
+.L010ej3:
+	movb	2(%esi),	%ch
+	sall	$8,		%ecx
+.L011ej2:
+	movb	1(%esi),	%ch
+.L012ej1:
+	movb	(%esi),		%cl
+.L009ejend:
+	xorl	%ecx,		%eax
+	xorl	%edx,		%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	%eax,		8(%esp)
+	movl	%ebx,		12(%esp)
+	call	BF_encrypt
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	%eax,		(%edi)
+	movl	%ebx,		4(%edi)
+	jmp	.L003finish
+.align ALIGN
+.L000decrypt:
+	andl	$4294967288,	%ebp
+	movl	16(%esp),	%eax
+	movl	20(%esp),	%ebx
+	jz	.L013decrypt_finish
+.L014decrypt_loop:
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	%eax,		8(%esp)
+	movl	%ebx,		12(%esp)
+	call	BF_decrypt
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	16(%esp),	%ecx
+	movl	20(%esp),	%edx
+	xorl	%eax,		%ecx
+	xorl	%ebx,		%edx
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+	movl	%ecx,		(%edi)
+	movl	%edx,		4(%edi)
+	movl	%eax,		16(%esp)
+	movl	%ebx,		20(%esp)
+	addl	$8,		%esi
+	addl	$8,		%edi
+	subl	$8,		%ebp
+	jnz	.L014decrypt_loop
+.L013decrypt_finish:
+	movl	52(%esp),	%ebp
+	andl	$7,		%ebp
+	jz	.L003finish
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	%eax,		8(%esp)
+	movl	%ebx,		12(%esp)
+	call	BF_decrypt
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	16(%esp),	%ecx
+	movl	20(%esp),	%edx
+	xorl	%eax,		%ecx
+	xorl	%ebx,		%edx
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+.L015dj7:
+	rorl	$16,		%edx
+	movb	%dl,		6(%edi)
+	shrl	$16,		%edx
+.L016dj6:
+	movb	%dh,		5(%edi)
+.L017dj5:
+	movb	%dl,		4(%edi)
+.L018dj4:
+	movl	%ecx,		(%edi)
+	jmp	.L019djend
+.L020dj3:
+	rorl	$16,		%ecx
+	movb	%cl,		2(%edi)
+	sall	$16,		%ecx
+.L021dj2:
+	movb	%ch,		1(%esi)
+.L022dj1:
+	movb	%cl,		(%esi)
+.L019djend:
+	jmp	.L003finish
+.align ALIGN
+.L003finish:
+	movl	60(%esp),	%ecx
+	addl	$24,		%esp
+	movl	%eax,		(%ecx)
+	movl	%ebx,		4(%ecx)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align ALIGN
+.L004cbc_enc_jmp_table:
+	.long 0
+	.long .L012ej1
+	.long .L011ej2
+	.long .L010ej3
+	.long .L008ej4
+	.long .L007ej5
+	.long .L006ej6
+	.long .L005ej7
+.align ALIGN
+.L023cbc_dec_jmp_table:
+	.long 0
+	.long .L022dj1
+	.long .L021dj2
+	.long .L020dj3
+	.long .L018dj4
+	.long .L017dj5
+	.long .L016dj6
+	.long .L015dj7
+.BF_cbc_encrypt_end:
+	SIZE(BF_cbc_encrypt,.BF_cbc_encrypt_end-BF_cbc_encrypt)
+.ident	"desasm.pl"
diff --git a/crypto/bf/asm/readme b/crypto/bf/asm/readme
index 71e4bb2d5d..2385fa3812 100644
--- a/crypto/bf/asm/readme
+++ b/crypto/bf/asm/readme
@@ -1,3 +1,10 @@
-If you want more of an idea of how this all works,
-have a read of the readme file in SSLeay/crypto/des/asm.
-SSLeay can be found at ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL.
+There are blowfish assembler generation scripts.
+bf-586.pl version is for the pentium and
+bf-686.pl is my original version, which is faster on the pentium pro.
+
+When using a bf-586.pl, the pentium pro/II is %8 slower than using
+bf-686.pl.  When using a bf-686.pl, the pentium is %16 slower
+than bf-586.pl
+
+So the default is bf-586.pl
+
diff --git a/crypto/bf/bf_cbc.c b/crypto/bf/bf_cbc.c
index 3d05d27cf1..e0fa9ad763 100644
--- a/crypto/bf/bf_cbc.c
+++ b/crypto/bf/bf_cbc.c
@@ -1,5 +1,5 @@
 /* crypto/bf/bf_cbc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -85,7 +85,7 @@ int encrypt;
 			tin1^=tout1;
 			tin[0]=tin0;
 			tin[1]=tin1;
-			BF_encrypt(tin,ks,BF_ENCRYPT);
+			BF_encrypt(tin,ks);
 			tout0=tin[0];
 			tout1=tin[1];
 			l2n(tout0,out);
@@ -98,7 +98,7 @@ int encrypt;
 			tin1^=tout1;
 			tin[0]=tin0;
 			tin[1]=tin1;
-			BF_encrypt(tin,ks,BF_ENCRYPT);
+			BF_encrypt(tin,ks);
 			tout0=tin[0];
 			tout1=tin[1];
 			l2n(tout0,out);
@@ -118,7 +118,7 @@ int encrypt;
 			n2l(in,tin1);
 			tin[0]=tin0;
 			tin[1]=tin1;
-			BF_encrypt(tin,ks,BF_DECRYPT);
+			BF_decrypt(tin,ks);
 			tout0=tin[0]^xor0;
 			tout1=tin[1]^xor1;
 			l2n(tout0,out);
@@ -132,7 +132,7 @@ int encrypt;
 			n2l(in,tin1);
 			tin[0]=tin0;
 			tin[1]=tin1;
-			BF_encrypt(tin,ks,BF_DECRYPT);
+			BF_decrypt(tin,ks);
 			tout0=tin[0]^xor0;
 			tout1=tin[1]^xor1;
 			l2nn(tout0,tout1,out,l+8);
diff --git a/crypto/bf/bf_cfb64.c b/crypto/bf/bf_cfb64.c
index 92fc68261b..f9c66e7ced 100644
--- a/crypto/bf/bf_cfb64.c
+++ b/crypto/bf/bf_cfb64.c
@@ -1,5 +1,5 @@
 /* crypto/bf/bf_cfb64.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -88,7 +88,7 @@ int encrypt;
 				{
 				n2l(iv,v0); ti[0]=v0;
 				n2l(iv,v1); ti[1]=v1;
-				BF_encrypt((BF_LONG *)ti,schedule,BF_ENCRYPT);
+				BF_encrypt((BF_LONG *)ti,schedule);
 				iv=(unsigned char *)ivec;
 				t=ti[0]; l2n(t,iv);
 				t=ti[1]; l2n(t,iv);
@@ -108,7 +108,7 @@ int encrypt;
 				{
 				n2l(iv,v0); ti[0]=v0;
 				n2l(iv,v1); ti[1]=v1;
-				BF_encrypt((BF_LONG *)ti,schedule,BF_ENCRYPT);
+				BF_encrypt((BF_LONG *)ti,schedule);
 				iv=(unsigned char *)ivec;
 				t=ti[0]; l2n(t,iv);
 				t=ti[1]; l2n(t,iv);
diff --git a/crypto/bf/bf_ecb.c b/crypto/bf/bf_ecb.c
index 7840352dc3..6d16360bd9 100644
--- a/crypto/bf/bf_ecb.c
+++ b/crypto/bf/bf_ecb.c
@@ -1,5 +1,5 @@
 /* crypto/bf/bf_ecb.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -64,7 +64,7 @@
  * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
  */
 
-char *BF_version="BlowFish part of SSLeay 0.8.1b 29-Jun-1998";
+char *BF_version="BlowFish part of SSLeay 0.9.0b 29-Jun-1998";
 
 char *BF_options()
 	{
@@ -87,7 +87,10 @@ int encrypt;
 
 	n2l(in,l); d[0]=l;
 	n2l(in,l); d[1]=l;
-	BF_encrypt(d,ks,encrypt);
+	if (encrypt)
+		BF_encrypt(d,ks);
+	else
+		BF_decrypt(d,ks);
 	l=d[0]; l2n(l,out);
 	l=d[1]; l2n(l,out);
 	l=d[0]=d[1]=0;
diff --git a/crypto/bf/bf_enc.c b/crypto/bf/bf_enc.c
index 9bcc2169ce..66a8604c59 100644
--- a/crypto/bf/bf_enc.c
+++ b/crypto/bf/bf_enc.c
@@ -1,5 +1,5 @@
 /* crypto/bf/bf_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -69,10 +69,9 @@ If you set BF_ROUNDS to some value other than 16 or 20, you will have
 to modify the code.
 #endif
 
-void BF_encrypt(data,key,encrypt)
+void BF_encrypt(data,key)
 BF_LONG *data;
 BF_KEY *key;
-int encrypt;
 	{
 	register BF_LONG l,r,*p,*s;
 
@@ -81,60 +80,162 @@ int encrypt;
 	l=data[0];
 	r=data[1];
 
-	if (encrypt)
-		{
-		l^=p[0];
-		BF_ENC(r,l,s,p[ 1]);
-		BF_ENC(l,r,s,p[ 2]);
-		BF_ENC(r,l,s,p[ 3]);
-		BF_ENC(l,r,s,p[ 4]);
-		BF_ENC(r,l,s,p[ 5]);
-		BF_ENC(l,r,s,p[ 6]);
-		BF_ENC(r,l,s,p[ 7]);
-		BF_ENC(l,r,s,p[ 8]);
-		BF_ENC(r,l,s,p[ 9]);
-		BF_ENC(l,r,s,p[10]);
-		BF_ENC(r,l,s,p[11]);
-		BF_ENC(l,r,s,p[12]);
-		BF_ENC(r,l,s,p[13]);
-		BF_ENC(l,r,s,p[14]);
-		BF_ENC(r,l,s,p[15]);
-		BF_ENC(l,r,s,p[16]);
+	l^=p[0];
+	BF_ENC(r,l,s,p[ 1]);
+	BF_ENC(l,r,s,p[ 2]);
+	BF_ENC(r,l,s,p[ 3]);
+	BF_ENC(l,r,s,p[ 4]);
+	BF_ENC(r,l,s,p[ 5]);
+	BF_ENC(l,r,s,p[ 6]);
+	BF_ENC(r,l,s,p[ 7]);
+	BF_ENC(l,r,s,p[ 8]);
+	BF_ENC(r,l,s,p[ 9]);
+	BF_ENC(l,r,s,p[10]);
+	BF_ENC(r,l,s,p[11]);
+	BF_ENC(l,r,s,p[12]);
+	BF_ENC(r,l,s,p[13]);
+	BF_ENC(l,r,s,p[14]);
+	BF_ENC(r,l,s,p[15]);
+	BF_ENC(l,r,s,p[16]);
 #if BF_ROUNDS == 20
-		BF_ENC(r,l,s,p[17]);
-		BF_ENC(l,r,s,p[18]);
-		BF_ENC(r,l,s,p[19]);
-		BF_ENC(l,r,s,p[20]);
+	BF_ENC(r,l,s,p[17]);
+	BF_ENC(l,r,s,p[18]);
+	BF_ENC(r,l,s,p[19]);
+	BF_ENC(l,r,s,p[20]);
 #endif
-		r^=p[BF_ROUNDS+1];
-		}
-	else
-		{
-		l^=p[BF_ROUNDS+1];
+	r^=p[BF_ROUNDS+1];
+
+	data[1]=l&0xffffffffL;
+	data[0]=r&0xffffffffL;
+	}
+
+#ifndef BF_DEFAULT_OPTIONS
+
+void BF_decrypt(data,key)
+BF_LONG *data;
+BF_KEY *key;
+	{
+	register BF_LONG l,r,*p,*s;
+
+	p=key->P;
+	s= &(key->S[0]);
+	l=data[0];
+	r=data[1];
+
+	l^=p[BF_ROUNDS+1];
 #if BF_ROUNDS == 20
-		BF_ENC(r,l,s,p[20]);
-		BF_ENC(l,r,s,p[19]);
-		BF_ENC(r,l,s,p[18]);
-		BF_ENC(l,r,s,p[17]);
+	BF_ENC(r,l,s,p[20]);
+	BF_ENC(l,r,s,p[19]);
+	BF_ENC(r,l,s,p[18]);
+	BF_ENC(l,r,s,p[17]);
 #endif
-		BF_ENC(r,l,s,p[16]);
-		BF_ENC(l,r,s,p[15]);
-		BF_ENC(r,l,s,p[14]);
-		BF_ENC(l,r,s,p[13]);
-		BF_ENC(r,l,s,p[12]);
-		BF_ENC(l,r,s,p[11]);
-		BF_ENC(r,l,s,p[10]);
-		BF_ENC(l,r,s,p[ 9]);
-		BF_ENC(r,l,s,p[ 8]);
-		BF_ENC(l,r,s,p[ 7]);
-		BF_ENC(r,l,s,p[ 6]);
-		BF_ENC(l,r,s,p[ 5]);
-		BF_ENC(r,l,s,p[ 4]);
-		BF_ENC(l,r,s,p[ 3]);
-		BF_ENC(r,l,s,p[ 2]);
-		BF_ENC(l,r,s,p[ 1]);
-		r^=p[0];
-		}
+	BF_ENC(r,l,s,p[16]);
+	BF_ENC(l,r,s,p[15]);
+	BF_ENC(r,l,s,p[14]);
+	BF_ENC(l,r,s,p[13]);
+	BF_ENC(r,l,s,p[12]);
+	BF_ENC(l,r,s,p[11]);
+	BF_ENC(r,l,s,p[10]);
+	BF_ENC(l,r,s,p[ 9]);
+	BF_ENC(r,l,s,p[ 8]);
+	BF_ENC(l,r,s,p[ 7]);
+	BF_ENC(r,l,s,p[ 6]);
+	BF_ENC(l,r,s,p[ 5]);
+	BF_ENC(r,l,s,p[ 4]);
+	BF_ENC(l,r,s,p[ 3]);
+	BF_ENC(r,l,s,p[ 2]);
+	BF_ENC(l,r,s,p[ 1]);
+	r^=p[0];
+
 	data[1]=l&0xffffffffL;
 	data[0]=r&0xffffffffL;
 	}
+
+void BF_cbc_encrypt(in, out, length, ks, iv, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+BF_KEY *ks;
+unsigned char *iv;
+int encrypt;
+	{
+	register BF_LONG tin0,tin1;
+	register BF_LONG tout0,tout1,xor0,xor1;
+	register long l=length;
+	BF_LONG tin[2];
+
+	if (encrypt)
+		{
+		n2l(iv,tout0);
+		n2l(iv,tout1);
+		iv-=8;
+		for (l-=8; l>=0; l-=8)
+			{
+			n2l(in,tin0);
+			n2l(in,tin1);
+			tin0^=tout0;
+			tin1^=tout1;
+			tin[0]=tin0;
+			tin[1]=tin1;
+			BF_encrypt(tin,ks);
+			tout0=tin[0];
+			tout1=tin[1];
+			l2n(tout0,out);
+			l2n(tout1,out);
+			}
+		if (l != -8)
+			{
+			n2ln(in,tin0,tin1,l+8);
+			tin0^=tout0;
+			tin1^=tout1;
+			tin[0]=tin0;
+			tin[1]=tin1;
+			BF_encrypt(tin,ks);
+			tout0=tin[0];
+			tout1=tin[1];
+			l2n(tout0,out);
+			l2n(tout1,out);
+			}
+		l2n(tout0,iv);
+		l2n(tout1,iv);
+		}
+	else
+		{
+		n2l(iv,xor0);
+		n2l(iv,xor1);
+		iv-=8;
+		for (l-=8; l>=0; l-=8)
+			{
+			n2l(in,tin0);
+			n2l(in,tin1);
+			tin[0]=tin0;
+			tin[1]=tin1;
+			BF_decrypt(tin,ks);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2n(tout0,out);
+			l2n(tout1,out);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		if (l != -8)
+			{
+			n2l(in,tin0);
+			n2l(in,tin1);
+			tin[0]=tin0;
+			tin[1]=tin1;
+			BF_decrypt(tin,ks);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2nn(tout0,tout1,out,l+8);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		l2n(xor0,iv);
+		l2n(xor1,iv);
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	tin[0]=tin[1]=0;
+	}
+
+#endif
diff --git a/crypto/bf/bf_locl.h b/crypto/bf/bf_locl.h
index 592ece99a4..a5663de8ca 100644
--- a/crypto/bf/bf_locl.h
+++ b/crypto/bf/bf_locl.h
@@ -87,9 +87,7 @@
 #elif defined( __sgi )                /* Newer MIPS */
 #  define BF_PTR
 #elif defined( i386 )         /* x86 boxes, should be gcc */
-#  define BF_PTR2
 #elif defined( _MSC_VER )     /* x86 boxes, Visual C */
-#  define BF_PTR2
 #endif /* Systems-specific speed defines */
 
 #undef c2l
diff --git a/crypto/bf/bf_locl.org b/crypto/bf/bf_locl.org
index 592ece99a4..a5663de8ca 100644
--- a/crypto/bf/bf_locl.org
+++ b/crypto/bf/bf_locl.org
@@ -87,9 +87,7 @@
 #elif defined( __sgi )                /* Newer MIPS */
 #  define BF_PTR
 #elif defined( i386 )         /* x86 boxes, should be gcc */
-#  define BF_PTR2
 #elif defined( _MSC_VER )     /* x86 boxes, Visual C */
-#  define BF_PTR2
 #endif /* Systems-specific speed defines */
 
 #undef c2l
diff --git a/crypto/bf/bf_ofb64.c b/crypto/bf/bf_ofb64.c
index e95aca5310..5d844ac760 100644
--- a/crypto/bf/bf_ofb64.c
+++ b/crypto/bf/bf_ofb64.c
@@ -1,5 +1,5 @@
 /* crypto/bf/bf_ofb64.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -92,7 +92,7 @@ int *num;
 		{
 		if (n == 0)
 			{
-			BF_encrypt((BF_LONG *)ti,schedule,BF_ENCRYPT);
+			BF_encrypt((BF_LONG *)ti,schedule);
 			dp=(char *)d;
 			t=ti[0]; l2n(t,dp);
 			t=ti[1]; l2n(t,dp);
diff --git a/crypto/bf/bf_opts.c b/crypto/bf/bf_opts.c
new file mode 100644
index 0000000000..5cfa60c537
--- /dev/null
+++ b/crypto/bf/bf_opts.c
@@ -0,0 +1,347 @@
+/* crypto/bf/bf_opts.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
+ * This is for machines with 64k code segment size restrictions. */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern void exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+	time_t tms_utime;
+	time_t tms_stime;
+	time_t tms_uchild;	/* I dunno...  */
+	time_t tms_uchildsys;	/* so these names are a guess :-) */
+	}
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "blowfish.h"
+
+#define BF_DEFAULT_OPTIONS
+
+#undef BF_ENC
+#define BF_encrypt  BF_encrypt_normal
+#undef HEADER_BF_LOCL_H
+#include "bf_enc.c"
+
+#define BF_PTR
+#undef BF_PTR2
+#undef BF_ENC
+#undef BF_encrypt
+#define BF_encrypt  BF_encrypt_ptr
+#undef HEADER_BF_LOCL_H
+#include "bf_enc.c"
+
+#undef BF_PTR
+#define BF_PTR2
+#undef BF_ENC
+#undef BF_encrypt
+#define BF_encrypt  BF_encrypt_ptr2
+#undef HEADER_BF_LOCL_H
+#include "bf_enc.c"
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+#   ifndef VMS
+#    define HZ	100.0
+#   else /* VMS */
+#    define HZ	100.0
+#   endif
+#  else /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE	((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+	{
+	signal(SIGALRM,sig_done);
+	run=0;
+#ifdef LINT
+	sig=sig;
+#endif
+	}
+#endif
+
+#define START	0
+#define STOP	1
+
+double Time_F(s)
+int s;
+	{
+	double ret;
+#ifdef TIMES
+	static struct tms tstart,tend;
+
+	if (s == START)
+		{
+		times(&tstart);
+		return(0);
+		}
+	else
+		{
+		times(&tend);
+		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#else /* !times() */
+	static struct timeb tstart,tend;
+	long i;
+
+	if (s == START)
+		{
+		ftime(&tstart);
+		return(0);
+		}
+	else
+		{
+		ftime(&tend);
+		i=(long)tend.millitm-(long)tstart.millitm;
+		ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#endif
+	}
+
+#ifdef SIGALRM
+#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+	
+#define time_it(func,name,index) \
+	print_name(name); \
+	Time_F(START); \
+	for (count=0,run=1; COND(cb); count+=4) \
+		{ \
+		unsigned long d[2]; \
+		func(d,&sch); \
+		func(d,&sch); \
+		func(d,&sch); \
+		func(d,&sch); \
+		} \
+	tm[index]=Time_F(STOP); \
+	fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+	tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+	fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+		tm[index]*8,1.0e6/tm[index]);
+
+int main(argc,argv)
+int argc;
+char **argv;
+	{
+	long count;
+	static unsigned char buf[BUFSIZE];
+	static char key[16]={	0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+				0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+	BF_KEY sch;
+	double d,tm[16],max=0;
+	int rank[16];
+	char *str[16];
+	int max_idx=0,i,num=0,j;
+#ifndef SIGALARM
+	long ca,cb,cc,cd,ce;
+#endif
+
+	for (i=0; i<12; i++)
+		{
+		tm[i]=0.0;
+		rank[i]=0;
+		}
+
+#ifndef TIMES
+	fprintf(stderr,"To get the most acurate results, try to run this\n");
+	fprintf(stderr,"program when this computer is idle.\n");
+#endif
+
+	BF_set_key(&sch,16,key);
+
+#ifndef SIGALRM
+	fprintf(stderr,"First we calculate the approximate speed ...\n");
+	count=10;
+	do	{
+		long i;
+		unsigned long data[2];
+
+		count*=2;
+		Time_F(START);
+		for (i=count; i; i--)
+			BF_encrypt(data,&sch);
+		d=Time_F(STOP);
+		} while (d < 3.0);
+	ca=count;
+	cb=count*3;
+	cc=count*3*8/BUFSIZE+1;
+	cd=count*8/BUFSIZE+1;
+
+	ce=count/20+1;
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+        signal(SIGALRM,sig_done);
+        alarm(10);
+#endif
+
+	time_it(BF_encrypt_normal,	"BF_encrypt_normal ", 0);
+	time_it(BF_encrypt_ptr,		"BF_encrypt_ptr    ", 1);
+	time_it(BF_encrypt_ptr2,	"BF_encrypt_ptr2   ", 2);
+	num+=3;
+
+	str[0]="<nothing>";
+	print_it("BF_encrypt_normal ",0);
+	max=tm[0];
+	max_idx=0;
+	str[1]="ptr      ";
+	print_it("BF_encrypt_ptr ",1);
+	if (max < tm[1]) { max=tm[1]; max_idx=1; }
+	str[2]="ptr2     ";
+	print_it("BF_encrypt_ptr2 ",2);
+	if (max < tm[2]) { max=tm[2]; max_idx=2; }
+
+	printf("options    BF ecb/s\n");
+	printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
+	d=tm[max_idx];
+	tm[max_idx]= -2.0;
+	max= -1.0;
+	for (;;)
+		{
+		for (i=0; i<3; i++)
+			{
+			if (max < tm[i]) { max=tm[i]; j=i; }
+			}
+		if (max < 0.0) break;
+		printf("%s %12.2f  %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
+		tm[j]= -2.0;
+		max= -1.0;
+		}
+
+	switch (max_idx)
+		{
+	case 0:
+		printf("-DBF_DEFAULT_OPTIONS\n");
+		break;
+	case 1:
+		printf("-DBF_PTR\n");
+		break;
+	case 2:
+		printf("-DBF_PTR2\n");
+		break;
+		}
+	exit(0);
+#if defined(LINT) || defined(MSDOS)
+	return(0);
+#endif
+	}
diff --git a/crypto/bf/bf_pi.h b/crypto/bf/bf_pi.h
index f5918b361e..417b935538 100644
--- a/crypto/bf/bf_pi.h
+++ b/crypto/bf/bf_pi.h
@@ -1,5 +1,5 @@
 /* crypto/bf/bf_pi.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/bf/bf_skey.c b/crypto/bf/bf_skey.c
index 18ea37f7cc..86574c0acc 100644
--- a/crypto/bf/bf_skey.c
+++ b/crypto/bf/bf_skey.c
@@ -1,5 +1,5 @@
 /* crypto/bf/bf_skey.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -103,7 +103,7 @@ unsigned char *data;
 	in[1]=0L;
 	for (i=0; i<(BF_ROUNDS+2); i+=2)
 		{
-		BF_encrypt(in,key,BF_ENCRYPT);
+		BF_encrypt(in,key);
 		p[i  ]=in[0];
 		p[i+1]=in[1];
 		}
@@ -111,7 +111,7 @@ unsigned char *data;
 	p=key->S;
 	for (i=0; i<4*256; i+=2)
 		{
-		BF_encrypt(in,key,BF_ENCRYPT);
+		BF_encrypt(in,key);
 		p[i  ]=in[0];
 		p[i+1]=in[1];
 		}
diff --git a/crypto/bf/bfs.cpp b/crypto/bf/bfs.cpp
new file mode 100644
index 0000000000..272ed2f978
--- /dev/null
+++ b/crypto/bf/bfs.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "blowfish.h"
+
+void main(int argc,char *argv[])
+	{
+	BF_KEY key;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			BF_encrypt(&data[0],&key);
+			GetTSC(s1);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			GetTSC(e1);
+			GetTSC(s2);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			GetTSC(e2);
+			BF_encrypt(&data[0],&key);
+			}
+
+		printf("blowfish %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/crypto/bf/bfspeed.c b/crypto/bf/bfspeed.c
index ee20bd00f7..640d820dd3 100644
--- a/crypto/bf/bfspeed.c
+++ b/crypto/bf/bfspeed.c
@@ -1,5 +1,5 @@
 /* crypto/bf/bfspeed.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -217,7 +217,7 @@ char **argv;
 		count*=2;
 		Time_F(START);
 		for (i=count; i; i--)
-			BF_encrypt(data,&sch,BF_ENCRYPT);
+			BF_encrypt(data,&sch);
 		d=Time_F(STOP);
 		} while (d < 3.0);
 	ca=count/512;
@@ -235,10 +235,15 @@ char **argv;
 #endif
 
 	Time_F(START);
-	for (count=0,run=1; COND(ca); count++)
+	for (count=0,run=1; COND(ca); count+=4)
+		{
+		BF_set_key(&sch,16,key);
+		BF_set_key(&sch,16,key);
 		BF_set_key(&sch,16,key);
+		BF_set_key(&sch,16,key);
+		}
 	d=Time_F(STOP);
-	printf("%ld blowfish set_key's in %.2f seconds\n",count,d);
+	printf("%ld BF_set_key's in %.2f seconds\n",count,d);
 	a=((double)COUNT(ca))/d;
 
 #ifdef SIGALRM
@@ -248,11 +253,14 @@ char **argv;
 	printf("Doing BF_encrypt %ld times\n",cb);
 #endif
 	Time_F(START);
-	for (count=0,run=1; COND(cb); count++)
+	for (count=0,run=1; COND(cb); count+=4)
 		{
 		BF_LONG data[2];
 
-		BF_encrypt(data,&sch,BF_ENCRYPT);
+		BF_encrypt(data,&sch);
+		BF_encrypt(data,&sch);
+		BF_encrypt(data,&sch);
+		BF_encrypt(data,&sch);
 		}
 	d=Time_F(STOP);
 	printf("%ld BF_encrypt's in %.2f second\n",count,d);
@@ -275,9 +283,9 @@ char **argv;
 		count,BUFSIZE,d);
 	c=((double)COUNT(cc)*BUFSIZE)/d;
 
-	printf("blowfish set_key       per sec = %12.2f (%7.1fuS)\n",a,1.0e6/a);
-	printf("Blowfish raw ecb bytes per sec = %12.2f (%7.1fuS)\n",b,8.0e6/b);
-	printf("Blowfish cbc     bytes per sec = %12.2f (%7.1fuS)\n",c,8.0e6/c);
+	printf("Blowfish set_key       per sec = %12.3f (%9.3fuS)\n",a,1.0e6/a);
+	printf("Blowfish raw ecb bytes per sec = %12.3f (%9.3fuS)\n",b,8.0e6/b);
+	printf("Blowfish cbc     bytes per sec = %12.3f (%9.3fuS)\n",c,8.0e6/c);
 	exit(0);
 #if defined(LINT) || defined(MSDOS)
 	return(0);
diff --git a/crypto/bf/bftest.c b/crypto/bf/bftest.c
index 2c678e418b..9266cf813a 100644
--- a/crypto/bf/bftest.c
+++ b/crypto/bf/bftest.c
@@ -1,5 +1,5 @@
 /* crypto/bf/bftest.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -71,13 +71,13 @@ char *bf_key[2]={
 
 /* big endian */
 BF_LONG bf_plain[2][2]={
-	{0x424c4f57,0x46495348},
-	{0xfedcba98,0x76543210}
+	{0x424c4f57L,0x46495348L},
+	{0xfedcba98L,0x76543210L}
 	};
 
 BF_LONG bf_cipher[2][2]={
-	{0x324ed0fe,0xf413a203},
-	{0xcc91732b,0x8022f684}
+	{0x324ed0feL,0xf413a203L},
+	{0xcc91732bL,0x8022f684L}
 	};
 /************/
 
@@ -317,8 +317,8 @@ static int print_test_data()
 	printf("\niv[8]     = ");
 	for (j=0; j<8; j++)
 		printf("%02X",cbc_iv[j]);
-	printf("\ndata[%d]  = '%s'",strlen(cbc_data)+1,cbc_data);
-	printf("\ndata[%d]  = ",strlen(cbc_data)+1);
+	printf("\ndata[%d]  = '%s'",(int)strlen(cbc_data)+1,cbc_data);
+	printf("\ndata[%d]  = ",(int)strlen(cbc_data)+1);
 	for (j=0; j<strlen(cbc_data)+1; j++)
 		printf("%02X",cbc_data[j]);
 	printf("\n");
@@ -329,13 +329,13 @@ static int print_test_data()
 	printf("\n");
 
 	printf("cfb64 cipher text\n");
-	printf("cipher[%d]= ",strlen(cbc_data)+1);
+	printf("cipher[%d]= ",(int)strlen(cbc_data)+1);
 	for (j=0; j<strlen(cbc_data)+1; j++)
 		printf("%02X",cfb64_ok[j]);
 	printf("\n");
 
 	printf("ofb64 cipher text\n");
-	printf("cipher[%d]= ",strlen(cbc_data)+1);
+	printf("cipher[%d]= ",(int)strlen(cbc_data)+1);
 	for (j=0; j<strlen(cbc_data)+1; j++)
 		printf("%02X",ofb64_ok[j]);
 	printf("\n");
@@ -358,7 +358,7 @@ static int test()
 
 		data[0]=bf_plain[n][0];
 		data[1]=bf_plain[n][1];
-		BF_encrypt(data,&key,BF_ENCRYPT);
+		BF_encrypt(data,&key);
 		if (memcmp(&(bf_cipher[n][0]),&(data[0]),8) != 0)
 			{
 			printf("BF_encrypt error encrypting\n");
@@ -373,7 +373,7 @@ static int test()
 			printf("\n");
 			}
 
-		BF_encrypt(&(data[0]),&key,BF_DECRYPT);
+		BF_decrypt(&(data[0]),&key);
 		if (memcmp(&(bf_plain[n][0]),&(data[0]),8) != 0)
 			{
 			printf("BF_encrypt error decrypting\n");
diff --git a/crypto/bf/blowfish.h b/crypto/bf/blowfish.h
index 24ec818218..c4a8085a29 100644
--- a/crypto/bf/blowfish.h
+++ b/crypto/bf/blowfish.h
@@ -1,5 +1,5 @@
 /* crypto/bf/blowfish.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -86,7 +86,8 @@ typedef struct bf_key_st
 void BF_set_key(BF_KEY *key, int len, unsigned char *data);
 void BF_ecb_encrypt(unsigned char *in,unsigned char *out,BF_KEY *key,
 	int enc);
-void BF_encrypt(BF_LONG *data,BF_KEY *key,int enc);
+void BF_encrypt(BF_LONG *data,BF_KEY *key);
+void BF_decrypt(BF_LONG *data,BF_KEY *key);
 void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
 	BF_KEY *ks, unsigned char *iv, int enc);
 void BF_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
@@ -100,6 +101,7 @@ char *BF_options(void);
 void BF_set_key();
 void BF_ecb_encrypt();
 void BF_encrypt();
+void BF_decrypt();
 void BF_cbc_encrypt();
 void BF_cfb64_encrypt();
 void BF_ofb64_encrypt();
diff --git a/crypto/bio/Makefile.ssl b/crypto/bio/Makefile.ssl
index 9d21a3594d..42e11e1c94 100644
--- a/crypto/bio/Makefile.ssl
+++ b/crypto/bio/Makefile.ssl
@@ -35,7 +35,7 @@ LIBOBJ= bio_lib.o bio_cb.o $(ERRC).o \
 
 SRC= $(LIBSRC)
 
-EXHEADER= bio.h
+EXHEADER= bio.h bss_file.c
 HEADER=	$(EXHEADER)
 
 ALL=    $(GENERAL) $(SRC) $(HEADER)
@@ -61,7 +61,7 @@ links:
 	$(TOP)/util/mklink.sh ../../apps $(APPS)
 
 install:
-	@for i in $(EXHEADER) ; \
+	@for i in $(EXHEADER) bss_file.c ; \
 	do  \
 	(cp $$i $(INSTALLTOP)/include/$$i; \
 	chmod 644 $(INSTALLTOP)/include/$$i ); \
@@ -87,6 +87,6 @@ clean:
 
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/bio/b_dump.c b/crypto/bio/b_dump.c
index 287aff2a5e..db84ad3d47 100644
--- a/crypto/bio/b_dump.c
+++ b/crypto/bio/b_dump.c
@@ -1,5 +1,5 @@
 /* crypto/bio/b_dump.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c
index 0296296a7d..cdadeb839a 100644
--- a/crypto/bio/b_print.c
+++ b/crypto/bio/b_print.c
@@ -1,5 +1,5 @@
 /* crypto/bio/b_print.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c
index adab62135e..a45909527c 100644
--- a/crypto/bio/b_sock.c
+++ b/crypto/bio/b_sock.c
@@ -1,5 +1,5 @@
 /* crypto/bio/b_sock.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -59,6 +59,7 @@
 #ifndef NO_SOCK
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <errno.h>
 #define USE_SOCKETS
 #include "cryptlib.h"
@@ -72,17 +73,37 @@
 #define SOCKET_PROTOCOL IPPROTO_TCP
 #endif
 
+#ifdef SO_MAXCONN
+#define MAX_LISTEN  SOMAXCONN
+#elif defined(SO_MAXCONN)
+#define MAX_LISTEN  SO_MAXCONN
+#else
+#define MAX_LISTEN  32
+#endif
+
 #ifdef WINDOWS
 static int wsa_init_done=0;
 #endif
 
-unsigned long BIO_ghbn_hits=0L;
-unsigned long BIO_ghbn_miss=0L;
+static unsigned long BIO_ghbn_hits=0L;
+static unsigned long BIO_ghbn_miss=0L;
+
+#define GHBN_NUM	4
+static struct ghbn_cache_st
+	{
+	char name[129];
+	struct hostent *ent;
+	unsigned long order;
+	} ghbn_cache[GHBN_NUM];
 
 #ifndef NOPROTO
 static int get_ip(char *str,unsigned char *ip);
+static void ghbn_free(struct hostent *a);
+static struct hostent *ghbn_dup(struct hostent *a);
 #else
 static int get_ip();
+static void ghbn_free();
+static struct hostent *ghbn_dup();
 #endif
 
 int BIO_get_host_ip(str,ip)
@@ -97,6 +118,7 @@ unsigned char *ip;
 	if (i < 0)
 		{
 		BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_INVALID_IP_ADDRESS);
+		ERR_add_error_data(2,"host=",str);
 		return(0);
 		}
 	else
@@ -107,6 +129,7 @@ unsigned char *ip;
 		if (he == NULL)
 			{
 			BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_BAD_HOSTNAME_LOOKUP);
+			ERR_add_error_data(2,"host=",str);
 			return(0);
 			}
 
@@ -114,6 +137,7 @@ unsigned char *ip;
 		if ((short)he->h_addrtype != AF_INET)
 			{
 			BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET);
+			ERR_add_error_data(2,"host=",str);
 			return(0);
 			}
 		for (i=0; i<4; i++)
@@ -162,7 +186,8 @@ short *port_ptr;
 #endif
 			else
 				{
-				SYSerr(SYS_F_GETSERVBYNAME,errno);
+				SYSerr(SYS_F_GETSERVBYNAME,get_last_socket_error());
+				ERR_add_error_data(3,"service='",str,"'");
 				return(0);
 				}
 			return(1);
@@ -186,23 +211,128 @@ int sock;
 		return(j);
 	}
 
-#define GHBN_NUM	4
-static struct ghbn_cache_st
+long BIO_ghbn_ctrl(cmd,iarg,parg)
+int cmd;
+int iarg;
+char *parg;
 	{
-	char name[128];
-	struct hostent ent;
-	unsigned long order;
-	} ghbn_cache[GHBN_NUM];
+	int i;
+	char **p;
+
+	switch (cmd)
+		{
+	case BIO_GHBN_CTRL_HITS:
+		return(BIO_ghbn_hits);
+		break;
+	case BIO_GHBN_CTRL_MISSES:
+		return(BIO_ghbn_miss);
+		break;
+	case BIO_GHBN_CTRL_CACHE_SIZE:
+		return(GHBN_NUM);
+		break;
+	case BIO_GHBN_CTRL_GET_ENTRY:
+		if ((iarg >= 0) && (iarg <GHBN_NUM) &&
+			(ghbn_cache[iarg].order > 0))
+			{
+			p=(char **)parg;
+			if (p == NULL) return(0);
+			*p=ghbn_cache[iarg].name;
+			ghbn_cache[iarg].name[128]='\0';
+			return(1);
+			}
+		return(0);
+		break;
+	case BIO_GHBN_CTRL_FLUSH:
+		for (i=0; i<GHBN_NUM; i++)
+			ghbn_cache[i].order=0;
+		break;
+	default:
+		return(0);
+		}
+	return(1);
+	}
+
+static struct hostent *ghbn_dup(a)
+struct hostent *a;
+	{
+	struct hostent *ret;
+	int i,j;
+
+	ret=(struct hostent *)malloc(sizeof(struct hostent));
+	if (ret == NULL) return(NULL);
+	memset(ret,0,sizeof(struct hostent));
+
+	for (i=0; a->h_aliases[i] != NULL; i++)
+		;
+	i++;
+	ret->h_aliases=(char **)malloc(sizeof(char *)*i);
+	memset(ret->h_aliases,0,sizeof(char *)*i);
+	if (ret == NULL) goto err;
+
+	for (i=0; a->h_addr_list[i] != NULL; i++)
+		;
+	i++;
+	ret->h_addr_list=(char **)malloc(sizeof(char *)*i);
+	memset(ret->h_addr_list,0,sizeof(char *)*i);
+	if (ret->h_addr_list == NULL) goto err;
+
+	j=strlen(a->h_name)+1;
+	if ((ret->h_name=malloc(j)) == NULL) goto err;
+	memcpy((char *)ret->h_name,a->h_name,j);
+	for (i=0; a->h_aliases[i] != NULL; i++)
+		{
+		j=strlen(a->h_aliases[i])+1;
+		if ((ret->h_aliases[i]=malloc(j)) == NULL) goto err;
+		memcpy(ret->h_aliases[i],a->h_aliases[i],j);
+		}
+	ret->h_length=a->h_length;
+	ret->h_addrtype=a->h_addrtype;
+	for (i=0; a->h_addr_list[i] != NULL; i++)
+		{
+		if ((ret->h_addr_list[i]=malloc(a->h_length)) == NULL)
+			goto err;
+		memcpy(ret->h_addr_list[i],a->h_addr_list[i],a->h_length);
+		}
+	return(ret);
+err:	
+	if (ret != NULL)
+		ghbn_free(ret);
+	return(NULL);
+	}
+
+static void ghbn_free(a)
+struct hostent *a;
+	{
+	int i;
+
+	if (a->h_aliases != NULL)
+		{
+		for (i=0; a->h_aliases[i] != NULL; i++)
+			free(a->h_aliases[i]);
+		free(a->h_aliases);
+		}
+	if (a->h_addr_list != NULL)
+		{
+		for (i=0; a->h_addr_list[i] != NULL; i++)
+			free(a->h_addr_list[i]);
+		free(a->h_addr_list);
+		}
+	if (a->h_name != NULL) free((char *)a->h_name);
+	free(a);
+	}
 
 struct hostent *BIO_gethostbyname(name)
 char *name;
 	{
 	struct hostent *ret;
-	int i,lowi=0;
+	int i,lowi=0,j;
 	unsigned long low= (unsigned long)-1;
 
+/*	return(gethostbyname(name)); */
+
 	CRYPTO_w_lock(CRYPTO_LOCK_BIO_GETHOSTBYNAME);
-	if (strlen(name) < 128)
+	j=strlen(name);
+	if (j < 128)
 		{
 		for (i=0; i<GHBN_NUM; i++)
 			{
@@ -225,16 +355,22 @@ char *name;
 		{
 		BIO_ghbn_miss++;
 		ret=gethostbyname(name);
+
 		if (ret == NULL) return(NULL);
+		if (j > 128) return(ret); /* too big to cache */
+
 		/* else add to cache */
+		if (ghbn_cache[lowi].ent != NULL)
+			ghbn_free(ghbn_cache[lowi].ent);
+
 		strncpy(ghbn_cache[lowi].name,name,128);
-		memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
+		ghbn_cache[lowi].ent=ghbn_dup(ret);
 		ghbn_cache[lowi].order=BIO_ghbn_miss+BIO_ghbn_hits;
 		}
 	else
 		{
 		BIO_ghbn_hits++;
-		ret= &(ghbn_cache[i].ent);
+		ret= ghbn_cache[i].ent;
 		ghbn_cache[i].order=BIO_ghbn_miss+BIO_ghbn_hits;
 		}
 	CRYPTO_w_unlock(CRYPTO_LOCK_BIO_GETHOSTBYNAME);
@@ -284,22 +420,11 @@ int fd;
 long type;
 unsigned long *arg;
 	{
-	int i,err;
+	int i;
 
-#ifdef WINDOWS
 	i=ioctlsocket(fd,type,arg);
-#else
-	i=ioctl(fd,type,arg);
-#endif
 	if (i < 0)
-		{
-#ifdef WINDOWS
-		err=WSAGetLastError();
-#else
-		err=errno;
-#endif
-		SYSerr(SYS_F_IOCTLSOCKET,err);
-		}
+		SYSerr(SYS_F_IOCTLSOCKET,get_last_socket_error());
 	return(i);
 	}
 
@@ -401,28 +526,22 @@ char *host;
 	s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
 	if (s == INVALID_SOCKET)
 		{
-#ifdef WINDOWS
-		errno=WSAGetLastError();
-#endif
-		SYSerr(SYS_F_SOCKET,errno);
-		BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_BIND_SOCKET);
+		SYSerr(SYS_F_SOCKET,get_last_socket_error());
+		ERR_add_error_data(3,"port='",host,"'");
+		BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_CREATE_SOCKET);
 		goto err;
 		}
 	if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
 		{
-#ifdef WINDOWS
-		errno=WSAGetLastError();
-#endif
-		SYSerr(SYS_F_BIND,errno);
+		SYSerr(SYS_F_BIND,get_last_socket_error());
+		ERR_add_error_data(3,"port='",host,"'");
 		BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_BIND_SOCKET);
 		goto err;
 		}
-	if (listen(s,5) == -1)
+	if (listen(s,MAX_LISTEN) == -1)
 		{
-#ifdef WINDOWS
-		errno=WSAGetLastError();
-#endif
-		SYSerr(SYS_F_LISTEN,errno);
+		SYSerr(SYS_F_BIND,get_last_socket_error());
+		ERR_add_error_data(3,"port='",host,"'");
 		BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_LISTEN_SOCKET);
 		goto err;
 		}
@@ -457,10 +576,7 @@ char **addr;
 	ret=accept(sock,(struct sockaddr *)&from,&len);
 	if (ret == INVALID_SOCKET)
 		{
-#ifdef WINDOWS
-		errno=WSAGetLastError();
-#endif
-		SYSerr(SYS_F_ACCEPT,errno);
+		SYSerr(SYS_F_ACCEPT,get_last_socket_error());
 		BIOerr(BIO_F_BIO_ACCEPT,BIO_R_ACCEPT_ERROR);
 		goto end;
 		}
diff --git a/crypto/bio/bf_buff.c b/crypto/bio/bf_buff.c
index ac3ba14fe0..7912b88473 100644
--- a/crypto/bio/bf_buff.c
+++ b/crypto/bio/bf_buff.c
@@ -1,5 +1,5 @@
 /* crypto/bio/bf_buff.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -84,7 +84,8 @@ static int buffer_free();
 
 static BIO_METHOD methods_buffer=
 	{
-	BIO_TYPE_BUFFER,"buffer",
+	BIO_TYPE_BUFFER,
+	"buffer",
 	buffer_write,
 	buffer_read,
 	buffer_puts,
@@ -329,6 +330,19 @@ char *ptr;
 		if (ret == 0)
 			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
 		break;
+	case BIO_C_SET_BUFF_READ_DATA:
+		if (num > ctx->ibuf_size)
+			{
+			p1=Malloc((int)num);
+			if (p1 == NULL) goto malloc_error;
+			if (ctx->ibuf != NULL) Free(ctx->ibuf);
+			ctx->ibuf=p1;
+			}
+		ctx->ibuf_off=0;
+		ctx->ibuf_len=(int)num;
+		memcpy(ctx->ibuf,ptr,(int)num);
+		ret=1;
+		break;
 	case BIO_C_SET_BUFF_SIZE:
 		if (ptr != NULL)
 			{
@@ -354,16 +368,15 @@ char *ptr;
 		if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size))
 			{
 			p1=(char *)Malloc((int)num);
-			if (p1 == NULL) { ret=0; break; }
+			if (p1 == NULL) goto malloc_error;
 			}
 		if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size))
 			{
 			p2=(char *)Malloc((int)num);
 			if (p2 == NULL)
 				{
-				ret=0;
 				if (p1 != ctx->ibuf) Free(p1);
-				break;
+				goto malloc_error;
 				}
 			}
 		if (ctx->ibuf != p1)
@@ -391,7 +404,10 @@ char *ptr;
 
 	case BIO_CTRL_FLUSH:
 		if (ctx->obuf_len <= 0)
+			{
+			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
 			break;
+			}
 
 		for (;;)
 			{
@@ -428,6 +444,9 @@ fprintf(stderr,"FLUSH [%3d] %3d -> %3d\n",ctx->obuf_off,ctx->obuf_len-ctx->obuf_
 		break;
 		}
 	return(ret);
+malloc_error:
+	BIOerr(BIO_F_BUFFER_CTRL,ERR_R_MALLOC_FAILURE);
+	return(0);
 	}
 
 static int buffer_gets(b,buf,size)
@@ -436,32 +455,36 @@ char *buf;
 int size;
 	{
 	BIO_F_BUFFER_CTX *ctx;
-	int num=0,i;
+	int num=0,i,flag;
 	char *p;
 
 	ctx=(BIO_F_BUFFER_CTX *)b->ptr;
-	size--;
+	size--; /* reserve space for a '\0' */
 	BIO_clear_retry_flags(b);
 
 	for (;;)
 		{
-		if (ctx->ibuf_len != 0)
+		if (ctx->ibuf_len > 0)
 			{
 			p= &(ctx->ibuf[ctx->ibuf_off]);
-			for (i=0; (i<ctx->ibuf_len) && (i<(size-1)); i++)
+			flag=0;
+			for (i=0; (i<ctx->ibuf_len) && (i<size); i++)
 				{
 				*(buf++)=p[i];
-				if (p[i] == '\n') break;
+				if (p[i] == '\n')
+					{
+					flag=1;
+					i++;
+					break;
+					}
 				}
 			num+=i;
 			size-=i;
 			ctx->ibuf_len-=i;
 			ctx->ibuf_off+=i;
-			if (p[i] == '\n')
+			if ((flag) || (i == size))
 				{
-				buf[i+1]='\0';
-				ctx->ibuf_len--;
-				ctx->ibuf_off++;
+				*buf='\0';
 				return(num);
 				}
 			}
diff --git a/crypto/bio/bf_nbio.c b/crypto/bio/bf_nbio.c
index b493100ba4..034b3024df 100644
--- a/crypto/bio/bf_nbio.c
+++ b/crypto/bio/bf_nbio.c
@@ -1,5 +1,5 @@
 /* crypto/bio/bf_nbio.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -93,7 +93,8 @@ typedef struct nbio_test_st
 
 static BIO_METHOD methods_nbiof=
 	{
-	BIO_TYPE_NBIO_TEST,"non-blocking IO test filter",
+	BIO_TYPE_NBIO_TEST,
+	"non-blocking IO test filter",
 	nbiof_write,
 	nbiof_read,
 	nbiof_puts,
@@ -237,6 +238,7 @@ char *ptr;
 		BIO_copy_next_retry(b);
 		break;
 	case BIO_CTRL_DUP:
+		ret=0L;
 		break;
 	default:
 		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
diff --git a/crypto/bio/bf_null.c b/crypto/bio/bf_null.c
index 9864f4a03c..a47a65741a 100644
--- a/crypto/bio/bf_null.c
+++ b/crypto/bio/bf_null.c
@@ -1,5 +1,5 @@
 /* crypto/bio/bf_null.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -85,7 +85,8 @@ static int nullf_free();
 
 static BIO_METHOD methods_nullf=
 	{
-	BIO_TYPE_NULL_FILTER,"NULL filter",
+	BIO_TYPE_NULL_FILTER,
+	"NULL filter",
 	nullf_write,
 	nullf_read,
 	nullf_puts,
@@ -166,6 +167,7 @@ char *ptr;
 		BIO_copy_next_retry(b);
 		break;
 	case BIO_CTRL_DUP:
+		ret=0L;
 		break;
 	default:
 		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
diff --git a/crypto/bio/bio.err b/crypto/bio/bio.err
index 3363971b31..6e2f2b63ca 100644
--- a/crypto/bio/bio.err
+++ b/crypto/bio/bio.err
@@ -14,10 +14,12 @@
 #define BIO_F_BIO_READ					 110
 #define BIO_F_BIO_SOCK_INIT				 111
 #define BIO_F_BIO_WRITE					 112
-#define BIO_F_CONN_STATE				 113
-#define BIO_F_FILE_CTRL					 114
-#define BIO_F_MEM_WRITE					 115
-#define BIO_F_WSASTARTUP				 116
+#define BIO_F_BUFFER_CTRL				 113
+#define BIO_F_CONN_STATE				 114
+#define BIO_F_FILE_CTRL					 115
+#define BIO_F_MEM_WRITE					 116
+#define BIO_F_SSL_NEW					 117
+#define BIO_F_WSASTARTUP				 118
 
 /* Reason codes. */
 #define BIO_R_ACCEPT_ERROR				 100
@@ -29,15 +31,16 @@
 #define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET	 106
 #define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET		 107
 #define BIO_R_INVALID_IP_ADDRESS			 108
-#define BIO_R_NBIO_CONNECT_ERROR			 109
-#define BIO_R_NO_ACCEPT_PORT_SPECIFIED			 110
-#define BIO_R_NO_HOSTHNAME_SPECIFIED			 111
-#define BIO_R_NO_PORT_DEFINED				 112
-#define BIO_R_NO_PORT_SPECIFIED				 113
-#define BIO_R_NULL_PARAMETER				 114
-#define BIO_R_UNABLE_TO_BIND_SOCKET			 115
-#define BIO_R_UNABLE_TO_CREATE_SOCKET			 116
-#define BIO_R_UNABLE_TO_LISTEN_SOCKET			 117
-#define BIO_R_UNINITALISED				 118
-#define BIO_R_UNSUPPORTED_METHOD			 119
-#define BIO_R_WSASTARTUP				 120
+#define BIO_R_KEEPALIVE					 109
+#define BIO_R_NBIO_CONNECT_ERROR			 110
+#define BIO_R_NO_ACCEPT_PORT_SPECIFIED			 111
+#define BIO_R_NO_HOSTHNAME_SPECIFIED			 112
+#define BIO_R_NO_PORT_DEFINED				 113
+#define BIO_R_NO_PORT_SPECIFIED				 114
+#define BIO_R_NULL_PARAMETER				 115
+#define BIO_R_UNABLE_TO_BIND_SOCKET			 116
+#define BIO_R_UNABLE_TO_CREATE_SOCKET			 117
+#define BIO_R_UNABLE_TO_LISTEN_SOCKET			 118
+#define BIO_R_UNINITALISED				 119
+#define BIO_R_UNSUPPORTED_METHOD			 120
+#define BIO_R_WSASTARTUP				 121
diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h
index 0b2c6e77e1..300b330e00 100644
--- a/crypto/bio/bio.h
+++ b/crypto/bio/bio.h
@@ -1,5 +1,5 @@
 /* crypto/bio/bio.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -63,6 +63,8 @@
 extern "C" {
 #endif
 
+#include "crypto.h"
+
 /* These are the 'types' of BIOs */
 #define BIO_TYPE_NONE		0
 #define BIO_TYPE_MEM		(1|0x0400)
@@ -78,7 +80,7 @@ extern "C" {
 #define BIO_TYPE_BASE64		(11|0x0200)		/* filter */
 #define BIO_TYPE_CONNECT	(12|0x0400|0x0100)	/* socket - connect */
 #define BIO_TYPE_ACCEPT		(13|0x0400|0x0100)	/* socket for accept */
-#define BIO_TYPE_PROXY_CLIENT	(14|0x0400)		/* client proxy BIO */
+#define BIO_TYPE_PROXY_CLIENT	(14|0x0200)		/* client proxy BIO */
 #define BIO_TYPE_PROXY_SERVER	(15|0x0200)		/* server proxy BIO */
 #define BIO_TYPE_NBIO_TEST	(16|0x0200)		/* server proxy BIO */
 #define BIO_TYPE_NULL_FILTER	(17|0x0200)
@@ -107,6 +109,9 @@ extern "C" {
 #define BIO_CTRL_FLUSH		11  /* opt - 'flush' buffered output */
 #define BIO_CTRL_DUP		12  /* man - extra stuff for 'duped' BIO */
 #define BIO_CTRL_WPENDING	13  /* opt - number of bytes still to write */
+/* callback is int cb(BIO *bio,state,ret); */
+#define BIO_CTRL_SET_CALLBACK	14  /* opt - set callback function */
+#define BIO_CTRL_GET_CALLBACK	15  /* opt - set callback function */
 
 #define BIO_CTRL_SET_FILENAME	30	/* BIO_s_file special */
 
@@ -122,12 +127,24 @@ extern "C" {
 #define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
 #define BIO_FLAGS_SHOULD_RETRY	0x08
 
+/* Used in BIO_gethostbyname() */
+#define BIO_GHBN_CTRL_HITS		1
+#define BIO_GHBN_CTRL_MISSES		2
+#define BIO_GHBN_CTRL_CACHE_SIZE	3
+#define BIO_GHBN_CTRL_GET_ENTRY		4
+#define BIO_GHBN_CTRL_FLUSH		5
+
 /* Mostly used in the SSL BIO */
-#define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
-#define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
-#define BIO_FLAGS_PROTOCOL_STARTUP	0x40
+/* Not used anymore
+ * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
+ * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
+ * #define BIO_FLAGS_PROTOCOL_STARTUP	0x40
+ */
+
+#define BIO_FLAGS_BASE64_NO_NL	0x100
 
 #define BIO_set_flags(b,f) ((b)->flags|=(f))
+#define BIO_get_flags(b) ((b)->flags)
 #define BIO_set_retry_special(b) \
 		((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
 #define BIO_set_retry_read(b) \
@@ -232,7 +249,7 @@ typedef struct bio_st
 	unsigned long num_read;
 	unsigned long num_write;
 
-	char *app_data;
+	CRYPTO_EX_DATA ex_data;
 	} BIO;
 
 typedef struct bio_f_buffer_ctx_struct
@@ -250,6 +267,17 @@ typedef struct bio_f_buffer_ctx_struct
 	int obuf_off;		/* write/read offset */
 	} BIO_F_BUFFER_CTX;
 
+/* connect BIO stuff */
+#define BIO_CONN_S_BEFORE		1
+#define BIO_CONN_S_GET_IP		2
+#define BIO_CONN_S_GET_PORT		3
+#define BIO_CONN_S_CREATE_SOCKET	4
+#define BIO_CONN_S_CONNECT		5
+#define BIO_CONN_S_OK			6
+#define BIO_CONN_S_BLOCKED_CONNECT	7
+#define BIO_CONN_S_NBIO			8
+#define BIO_CONN_get_param_hostname	BIO_ctrl
+
 #define BIO_number_read(b)	((b)->num_read)
 #define BIO_number_written(b)	((b)->num_write)
 
@@ -275,19 +303,40 @@ typedef struct bio_f_buffer_ctx_struct
 #define BIO_C_SSL_MODE				119
 #define BIO_C_GET_MD_CTX			120
 #define BIO_C_GET_PROXY_PARAM			121
-
-#define BIO_set_app_data(s,arg)		((s)->app_data=(char *)arg)
-#define BIO_get_app_data(s)		((s)->app_data)
+#define BIO_C_SET_BUFF_READ_DATA		122 /* data to read first */
+#define BIO_C_GET_CONNECT			123
+#define BIO_C_GET_ACCEPT			124
+#define BIO_C_SET_SSL_RENEGOTIATE_BYTES		125
+#define BIO_C_GET_SSL_NUM_RENEGOTIATES		126
+#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT	127
+
+#define BIO_set_app_data(s,arg)		BIO_set_ex_data(s,0,(char *)arg)
+#define BIO_get_app_data(s)		BIO_get_ex_data(s,0)
+
+int BIO_get_ex_num(BIO *bio);
+int BIO_set_ex_data(BIO *bio,int idx,char *data);
+char *BIO_get_ex_data(BIO *bio,int idx);
+void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)());
+int BIO_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+	int (*dup_func)(), void (*free_func)());
 
 /* BIO_s_connect_socket() */
-#define BIO_set_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
-#define BIO_set_port(b,port)	BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
+#define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
+#define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
+#define BIO_set_conn_ip(b,ip)	  BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
+#define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
+#define BIO_get_conn_hostname(b)  BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
+#define BIO_get_conn_port(b)      BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
+#define BIO_get_conn_ip(b,ip) BIO_ptr_ctrl(b,BIO_C_SET_CONNECT,2)
+#define BIO_get_conn_int port(b,port) BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,port)
+
 #define BIO_set_nbio(b,n)	BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
 
 /* BIO_s_accept_socket() */
 #define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
+#define BIO_get_accept_port(b)	BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
 /* #define BIO_set_nbio(b,n)	BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
-#define BIO_set_nbio_accpet(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL)
+#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL)
 #define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
 
 #define BIO_do_connect(b)	BIO_do_handshake(b)
@@ -302,12 +351,14 @@ typedef struct bio_f_buffer_ctx_struct
 /* BIO *BIO_get_filter_bio(BIO *bio); */
 #define BIO_set_proxy_cb(b,cb) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(char *)(cb))
 #define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
+#define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
 
 #define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
 #define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
 #define BIO_get_url(b,url)	BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
+#define BIO_get_no_connect_return(b)	BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
 
-#define BIO_set_fd(b,fd,c)	BIO_ctrl_int(b,BIO_C_SET_FD,c,fd)
+#define BIO_set_fd(b,fd,c)	BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
 #define BIO_get_fd(b,c)		BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
 
 #define BIO_set_fp(b,fp,c)	BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
@@ -320,9 +371,19 @@ typedef struct bio_f_buffer_ctx_struct
 #define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
 		BIO_CLOSE|BIO_FP_APPEND,name)
 
+/* WARNING WARNING, this ups the reference count on the read bio of the
+ * SSL structure.  This is because the ssl read BIO is now pointed to by
+ * the next_bio field in the bio.  So when you free the BIO, make sure
+ * you are doing a BIO_free_all() to catch the underlying BIO. */
 #define BIO_set_ssl(b,ssl,c)	BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
 #define BIO_get_ssl(b,sslp)	BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
 #define BIO_set_ssl_mode(b,client)	BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
+#define BIO_set_ssl_renegotiate_bytes(b,num) \
+	BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
+#define BIO_get_num_renegotiates(b) \
+	BIO_ctrl(b,BIO_C_SET_SSL_NUM_RENEGOTIATES,0,NULL);
+#define BIO_set_ssl_renegotiate_timeout(b,seconds) \
+	BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
 
 /* defined in evp.h */
 /* #define BIO_set_md(b,md)	BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
@@ -333,11 +394,12 @@ typedef struct bio_f_buffer_ctx_struct
 /* For the BIO_f_buffer() type */
 #define BIO_get_buffer_num_lines(b)	BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
 #define BIO_set_buffer_size(b,size)	BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
-#define BIO_set_read_buffer_size(b,size) BIO_ctrl_int(b,BIO_C_SET_BUFF_SIZE,size,0)
-#define BIO_set_write_buffer_size(b,size) BIO_ctrl_int(b,BIO_C_SET_BUFF_SIZE,size,1)
+#define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
+#define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
+#define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
 
 /* Don't use the next one unless you know what you are doing :-) */
-#define BIO_dup_state(b,ret)	BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)ret)
+#define BIO_dup_state(b,ret)	BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
 
 #define BIO_reset(b)		(int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
 #define BIO_eof(b)		(int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
@@ -346,10 +408,50 @@ typedef struct bio_f_buffer_ctx_struct
 #define BIO_pending(b)		(int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
 #define BIO_wpending(b)		(int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
 #define BIO_flush(b)		(int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
+#define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0,(char *)cbp)
+#define BIO_set_info_callback(b,cb) (int)BIO_ctrl(b,BIO_CTRL_SET_CALLBACK,0,(char *)cb)
 
 /* For the BIO_f_buffer() type */
 #define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
 
+#ifdef NO_STDIO
+#define NO_FP_API
+#endif
+
+#ifndef NOPROTO
+#  if defined(WIN16) && defined(_WINDLL)
+BIO_METHOD *BIO_s_file_internal(void);
+BIO *BIO_new_file_internal(char *filename, char *mode);
+BIO *BIO_new_fp_internal(FILE *stream, int close_flag);
+#    define BIO_s_file	BIO_s_file_internal
+#    define BIO_new_file	BIO_new_file_internal
+#    define BIO_new_fp	BIO_new_fp_internal
+#  else /* FP_API */
+BIO_METHOD *BIO_s_file(void );
+BIO *BIO_new_file(char *filename, char *mode);
+BIO *BIO_new_fp(FILE *stream, int close_flag);
+#    define BIO_s_file_internal		BIO_s_file
+#    define BIO_new_file_internal	BIO_new_file
+#    define BIO_new_fp_internal		BIO_s_file
+#  endif /* FP_API */
+#else
+#  if defined(WIN16) && defined(_WINDLL)
+BIO_METHOD *BIO_s_file_internal();
+BIO *BIO_new_file_internal();
+BIO *BIO_new_fp_internal();
+#    define BIO_s_file	BIO_s_file_internal
+#    define BIO_new_file	BIO_new_file_internal
+#    define BIO_new_fp	BIO_new_fp_internal
+#  else /* FP_API */
+BIO_METHOD *BIO_s_file();
+BIO *BIO_new_file();
+BIO *BIO_new_fp();
+#    define BIO_s_file_internal		BIO_s_file
+#    define BIO_new_file_internal	BIO_new_file
+#    define BIO_new_fp_internal		BIO_s_file
+#  endif /* FP_API */
+#endif
+
 #ifndef NOPROTO
 BIO *	BIO_new(BIO_METHOD *type);
 int	BIO_set(BIO *a,BIO_METHOD *type);
@@ -359,7 +461,8 @@ int	BIO_gets(BIO *bp,char *buf, int size);
 int	BIO_write(BIO *b, char *data, int len);
 int	BIO_puts(BIO *bp,char *buf);
 long	BIO_ctrl(BIO *bp,int cmd,long larg,char *parg);
-long	BIO_ctrl_int(BIO *bp,int cmd,long larg,int iarg);
+char *	BIO_ptr_ctrl(BIO *bp,int cmd,long larg);
+long	BIO_int_ctrl(BIO *bp,int cmd,long larg,int iarg);
 BIO *	BIO_push(BIO *b,BIO *append);
 BIO *	BIO_pop(BIO *b);
 void	BIO_free_all(BIO *a);
@@ -376,12 +479,6 @@ long _far _loadds BIO_debug_callback(BIO *bio,int cmd,char *argp,int argi,
 	long argl,long ret);
 #endif
 
-#if !defined(WIN16) || defined(APPS_WIN16)
-BIO_METHOD *BIO_s_file(void);
-#else
-BIO_METHOD *BIO_s_file_internal_w16(void);
-#endif
-
 BIO_METHOD *BIO_s_mem(void);
 BIO_METHOD *BIO_s_socket(void);
 BIO_METHOD *BIO_s_connect(void);
@@ -411,10 +508,6 @@ int BIO_set_tcp_ndelay(int sock,int turn_on);
 
 void ERR_load_BIO_strings(void );
 
-#if !defined(WIN16) || defined(APPS_WIN16)
-BIO *BIO_new_file(char *filename, char *mode);
-BIO *BIO_new_fp(FILE *stream, int close_flag);
-#endif
 BIO *BIO_new_socket(int sock, int close_flag);
 BIO *BIO_new_fd(int fd, int close_flag);
 BIO *BIO_new_connect(char *host_port);
@@ -422,6 +515,8 @@ BIO *BIO_new_accept(char *host_port);
 
 void BIO_copy_next_retry(BIO *b);
 
+long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
+
 #else
 
 BIO *	BIO_new();
@@ -431,8 +526,9 @@ int	BIO_read();
 int	BIO_gets();
 int	BIO_write();
 int	BIO_puts();
+char *	BIO_ptr_ctrl();
 long	BIO_ctrl();
-long	BIO_ctrl_int();
+long	BIO_int_ctrl();
 BIO *	BIO_push();
 BIO *	BIO_pop();
 void	BIO_free_all();
@@ -447,12 +543,6 @@ long BIO_debug_callback();
 long _far _loadds BIO_debug_callback();
 #endif
 
-#if !defined(WIN16) || defined(APPS_WIN16)
-BIO_METHOD *BIO_s_file();
-#else
-BIO_METHOD *BIO_s_file_internal_w16();
-#endif
-
 BIO_METHOD *BIO_s_mem();
 BIO_METHOD *BIO_s_socket();
 BIO_METHOD *BIO_s_connect();
@@ -482,10 +572,6 @@ int BIO_set_tcp_ndelay();
 
 void ERR_load_BIO_strings();
 
-#if !defined(WIN16) || defined(APPS_WIN16)
-BIO *BIO_new_file();
-BIO *BIO_new_fp();
-#endif
 BIO *BIO_new_socket();
 BIO *BIO_new_fd();
 BIO *BIO_new_connect();
@@ -493,6 +579,8 @@ BIO *BIO_new_accept();
 
 void BIO_copy_next_retry();
 
+int BIO_ghbn_ctrl();
+
 #endif
 
 /* Tim Hudson's portable varargs stuff */
@@ -562,10 +650,12 @@ int BIO_printf();
 #define BIO_F_BIO_READ					 110
 #define BIO_F_BIO_SOCK_INIT				 111
 #define BIO_F_BIO_WRITE					 112
-#define BIO_F_CONN_STATE				 113
-#define BIO_F_FILE_CTRL					 114
-#define BIO_F_MEM_WRITE					 115
-#define BIO_F_WSASTARTUP				 116
+#define BIO_F_BUFFER_CTRL				 113
+#define BIO_F_CONN_STATE				 114
+#define BIO_F_FILE_CTRL					 115
+#define BIO_F_MEM_WRITE					 116
+#define BIO_F_SSL_NEW					 117
+#define BIO_F_WSASTARTUP				 118
 
 /* Reason codes. */
 #define BIO_R_ACCEPT_ERROR				 100
@@ -577,18 +667,19 @@ int BIO_printf();
 #define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET	 106
 #define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET		 107
 #define BIO_R_INVALID_IP_ADDRESS			 108
-#define BIO_R_NBIO_CONNECT_ERROR			 109
-#define BIO_R_NO_ACCEPT_PORT_SPECIFIED			 110
-#define BIO_R_NO_HOSTHNAME_SPECIFIED			 111
-#define BIO_R_NO_PORT_DEFINED				 112
-#define BIO_R_NO_PORT_SPECIFIED				 113
-#define BIO_R_NULL_PARAMETER				 114
-#define BIO_R_UNABLE_TO_BIND_SOCKET			 115
-#define BIO_R_UNABLE_TO_CREATE_SOCKET			 116
-#define BIO_R_UNABLE_TO_LISTEN_SOCKET			 117
-#define BIO_R_UNINITALISED				 118
-#define BIO_R_UNSUPPORTED_METHOD			 119
-#define BIO_R_WSASTARTUP				 120
+#define BIO_R_KEEPALIVE					 109
+#define BIO_R_NBIO_CONNECT_ERROR			 110
+#define BIO_R_NO_ACCEPT_PORT_SPECIFIED			 111
+#define BIO_R_NO_HOSTHNAME_SPECIFIED			 112
+#define BIO_R_NO_PORT_DEFINED				 113
+#define BIO_R_NO_PORT_SPECIFIED				 114
+#define BIO_R_NULL_PARAMETER				 115
+#define BIO_R_UNABLE_TO_BIND_SOCKET			 116
+#define BIO_R_UNABLE_TO_CREATE_SOCKET			 117
+#define BIO_R_UNABLE_TO_LISTEN_SOCKET			 118
+#define BIO_R_UNINITALISED				 119
+#define BIO_R_UNSUPPORTED_METHOD			 120
+#define BIO_R_WSASTARTUP				 121
  
 #ifdef  __cplusplus
 }
diff --git a/crypto/bio/bio_cb.c b/crypto/bio/bio_cb.c
index 2f98cd1256..bc6ed9eda1 100644
--- a/crypto/bio/bio_cb.c
+++ b/crypto/bio/bio_cb.c
@@ -1,5 +1,5 @@
 /* crypto/bio/bio_cb.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -87,10 +87,16 @@ long ret;
 		sprintf(p,"Free - %s\n",bio->method->name);
 		break;
 	case BIO_CB_READ:
-		sprintf(p,"read(%d,%d) - %s\n",bio->num,argi,bio->method->name);
+		if (bio->method->type & BIO_TYPE_DESCRIPTOR)
+			sprintf(p,"read(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
+		else
+			sprintf(p,"read(%d,%d) - %s\n",bio->num,argi,bio->method->name);
 		break;
 	case BIO_CB_WRITE:
-		sprintf(p,"write(%d,%d) - %s\n",bio->num,argi,bio->method->name);
+		if (bio->method->type & BIO_TYPE_DESCRIPTOR)
+			sprintf(p,"write(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
+		else
+			sprintf(p,"write(%d,%d) - %s\n",bio->num,argi,bio->method->name);
 		break;
 	case BIO_CB_PUTS:
 		sprintf(p,"puts() - %s\n",bio->method->name);
@@ -124,7 +130,7 @@ long ret;
 	b=(BIO *)bio->cb_arg;
 	if (b != NULL)
 		BIO_write(b,buf,strlen(buf));
-#ifndef WIN16
+#if !defined(NO_STDIO) && !defined(WIN16)
 	else
 		fputs(buf,stderr);
 #endif
diff --git a/crypto/bio/bio_err.c b/crypto/bio/bio_err.c
index b78878fcb8..37e14ca107 100644
--- a/crypto/bio/bio_err.c
+++ b/crypto/bio/bio_err.c
@@ -60,6 +60,7 @@
 #include "bio.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA BIO_str_functs[]=
 	{
 {ERR_PACK(0,BIO_F_ACPT_STATE,0),	"ACPT_STATE"},
@@ -75,9 +76,11 @@ static ERR_STRING_DATA BIO_str_functs[]=
 {ERR_PACK(0,BIO_F_BIO_READ,0),	"BIO_read"},
 {ERR_PACK(0,BIO_F_BIO_SOCK_INIT,0),	"BIO_sock_init"},
 {ERR_PACK(0,BIO_F_BIO_WRITE,0),	"BIO_write"},
+{ERR_PACK(0,BIO_F_BUFFER_CTRL,0),	"BUFFER_CTRL"},
 {ERR_PACK(0,BIO_F_CONN_STATE,0),	"CONN_STATE"},
 {ERR_PACK(0,BIO_F_FILE_CTRL,0),	"FILE_CTRL"},
 {ERR_PACK(0,BIO_F_MEM_WRITE,0),	"MEM_WRITE"},
+{ERR_PACK(0,BIO_F_SSL_NEW,0),	"SSL_NEW"},
 {ERR_PACK(0,BIO_F_WSASTARTUP,0),	"WSASTARTUP"},
 {0,NULL},
 	};
@@ -93,6 +96,7 @@ static ERR_STRING_DATA BIO_str_reasons[]=
 {BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET,"error setting nbio on accept socket"},
 {BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET ,"gethostbyname addr is not af inet"},
 {BIO_R_INVALID_IP_ADDRESS                ,"invalid ip address"},
+{BIO_R_KEEPALIVE                         ,"keepalive"},
 {BIO_R_NBIO_CONNECT_ERROR                ,"nbio connect error"},
 {BIO_R_NO_ACCEPT_PORT_SPECIFIED          ,"no accept port specified"},
 {BIO_R_NO_HOSTHNAME_SPECIFIED            ,"no hosthname specified"},
@@ -108,14 +112,19 @@ static ERR_STRING_DATA BIO_str_reasons[]=
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_BIO_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_BIO,BIO_str_functs);
 		ERR_load_strings(ERR_LIB_BIO,BIO_str_reasons);
+#endif
+
 		}
 	}
diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c
index 78e896f9ae..7a66b0892e 100644
--- a/crypto/bio/bio_lib.c
+++ b/crypto/bio/bio_lib.c
@@ -1,5 +1,5 @@
 /* crypto/bio/bio_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -58,8 +58,13 @@
 
 #include <stdio.h>
 #include <errno.h>
+#include "crypto.h"
 #include "cryptlib.h"
 #include "bio.h"
+#include "stack.h"
+
+static STACK *bio_meth=NULL;
+static int bio_meth_num=0;
 
 BIO *BIO_new(method)
 BIO_METHOD *method;
@@ -89,15 +94,16 @@ BIO_METHOD *method;
 	bio->cb_arg=NULL;
 	bio->init=0;
 	bio->shutdown=1;
-	bio->num=0;
 	bio->flags=0;
 	bio->retry_reason=0;
+	bio->num=0;
 	bio->ptr=NULL;
 	bio->prev_bio=NULL;
 	bio->next_bio=NULL;
 	bio->references=1;
 	bio->num_read=0L;
 	bio->num_write=0L;
+	CRYPTO_new_ex_data(bio_meth,(char *)bio,&bio->ex_data);
 	if (method->create != NULL)
 		if (!method->create(bio))
 			return(0);
@@ -112,7 +118,9 @@ BIO *a;
 	if (a == NULL) return(0);
 
 	i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_BIO);
-
+#ifdef REF_PRINT
+	REF_PRINT("BIO",a);
+#endif
         if (i > 0) return(1);
 #ifdef REF_CHECK
 	if (i < 0)
@@ -125,6 +133,8 @@ BIO *a;
 		((i=(int)a->callback(a,BIO_CB_FREE,NULL,0,0L,1L)) <= 0))
 			return(i);
 
+	CRYPTO_free_ex_data(bio_meth,(char *)a,&a->ex_data);
+
 	if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
 	ret=a->method->destroy(a);
 	Free(a);
@@ -137,6 +147,7 @@ char *out;
 int outl;
 	{
 	int i;
+	long (*cb)();
 
 	if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL))
 		{
@@ -144,8 +155,9 @@ int outl;
 		return(-2);
 		}
 
-	if ((b->callback != NULL) &&
-		((i=(int)b->callback(b,BIO_CB_READ,out,outl,0L,1L)) <= 0))
+	cb=b->callback;
+	if ((cb != NULL) &&
+		((i=(int)cb(b,BIO_CB_READ,out,outl,0L,1L)) <= 0))
 			return(i);
 
 	if (!b->init)
@@ -157,8 +169,8 @@ int outl;
 	i=b->method->bread(b,out,outl);
 	if (i > 0) b->num_read+=(unsigned long)i;
 
-	if (b->callback != NULL)
-		i=(int)b->callback(b,BIO_CB_READ|BIO_CB_RETURN,out,outl,
+	if (cb != NULL)
+		i=(int)cb(b,BIO_CB_READ|BIO_CB_RETURN,out,outl,
 			0L,(long)i);
 	return(i);
 	}
@@ -169,15 +181,20 @@ char *in;
 int inl;
 	{
 	int i;
+	long (*cb)();
+
+	if (b == NULL)
+		return(0);
 
-	if ((b == NULL) || (b->method == NULL) || (b->method->bwrite == NULL))
+	cb=b->callback;
+	if ((b->method == NULL) || (b->method->bwrite == NULL))
 		{
 		BIOerr(BIO_F_BIO_WRITE,BIO_R_UNSUPPORTED_METHOD);
 		return(-2);
 		}
 
-	if ((b->callback != NULL) &&
-		((i=(int)b->callback(b,BIO_CB_WRITE,in,inl,0L,1L)) <= 0))
+	if ((cb != NULL) &&
+		((i=(int)cb(b,BIO_CB_WRITE,in,inl,0L,1L)) <= 0))
 			return(i);
 
 	if (!b->init)
@@ -189,8 +206,8 @@ int inl;
 	i=b->method->bwrite(b,in,inl);
 	if (i > 0) b->num_write+=(unsigned long)i;
 
-	if (b->callback != NULL)
-		i=(int)b->callback(b,BIO_CB_WRITE|BIO_CB_RETURN,in,inl,
+	if (cb != NULL)
+		i=(int)cb(b,BIO_CB_WRITE|BIO_CB_RETURN,in,inl,
 			0L,(long)i);
 	return(i);
 	}
@@ -200,6 +217,7 @@ BIO *b;
 char *in;
 	{
 	int i;
+	long (*cb)();
 
 	if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL))
 		{
@@ -207,8 +225,10 @@ char *in;
 		return(-2);
 		}
 
-	if ((b->callback != NULL) &&
-		((i=(int)b->callback(b,BIO_CB_PUTS,in,0,0L,1L)) <= 0))
+	cb=b->callback;
+
+	if ((cb != NULL) &&
+		((i=(int)cb(b,BIO_CB_PUTS,in,0,0L,1L)) <= 0))
 			return(i);
 
 	if (!b->init)
@@ -219,8 +239,8 @@ char *in;
 
 	i=b->method->bputs(b,in);
 
-	if (b->callback != NULL)
-		i=(int)b->callback(b,BIO_CB_PUTS|BIO_CB_RETURN,in,0,
+	if (cb != NULL)
+		i=(int)cb(b,BIO_CB_PUTS|BIO_CB_RETURN,in,0,
 			0L,(long)i);
 	return(i);
 	}
@@ -231,6 +251,7 @@ char *in;
 int inl;
 	{
 	int i;
+	long (*cb)();
 
 	if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL))
 		{
@@ -238,8 +259,10 @@ int inl;
 		return(-2);
 		}
 
-	if ((b->callback != NULL) &&
-		((i=(int)b->callback(b,BIO_CB_GETS,in,inl,0L,1L)) <= 0))
+	cb=b->callback;
+
+	if ((cb != NULL) &&
+		((i=(int)cb(b,BIO_CB_GETS,in,inl,0L,1L)) <= 0))
 			return(i);
 
 	if (!b->init)
@@ -250,13 +273,13 @@ int inl;
 
 	i=b->method->bgets(b,in,inl);
 
-	if (b->callback != NULL)
-		i=(int)b->callback(b,BIO_CB_GETS|BIO_CB_RETURN,in,inl,
+	if (cb != NULL)
+		i=(int)cb(b,BIO_CB_GETS|BIO_CB_RETURN,in,inl,
 			0L,(long)i);
 	return(i);
 	}
 
-long BIO_ctrl_int(b,cmd,larg,iarg)
+long BIO_int_ctrl(b,cmd,larg,iarg)
 BIO *b;
 int cmd;
 long larg;
@@ -268,6 +291,19 @@ int iarg;
 	return(BIO_ctrl(b,cmd,larg,(char *)&i));
 	}
 
+char *BIO_ptr_ctrl(b,cmd,larg)
+BIO *b;
+int cmd;
+long larg;
+	{
+	char *p=NULL;
+
+	if (BIO_ctrl(b,cmd,larg,(char *)&p) <= 0)
+		return(NULL);
+	else
+		return(p);
+	}
+
 long BIO_ctrl(b,cmd,larg,parg)
 BIO *b;
 int cmd;
@@ -275,6 +311,7 @@ long larg;
 char *parg;
 	{
 	long ret;
+	long (*cb)();
 
 	if (b == NULL) return(0);
 
@@ -284,14 +321,16 @@ char *parg;
 		return(-2);
 		}
 
-	if ((b->callback != NULL) &&
-		((ret=b->callback(b,BIO_CB_CTRL,parg,cmd,larg,1L)) <= 0))
+	cb=b->callback;
+
+	if ((cb != NULL) &&
+		((ret=cb(b,BIO_CB_CTRL,parg,cmd,larg,1L)) <= 0))
 		return(ret);
 
 	ret=b->method->ctrl(b,cmd,larg,parg);
 
-	if (b->callback != NULL)
-		ret=b->callback(b,BIO_CB_CTRL|BIO_CB_RETURN,parg,cmd,
+	if (cb != NULL)
+		ret=cb(b,BIO_CB_CTRL|BIO_CB_RETURN,parg,cmd,
 			larg,ret);
 	return(ret);
 	}
@@ -309,6 +348,7 @@ BIO *b,*bio;
 	lb->next_bio=bio;
 	if (bio != NULL)
 		bio->prev_bio=lb;
+	/* called to do internal processing */
 	BIO_ctrl(b,BIO_CTRL_PUSH,0,NULL);
 	return(b);
 	}
@@ -420,6 +460,11 @@ BIO *in;
 			BIO_free(new);
 			goto err;
 			}
+
+	        /* copy app data */
+	        if (!CRYPTO_dup_ex_data(bio_meth,&new->ex_data,&bio->ex_data))
+	                goto err;
+
 		if (ret == NULL)
 			{
 			eoc=new;
@@ -445,3 +490,30 @@ BIO *b;
 	b->retry_reason=b->next_bio->retry_reason;
 	}
 
+int BIO_get_ex_new_index(argl,argp,new_func,dup_func,free_func)
+long argl;
+char *argp;
+int (*new_func)();
+int (*dup_func)();
+void (*free_func)();
+        {
+        bio_meth_num++;
+        return(CRYPTO_get_ex_new_index(bio_meth_num-1,&bio_meth,
+                argl,argp,new_func,dup_func,free_func));
+        }
+
+int BIO_set_ex_data(bio,idx,data)
+BIO *bio;
+int idx;
+char *data;
+	{
+	return(CRYPTO_set_ex_data(&(bio->ex_data),idx,data));
+	}
+
+char *BIO_get_ex_data(bio,idx)
+BIO *bio;
+int idx;
+	{
+	return(CRYPTO_get_ex_data(&(bio->ex_data),idx));
+	}
+
diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c
index 251474198b..e49902fa9f 100644
--- a/crypto/bio/bss_acpt.c
+++ b/crypto/bio/bss_acpt.c
@@ -1,5 +1,5 @@
 /* crypto/bio/bss_acpt.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -121,7 +121,8 @@ void BIO_ACCEPT_free();
 
 static BIO_METHOD methods_acceptp=
 	{
-	BIO_TYPE_ACCEPT,"socket accept",
+	BIO_TYPE_ACCEPT,
+	"socket accept",
 	acpt_write,
 	acpt_read,
 	acpt_puts,
@@ -375,6 +376,7 @@ char *ptr;
 	int *ip;
 	long ret=1;
 	BIO_ACCEPT *data;
+	char **pp;
 
 	data=(BIO_ACCEPT *)b->ptr;
 
@@ -426,6 +428,20 @@ char *ptr;
 		else
 			ret= -1;
 		break;
+	case BIO_C_GET_ACCEPT:
+		if (b->init)
+			{
+			if (ptr != NULL)
+				{
+				pp=(char **)ptr;
+				*pp=data->param_addr;
+				}
+			else
+				ret= -1;
+			}
+		else
+			ret= -1;
+		break;
 	case BIO_CTRL_GET_CLOSE:
 		ret=b->shutdown;
 		break;
diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c
index 4e31e3c1f8..6e547bf866 100644
--- a/crypto/bio/bss_conn.c
+++ b/crypto/bio/bss_conn.c
@@ -1,5 +1,5 @@
 /* crypto/bio/bss_conn.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -88,6 +88,11 @@ typedef struct bio_connect_st
 	/* int socket; this will be kept in bio->num so that it is
 	 * compatable with the bss_sock bio */ 
 	int error;
+
+	/* called when the connection is initially made
+	 *  callback(BIO,state,ret);  The callback should return
+	 * 'ret'.  state is for compatablity with the ssl info_callback */
+	int (*info_callback)();
 	} BIO_CONNECT;
 
 #ifndef NOPROTO
@@ -122,18 +127,10 @@ void BIO_CONNECT_free();
 
 #endif
 
-#define CONN_S_BEFORE		1
-#define CONN_S_GET_IP		2
-#define CONN_S_GET_PORT		3
-#define CONN_S_CREATE_SOCKET	4
-#define CONN_S_CONNECT		5
-#define CONN_S_OK		6
-#define CONN_S_BLOCKED_CONNECT	7
-#define CONN_S_NBIO		8
-
 static BIO_METHOD methods_connectp=
 	{
-	BIO_TYPE_CONNECT,"socket connect",
+	BIO_TYPE_CONNECT,
+	"socket connect",
 	conn_write,
 	conn_read,
 	conn_puts,
@@ -150,143 +147,192 @@ BIO_CONNECT *c;
 	int ret= -1,i;
 	unsigned long l;
 	char *p,*q;
+	int (*cb)()=NULL;
 
-	switch (c->state)
-		{
-	case CONN_S_BEFORE:
-		p=c->param_hostname;
-		if (p == NULL)
-			{
-			BIOerr(BIO_F_CONN_STATE,BIO_R_NO_HOSTHNAME_SPECIFIED);
-			break;
-			}
-		for ( ; *p != '\0'; p++)
-			{
-			if ((*p == ':') || (*p == '/')) break;
-			}
+	if (c->info_callback != NULL)
+		cb=c->info_callback;
 
-		i= *p;
-		if ((i == ':') || (i == '/'))
+	for (;;)
+		{
+		switch (c->state)
 			{
+		case BIO_CONN_S_BEFORE:
+			p=c->param_hostname;
+			if (p == NULL)
+				{
+				BIOerr(BIO_F_CONN_STATE,BIO_R_NO_HOSTHNAME_SPECIFIED);
+				goto exit_loop;
+				}
+			for ( ; *p != '\0'; p++)
+				{
+				if ((*p == ':') || (*p == '/')) break;
+				}
 
-			*(p++)='\0';
-			if (i == ':')
+			i= *p;
+			if ((i == ':') || (i == '/'))
 				{
-				for (q=p; *q; q++)
-					if (*q == '/')
-						{
-						*q='\0';
-						break;
-						}
-				if (c->param_port != NULL)
-					Free(c->param_port);
-				c->param_port=BUF_strdup(p);
+
+				*(p++)='\0';
+				if (i == ':')
+					{
+					for (q=p; *q; q++)
+						if (*q == '/')
+							{
+							*q='\0';
+							break;
+							}
+					if (c->param_port != NULL)
+						Free(c->param_port);
+					c->param_port=BUF_strdup(p);
+					}
 				}
-			}
 
-		if (p == NULL)
-			{
-			BIOerr(BIO_F_CONN_STATE,BIO_R_NO_PORT_SPECIFIED);
+			if (p == NULL)
+				{
+				BIOerr(BIO_F_CONN_STATE,BIO_R_NO_PORT_SPECIFIED);
+				ERR_add_error_data(2,"host=",c->param_hostname);
+				goto exit_loop;
+				}
+			c->state=BIO_CONN_S_GET_IP;
 			break;
-			}
-		c->state=CONN_S_GET_IP;
 
-	case CONN_S_GET_IP:
-		if (BIO_get_host_ip(c->param_hostname,&(c->ip[0])) <= 0)
+		case BIO_CONN_S_GET_IP:
+			if (BIO_get_host_ip(c->param_hostname,&(c->ip[0])) <= 0)
+				goto exit_loop;
+			c->state=BIO_CONN_S_GET_PORT;
 			break;
-		c->state=CONN_S_GET_PORT;
 
-	case CONN_S_GET_PORT:
-		if (BIO_get_port(c->param_port,&c->port) <= 0)
+		case BIO_CONN_S_GET_PORT:
+			if (BIO_get_port(c->param_port,&c->port) <= 0)
+				goto exit_loop;
+			c->state=BIO_CONN_S_CREATE_SOCKET;
 			break;
-		c->state=CONN_S_CREATE_SOCKET;
-
-	case CONN_S_CREATE_SOCKET:
-		/* now setup address */
-		memset((char *)&c->them,0,sizeof(c->them));
-		c->them.sin_family=AF_INET;
-		c->them.sin_port=htons((unsigned short)c->port);
-		l=(unsigned long)
-			((unsigned long)c->ip[0]<<24L)|
-			((unsigned long)c->ip[1]<<16L)|
-			((unsigned long)c->ip[2]<< 8L)|
-			((unsigned long)c->ip[3]);
-		c->them.sin_addr.s_addr=htonl(l);
-		c->state=CONN_S_CREATE_SOCKET;
-
-		ret=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-		if (ret == INVALID_SOCKET)
-			{
-			SYSerr(SYS_F_SOCKET,errno);
-			BIOerr(BIO_F_CONN_STATE,BIO_R_UNABLE_TO_CREATE_SOCKET);
+
+		case BIO_CONN_S_CREATE_SOCKET:
+			/* now setup address */
+			memset((char *)&c->them,0,sizeof(c->them));
+			c->them.sin_family=AF_INET;
+			c->them.sin_port=htons((unsigned short)c->port);
+			l=(unsigned long)
+				((unsigned long)c->ip[0]<<24L)|
+				((unsigned long)c->ip[1]<<16L)|
+				((unsigned long)c->ip[2]<< 8L)|
+				((unsigned long)c->ip[3]);
+			c->them.sin_addr.s_addr=htonl(l);
+			c->state=BIO_CONN_S_CREATE_SOCKET;
+
+			ret=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+			if (ret == INVALID_SOCKET)
+				{
+				SYSerr(SYS_F_SOCKET,get_last_socket_error());
+				ERR_add_error_data(4,"host=",c->param_hostname,
+					":",c->param_port);
+				BIOerr(BIO_F_CONN_STATE,BIO_R_UNABLE_TO_CREATE_SOCKET);
+				goto exit_loop;
+				}
+			b->num=ret;
+			c->state=BIO_CONN_S_NBIO;
 			break;
-			}
-		b->num=ret;
-		c->state=CONN_S_NBIO;
 
-	case CONN_S_NBIO:
+		case BIO_CONN_S_NBIO:
 #ifdef FIONBIO
-		if (c->nbio)
-			{
-			l=1;
-			ret=BIO_socket_ioctl(b->num,FIONBIO,&l);
-			if (ret < 0)
+			if (c->nbio)
 				{
-				BIOerr(BIO_F_CONN_STATE,BIO_R_ERROR_SETTING_NBIO);
-				break;
+				l=1;
+				ret=BIO_socket_ioctl(b->num,FIONBIO,&l);
+				if (ret < 0)
+					{
+					BIOerr(BIO_F_CONN_STATE,BIO_R_ERROR_SETTING_NBIO);
+					ERR_add_error_data(4,"host=",
+						c->param_hostname,
+						":",c->param_port);
+					goto exit_loop;
+					}
 				}
-			}
 #endif
-		c->state=CONN_S_CONNECT;
+			c->state=BIO_CONN_S_CONNECT;
 
-	case CONN_S_CONNECT:
-		BIO_clear_retry_flags(b);
-		ret=connect(b->num,
-			(struct sockaddr *)&c->them,
-			sizeof(c->them));
-		b->retry_reason=0;
-		if (ret < 0)
-			{
-			if (BIO_sock_should_retry(ret))
+#ifdef SO_KEEPALIVE
+			i=1;
+			i=setsockopt(b->num,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
+			if (i < 0)
 				{
-				BIO_set_retry_special(b);
-				c->state=CONN_S_BLOCKED_CONNECT;
-				b->retry_reason=BIO_RR_CONNECT;
+				SYSerr(SYS_F_SOCKET,get_last_socket_error());
+				ERR_add_error_data(4,"host=",c->param_hostname,
+					":",c->param_port);
+				BIOerr(BIO_F_CONN_STATE,BIO_R_KEEPALIVE);
+				goto exit_loop;
+				}
+#endif
+			break;
+
+		case BIO_CONN_S_CONNECT:
+			BIO_clear_retry_flags(b);
+			ret=connect(b->num,
+				(struct sockaddr *)&c->them,
+				sizeof(c->them));
+			b->retry_reason=0;
+			if (ret < 0)
+				{
+				if (BIO_sock_should_retry(ret))
+					{
+					BIO_set_retry_special(b);
+					c->state=BIO_CONN_S_BLOCKED_CONNECT;
+					b->retry_reason=BIO_RR_CONNECT;
+					}
+				else
+					{
+					SYSerr(SYS_F_CONNECT,get_last_socket_error());
+					ERR_add_error_data(4,"host=",
+						c->param_hostname,
+						":",c->param_port);
+					BIOerr(BIO_F_CONN_STATE,BIO_R_CONNECT_ERROR);
+					}
+				goto exit_loop;
 				}
 			else
+				c->state=BIO_CONN_S_OK;
+			break;
+
+		case BIO_CONN_S_BLOCKED_CONNECT:
+			i=BIO_sock_error(b->num);
+			if (i)
 				{
-				SYSerr(SYS_F_CONNECT,errno);
-				BIOerr(BIO_F_CONN_STATE,BIO_R_CONNECT_ERROR);
+				BIO_clear_retry_flags(b);
+				SYSerr(SYS_F_CONNECT,i);
+				ERR_add_error_data(4,"host=",
+					c->param_hostname,
+					":",c->param_port);
+				BIOerr(BIO_F_CONN_STATE,BIO_R_NBIO_CONNECT_ERROR);
+				ret=0;
+				goto exit_loop;
 				}
-			}
-		else
-			{
+			else
+				c->state=BIO_CONN_S_OK;
+			break;
+
+		case BIO_CONN_S_OK:
 			ret=1;
-			c->state=CONN_S_OK;
+			goto exit_loop;
+		default:
+			abort();
+			goto exit_loop;
 			}
-		break;
 
-	case CONN_S_BLOCKED_CONNECT:
-		BIO_clear_retry_flags(b);
-		i=BIO_sock_error(b->num);
-		if (i)
+		if (cb != NULL)
 			{
-			SYSerr(SYS_F_CONNECT,i);
-			BIOerr(BIO_F_CONN_STATE,BIO_R_NBIO_CONNECT_ERROR);
+			if (!(ret=cb((BIO *)b,c->state,ret)))
+				goto end;
 			}
-		else
-			{
-			c->state=CONN_S_OK;
-			ret=1;
-			}
-		break;
+		}
 
-	case CONN_S_OK:
-		ret=1;
-		break;
-	default:
-		abort();
+	if (1)
+		{
+exit_loop:
+		if (cb != NULL)
+			ret=cb((BIO *)b,c->state,ret);
 		}
+end:
 	return(ret);
 	}
 
@@ -296,9 +342,10 @@ BIO_CONNECT *BIO_CONNECT_new()
 
 	if ((ret=(BIO_CONNECT *)Malloc(sizeof(BIO_CONNECT))) == NULL)
 		return(NULL);
-	ret->state=CONN_S_BEFORE;
+	ret->state=BIO_CONN_S_BEFORE;
 	ret->param_hostname=NULL;
 	ret->param_port=NULL;
+	ret->info_callback=NULL;
 	ret->nbio=0;
 	ret->ip[0]=0;
 	ret->ip[1]=0;
@@ -346,7 +393,7 @@ BIO *bio;
 	if (bio->num != INVALID_SOCKET)
 		{
 		/* Only do a shutdown if things were established */
-		if (c->state == CONN_S_OK)
+		if (c->state == BIO_CONN_S_OK)
 			shutdown(bio->num,2);
 # ifdef WINDOWS
 		closesocket(bio->num);
@@ -385,15 +432,16 @@ int outl;
 	BIO_CONNECT *data;
 
 	data=(BIO_CONNECT *)b->ptr;
-	if (data->state != CONN_S_OK)
+	if (data->state != BIO_CONN_S_OK)
 		{
 		ret=conn_state(b,data);
-		if (ret <= 0) return(ret);
+		if (ret <= 0)
+				return(ret);
 		}
 
 	if (out != NULL)
 		{
-		errno=0;
+		clear_socket_error();
 #if defined(WINDOWS)
 		ret=recv(b->num,out,outl,0);
 #else
@@ -418,13 +466,13 @@ int inl;
 	BIO_CONNECT *data;
 
 	data=(BIO_CONNECT *)b->ptr;
-	if (data->state != CONN_S_OK)
+	if (data->state != BIO_CONN_S_OK)
 		{
 		ret=conn_state(b,data);
 		if (ret <= 0) return(ret);
 		}
 
-	errno=0;
+	clear_socket_error();
 #if defined(WINDOWS)
 	ret=send(b->num,in,inl,0);
 #else
@@ -447,6 +495,7 @@ char *ptr;
 	{
 	BIO *dbio;
 	int *ip;
+	char **pptr;
 	long ret=1;
 	BIO_CONNECT *data;
 
@@ -456,17 +505,43 @@ char *ptr;
 		{
 	case BIO_CTRL_RESET:
 		ret=0;
-		data->state=CONN_S_BEFORE;
+		data->state=BIO_CONN_S_BEFORE;
 		conn_close_socket(b);
 		b->flags=0;
 		break;
 	case BIO_C_DO_STATE_MACHINE:
 		/* use this one to start the connection */
-		if (!data->state != CONN_S_OK)
+		if (!data->state != BIO_CONN_S_OK)
 			ret=(long)conn_state(b,data);
 		else
 			ret=1;
 		break;
+	case BIO_C_GET_CONNECT:
+		if (ptr != NULL)
+			{
+			pptr=(char **)ptr;
+			if (num == 0)
+				{
+				*pptr=data->param_hostname;
+
+				}
+			else if (num == 1)
+				{
+				*pptr=data->param_port;
+				}
+			else if (num == 2)
+				{
+				*pptr= (char *)&(data->ip[0]);
+				}
+			else if (num == 3)
+				{
+				*((int *)ptr)=data->port;
+				}
+			if ((!b->init) || (ptr == NULL))
+				*pptr="not initalised";
+			ret=1;
+			}
+		break;
 	case BIO_C_SET_CONNECT:
 		if (ptr != NULL)
 			{
@@ -483,6 +558,10 @@ char *ptr;
 					Free(data->param_port);
 				data->param_port=BUF_strdup(ptr);
 				}
+			else if (num == 2)
+				memcpy(data->ip,ptr,4);
+			else if (num == 3)
+				data->port= *(int *)ptr;
 			}
 		break;
 	case BIO_C_SET_NBIO:
@@ -514,12 +593,23 @@ char *ptr;
 	case BIO_CTRL_DUP:
 		dbio=(BIO *)ptr;
 		if (data->param_port)
-			BIO_set_port(dbio,data->param_port);
+			BIO_set_conn_port(dbio,data->param_port);
 		if (data->param_hostname)
-			BIO_set_hostname(dbio,data->param_hostname);
+			BIO_set_conn_hostname(dbio,data->param_hostname);
 		BIO_set_nbio(dbio,data->nbio);
+		BIO_set_info_callback(dbio,data->info_callback);
 		break;
+	case BIO_CTRL_SET_CALLBACK:
+		data->info_callback=(int (*)())ptr;
+		break;
+	case BIO_CTRL_GET_CALLBACK:
+		{
+		int (**fptr)();
 
+		fptr=(int (**)())ptr;
+		*fptr=data->info_callback;
+		}
+		break;
 	default:
 		ret=0;
 		break;
@@ -545,7 +635,7 @@ char *str;
 
 	ret=BIO_new(BIO_s_connect());
 	if (ret == NULL) return(NULL);
-	if (BIO_set_hostname(ret,str))
+	if (BIO_set_conn_hostname(ret,str))
 		return(ret);
 	else
 		{
diff --git a/crypto/bio/bss_fd.c b/crypto/bio/bss_fd.c
index 06ae229ff6..686c4909a2 100644
--- a/crypto/bio/bss_fd.c
+++ b/crypto/bio/bss_fd.c
@@ -1,5 +1,5 @@
 /* crypto/bio/bss_fd.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c
index 33c18e744b..1484cf849e 100644
--- a/crypto/bio/bss_file.c
+++ b/crypto/bio/bss_file.c
@@ -1,5 +1,5 @@
 /* crypto/bio/bss_file.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -56,12 +56,23 @@
  * [including the GNU Public Licence.]
  */
 
+/*
+ * 03-Dec-1997	rdenny@dc3.com  Fix bug preventing use of stdin/stdout
+ *		with binary data (e.g. asn1parse -inform DER < xxx) under
+ *		Windows
+ */
+
+#ifndef HEADER_BSS_FILE_C
+#define HEADER_BSS_FILE_C
+
 #include <stdio.h>
 #include <errno.h>
 #include "cryptlib.h"
 #include "bio.h"
 #include "err.h"
 
+#if !defined(NO_STDIO)
+
 #ifndef NOPROTO
 static int MS_CALLBACK file_write(BIO *h,char *buf,int num);
 static int MS_CALLBACK file_read(BIO *h,char *buf,int size);
@@ -82,7 +93,8 @@ static int MS_CALLBACK file_free();
 
 static BIO_METHOD methods_filep=
 	{
-	BIO_TYPE_FILE,"FILE pointer",
+	BIO_TYPE_FILE,
+	"FILE pointer",
 	file_write,
 	file_read,
 	file_puts,
@@ -92,7 +104,6 @@ static BIO_METHOD methods_filep=
 	file_free,
 	};
 
-#if !defined(WIN16) || defined(APPS_WIN16)
 BIO *BIO_new_file(filename,mode)
 char *filename;
 char *mode;
@@ -102,17 +113,13 @@ char *mode;
 
 	if ((file=fopen(filename,mode)) == NULL)
 		{
-		SYSerr(SYS_F_FOPEN,errno);
+		SYSerr(SYS_F_FOPEN,get_last_sys_error());
+		ERR_add_error_data(5,"fopen('",filename,"','",mode,"')");
 		BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB);
 		return(NULL);
 		}
-
-	if ((ret=BIO_new(BIO_s_file())) == NULL)
+	if ((ret=BIO_new(BIO_s_file_internal())) == NULL)
 		return(NULL);
-#if 0
-	if ((ret=BIO_new(BIO_s_file_internal_w16())) == NULL)
-		return(NULL);
-#endif
 
 	BIO_set_fp(ret,file,BIO_CLOSE);
 	return(ret);
@@ -126,31 +133,16 @@ int close_flag;
 
 	if ((ret=BIO_new(BIO_s_file())) == NULL)
 		return(NULL);
-#if 0
-	if ((ret=BIO_new(BIO_s_file_internal_w16())) == NULL)
-#endif
 
 	BIO_set_fp(ret,stream,close_flag);
 	return(ret);
 	}
-#endif /* !APPS_WIN16 */
-
-#if !defined(WIN16) || defined(APPS_WIN16)
 
 BIO_METHOD *BIO_s_file()
 	{
 	return(&methods_filep);
 	}
 
-#else
-
-BIO_METHOD *BIO_s_file_internal_w16()
-	{
-	return(&methods_filep);
-	}
-
-#endif
-
 static int MS_CALLBACK file_new(bi)
 BIO *bi;
 	{
@@ -236,6 +228,13 @@ char *ptr;
 		b->shutdown=(int)num;
 		b->ptr=(char *)ptr;
 		b->init=1;
+#if defined(MSDOS) || defined(WINDOWS)
+		/* Set correct text/binary mode */
+		if (num & BIO_FP_TEXT)
+			_setmode(fileno((FILE *)ptr),_O_TEXT);
+		else
+			_setmode(fileno((FILE *)ptr),_O_BINARY);
+#endif
 		break;
 	case BIO_C_SET_FILENAME:
 		file_free(b);
@@ -267,7 +266,8 @@ char *ptr;
 		fp=fopen(ptr,p);
 		if (fp == NULL)
 			{
-			SYSerr(SYS_F_FOPEN,errno);
+			SYSerr(SYS_F_FOPEN,get_last_sys_error());
+			ERR_add_error_data(5,"fopen('",ptr,"','",p,"')");
 			BIOerr(BIO_F_FILE_CTRL,ERR_R_SYS_LIB);
 			ret=0;
 			break;
@@ -332,3 +332,8 @@ char *str;
 	return(ret);
 	}
 
+#endif /* NO_STDIO */
+
+#endif /* HEADER_BSS_FILE_C */
+
+
diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c
index 9b4cf40acf..40c4e39f02 100644
--- a/crypto/bio/bss_mem.c
+++ b/crypto/bio/bss_mem.c
@@ -1,5 +1,5 @@
 /* crypto/bio/bss_mem.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -81,7 +81,8 @@ static int mem_free();
 
 static BIO_METHOD mem_method=
 	{
-	BIO_TYPE_MEM,"memory buffer",
+	BIO_TYPE_MEM,
+	"memory buffer",
 	mem_write,
 	mem_read,
 	mem_puts,
diff --git a/crypto/bio/bss_null.c b/crypto/bio/bss_null.c
index f93d471121..0791a2471a 100644
--- a/crypto/bio/bss_null.c
+++ b/crypto/bio/bss_null.c
@@ -1,5 +1,5 @@
 /* crypto/bio/bss_null.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -81,7 +81,8 @@ static int null_free();
 
 static BIO_METHOD null_method=
 	{
-	BIO_TYPE_NULL,"NULL",
+	BIO_TYPE_NULL,
+	"NULL",
 	null_write,
 	null_read,
 	null_puts,
diff --git a/crypto/bio/bss_rtcp.c b/crypto/bio/bss_rtcp.c
index cd48f7ce95..6eb434dee8 100644
--- a/crypto/bio/bss_rtcp.c
+++ b/crypto/bio/bss_rtcp.c
@@ -1,5 +1,5 @@
 /* crypto/bio/bss_rtcp.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -96,7 +96,8 @@ static int rtcp_free(BIO *data);
 
 static BIO_METHOD rtcp_method=
 	{
-	BIO_TYPE_FD,"RTCP",
+	BIO_TYPE_FD,
+	"RTCP",
 	rtcp_write,
 	rtcp_read,
 	rtcp_puts,
diff --git a/crypto/bio/bss_sock.c b/crypto/bio/bss_sock.c
index ac96027051..d907a2867b 100644
--- a/crypto/bio/bss_sock.c
+++ b/crypto/bio/bss_sock.c
@@ -1,5 +1,5 @@
 /* crypto/bio/bss_sock.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -107,7 +107,8 @@ int BIO_fd_should_retry();
 #ifndef BIO_FD
 static BIO_METHOD methods_sockp=
 	{
-	BIO_TYPE_SOCKET,"socket",
+	BIO_TYPE_SOCKET,
+	"socket",
 	sock_write,
 	sock_read,
 	sock_puts,
@@ -217,10 +218,11 @@ int outl;
 
 	if (out != NULL)
 		{
-		errno=0;
 #if defined(WINDOWS) && !defined(BIO_FD)
+		clear_socket_error();
 		ret=recv(b->num,out,outl,0);
 #else
+		clear_sys_error();
 		ret=read(b->num,out,outl);
 #endif
 		BIO_clear_retry_flags(b);
@@ -248,10 +250,11 @@ int inl;
 	{
 	int ret;
 	
-	errno=0;
 #if defined(WINDOWS) && !defined(BIO_FD)
+	clear_socket_error();
 	ret=send(b->num,in,inl,0);
 #else
+	clear_sys_error();
 	ret=write(b->num,in,inl);
 #endif
 	BIO_clear_retry_flags(b);
@@ -370,20 +373,25 @@ int BIO_fd_should_retry(i)
 #endif
 int i;
 	{
+	int err;
+
 	if ((i == 0) || (i == -1))
 		{
 #if !defined(BIO_FD) && defined(WINDOWS)
-		errno=WSAGetLastError();
+		err=get_last_socket_error();
+#else
+		err=get_last_sys_error();
 #endif
 
 #if defined(WINDOWS) /* more microsoft stupidity */
-		if ((i == -1) && (errno == 0))
+		if ((i == -1) && (err == 0))
 			return(1);
 #endif
+
 #ifndef BIO_FD
-		return(BIO_sock_non_fatal_error(errno));
+		return(BIO_sock_non_fatal_error(err));
 #else
-		return(BIO_fd_non_fatal_error(errno));
+		return(BIO_fd_non_fatal_error(err));
 #endif
 		}
 	return(0);
@@ -418,6 +426,10 @@ int err;
 # endif
 #endif
 
+#if defined(ENOTCONN)
+	case ENOTCONN:
+#endif
+
 #ifdef EINTR
 	case EINTR:
 #endif
diff --git a/crypto/bn/Makefile.ssl b/crypto/bn/Makefile.ssl
index cbddd4f3ea..9809d26cbc 100644
--- a/crypto/bn/Makefile.ssl
+++ b/crypto/bn/Makefile.ssl
@@ -11,9 +11,12 @@ INSTALLTOP=/usr/local/ssl
 MAKE=		make -f Makefile.ssl
 MAKEDEPEND=	makedepend -f Makefile.ssl
 MAKEFILE=	Makefile.ssl
-BN_MULW=	bn_mulw.o
 AR=		ar r
 
+BN_MULW=	bn_mulw.o
+# or use
+#BN_MULW=	bn86-elf.o
+
 CFLAGS= $(INCLUDES) $(CFLAG)
 
 ERR=bn
@@ -24,12 +27,14 @@ APPS=
 
 LIB=$(TOP)/libcrypto.a
 LIBSRC=	bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c \
-	bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c \
-	bn_gcd.c bn_prime.c $(ERRC).c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+	bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c \
+	bn_gcd.c bn_prime.c $(ERRC).c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c \
+	bn_mpi.c
 
 LIBOBJ=	bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o \
-	bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o \
-	bn_gcd.o bn_prime.o $(ERRC).o bn_sqr.o $(BN_MULW) bn_recp.o bn_mont.o
+	bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o bn_blind.o \
+	bn_gcd.o bn_prime.o $(ERRC).o bn_sqr.o $(BN_MULW) bn_recp.o bn_mont.o \
+	bn_mpi.o
 
 
 SRC= $(LIBSRC)
@@ -56,6 +61,27 @@ lib:	$(LIBOBJ)
 	sh $(TOP)/util/ranlib.sh $(LIB)
 	@touch lib
 
+# elf
+asm/bn86-elf.o: asm/bn86unix.cpp
+	$(CPP) -DELF asm/bn86unix.cpp | as -o asm/bn86-elf.o
+
+# solaris
+asm/bn86-sol.o: asm/bn86unix.cpp
+	$(CC) -E -DSOL asm/bn86unix.cpp | sed 's/^#.*//' > asm/bn86-sol.s
+	as -o asm/bn86-sol.o asm/bn86-sol.s
+	rm -f asm/bn86-sol.s
+
+# a.out
+asm/bn86-out.o: asm/bn86unix.cpp
+	$(CPP) -DOUT asm/bn86unix.cpp | as -o asm/bn86-out.o
+
+# bsdi
+asm/bn86bsdi.o: asm/bn86unix.cpp
+	$(CPP) -DBSDI asm/bn86unix.cpp | as -o asm/bn86bsdi.o
+
+asm/bn86unix.cpp:
+	(cd asm; perl bn-586.pl cpp >bn86unix.cpp )
+
 files:
 	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
@@ -102,6 +128,6 @@ clean:
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).org # special case .org
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/bn/asm/alpha.s b/crypto/bn/asm/alpha.s
index d56f715ecd..1d17b1d619 100644
--- a/crypto/bn/asm/alpha.s
+++ b/crypto/bn/asm/alpha.s
@@ -3,16 +3,15 @@
  # Thanks to tzeruch@ceddec.com for sending me the gcc output for
  # bn_div64.
 	.file	1 "bn_mulw.c"
-	.version	"01.01"
 	.set noat
 gcc2_compiled.:
 __gnu_compiled_c:
 	.text
 	.align 3
-	.globl bn_mul_add_word
-	.ent bn_mul_add_word
-bn_mul_add_word:
-bn_mul_add_word..ng:
+	.globl bn_mul_add_words
+	.ent bn_mul_add_words
+bn_mul_add_words:
+bn_mul_add_words..ng:
 	.frame $30,0,$26,0
 	.prologue 0
 	subq $18,2,$25	# num=-2
@@ -74,12 +73,12 @@ $42:
 	.align 4
 $43:
 	ret $31,($26),1
-	.end bn_mul_add_word
+	.end bn_mul_add_words
 	.align 3
-	.globl bn_mul_word
-	.ent bn_mul_word
-bn_mul_word:
-bn_mul_word..ng:
+	.globl bn_mul_words
+	.ent bn_mul_words
+bn_mul_words:
+bn_mul_words..ng:
 	.frame $30,0,$26,0
 	.prologue 0
 	subq $18,2,$25	# num=-2
@@ -125,7 +124,7 @@ $242:
 	stq $1,0($16)
 $243:
 	ret $31,($26),1
-	.end bn_mul_word
+	.end bn_mul_words
 	.align 3
 	.globl bn_sqr_words
 	.ent bn_sqr_words
@@ -173,6 +172,41 @@ $443:
 	ret $31,($26),1
 	.end bn_sqr_words
 
+	.align 3
+	.globl bn_add_words
+	.ent bn_add_words
+bn_add_words:
+bn_add_words..ng:
+	.frame $30,0,$26,0
+	.prologue 0
+
+	bis	$31,$31,$8	# carry = 0
+	ble	$19,$900
+$901:
+	ldq	$0,0($17)	# a[0]
+	ldq	$1,0($18)	# a[1]
+
+	addq	$0,$1,$3	# c=a+b;
+	 addq	$17,8,$17	# a++
+
+	cmpult	$3,$1,$7	# did we overflow?
+	 addq	$18,8,$18	# b++
+
+	addq	$8,$3,$3	# c+=carry
+
+	cmpult	$3,$8,$8	# did we overflow?
+	 stq	$3,($16)	# r[0]=c
+
+	addq	$7,$8,$8	# add into overflow
+	 subq	$19,1,$19	# loop--
+
+	addq	$16,8,$16	# r++
+	 bgt	$19,$901
+$900:
+	bis	$8,$8,$0	# return carry
+	ret $31,($26),1
+	.end bn_add_words
+
  #
  # What follows was taken directly from the C compiler with a few
  # hacks to redo the lables.
diff --git a/crypto/bn/asm/bn-586.pl b/crypto/bn/asm/bn-586.pl
new file mode 100644
index 0000000000..128f0f29d6
--- /dev/null
+++ b/crypto/bn/asm/bn-586.pl
@@ -0,0 +1,314 @@
+#!/usr/local/bin/perl
+#
+
+#!/usr/local/bin/perl
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"bn-586.pl");
+
+&bn_mul_add_words("bn_mul_add_words");
+&bn_mul_words("bn_mul_words");
+&bn_sqr_words("bn_sqr_words");
+&bn_div64("bn_div64");
+&bn_add_words("bn_add_words");
+
+&asm_finish();
+
+sub bn_mul_add_words
+	{
+	local($name)=@_;
+
+	&function_begin($name,"");
+
+	&comment("");
+	$Low="eax";
+	$High="edx";
+	$a="ebx";
+	$w="ebp";
+	$r="edi";
+	$c="esi";
+
+	&xor($c,$c);		# clear carry
+	&mov($r,&wparam(0));	#
+
+	&mov("ecx",&wparam(2));	#
+	&mov($a,&wparam(1));	#
+
+	&and("ecx",0xfffffff8);	# num / 8
+	&mov($w,&wparam(3));	#
+
+	&push("ecx");		# Up the stack for a tmp variable
+
+	&jz(&label("maw_finish"));
+
+	&set_label("maw_loop",0);
+
+	&mov(&swtmp(0),"ecx");	#
+
+	for ($i=0; $i<32; $i+=4)
+		{
+		&comment("Round $i");
+
+		 &mov("eax",&DWP($i,$a,"",0)); 	# *a
+		&mul($w);			# *a * w
+		&add("eax",$c);		# L(t)+= *r
+		 &mov($c,&DWP($i,$r,"",0));	# L(t)+= *r
+		&adc("edx",0);			# H(t)+=carry
+		 &add("eax",$c);		# L(t)+=c
+		&adc("edx",0);			# H(t)+=carry
+		 &mov(&DWP($i,$r,"",0),"eax");	# *r= L(t);
+		&mov($c,"edx");			# c=  H(t);
+		}
+
+	&comment("");
+	&mov("ecx",&swtmp(0));	#
+	&add($a,32);
+	&add($r,32);
+	&sub("ecx",8);
+	&jnz(&label("maw_loop"));
+
+	&set_label("maw_finish",0);
+	&mov("ecx",&wparam(2));	# get num
+	&and("ecx",7);
+	&jnz(&label("maw_finish2"));	# helps branch prediction
+	&jmp(&label("maw_end"));
+
+	&set_label("maw_finish2",1);
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		 &mov("eax",&DWP($i*4,$a,"",0));# *a
+		&mul($w);			# *a * w
+		&add("eax",$c);			# L(t)+=c
+		 &mov($c,&DWP($i*4,$r,"",0));	# L(t)+= *r
+		&adc("edx",0);			# H(t)+=carry
+		 &add("eax",$c);
+		&adc("edx",0);			# H(t)+=carry
+		 &dec("ecx") if ($i != 7-1);
+		&mov(&DWP($i*4,$r,"",0),"eax");	# *r= L(t);
+		 &mov($c,"edx");			# c=  H(t);
+		&jz(&label("maw_end")) if ($i != 7-1);
+		}
+	&set_label("maw_end",0);
+	&mov("eax",$c);
+
+	&pop("ecx");	# clear variable from
+
+	&function_end($name);
+	}
+
+sub bn_mul_words
+	{
+	local($name)=@_;
+
+	&function_begin($name,"");
+
+	&comment("");
+	$Low="eax";
+	$High="edx";
+	$a="ebx";
+	$w="ecx";
+	$r="edi";
+	$c="esi";
+	$num="ebp";
+
+	&xor($c,$c);		# clear carry
+	&mov($r,&wparam(0));	#
+	&mov($a,&wparam(1));	#
+	&mov($num,&wparam(2));	#
+	&mov($w,&wparam(3));	#
+
+	&and($num,0xfffffff8);	# num / 8
+	&jz(&label("mw_finish"));
+
+	&set_label("mw_loop",0);
+	for ($i=0; $i<32; $i+=4)
+		{
+		&comment("Round $i");
+
+		 &mov("eax",&DWP($i,$a,"",0)); 	# *a
+		&mul($w);			# *a * w
+		&add("eax",$c);			# L(t)+=c
+		 # XXX
+
+		&adc("edx",0);			# H(t)+=carry
+		 &mov(&DWP($i,$r,"",0),"eax");	# *r= L(t);
+
+		&mov($c,"edx");			# c=  H(t);
+		}
+
+	&comment("");
+	&add($a,32);
+	&add($r,32);
+	&sub($num,8);
+	&jz(&label("mw_finish"));
+	&jmp(&label("mw_loop"));
+
+	&set_label("mw_finish",0);
+	&mov($num,&wparam(2));	# get num
+	&and($num,7);
+	&jnz(&label("mw_finish2"));
+	&jmp(&label("mw_end"));
+
+	&set_label("mw_finish2",1);
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		 &mov("eax",&DWP($i*4,$a,"",0));# *a
+		&mul($w);			# *a * w
+		&add("eax",$c);			# L(t)+=c
+		 # XXX
+		&adc("edx",0);			# H(t)+=carry
+		 &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
+		&mov($c,"edx");			# c=  H(t);
+		 &dec($num) if ($i != 7-1);
+		&jz(&label("mw_end")) if ($i != 7-1);
+		}
+	&set_label("mw_end",0);
+	&mov("eax",$c);
+
+	&function_end($name);
+	}
+
+sub bn_sqr_words
+	{
+	local($name)=@_;
+
+	&function_begin($name,"");
+
+	&comment("");
+	$r="esi";
+	$a="edi";
+	$num="ebx";
+
+	&mov($r,&wparam(0));	#
+	&mov($a,&wparam(1));	#
+	&mov($num,&wparam(2));	#
+
+	&and($num,0xfffffff8);	# num / 8
+	&jz(&label("sw_finish"));
+
+	&set_label("sw_loop",0);
+	for ($i=0; $i<32; $i+=4)
+		{
+		&comment("Round $i");
+		&mov("eax",&DWP($i,$a,"",0)); 	# *a
+		 # XXX
+		&mul("eax");			# *a * *a
+		&mov(&DWP($i*2,$r,"",0),"eax");	#
+		 &mov(&DWP($i*2+4,$r,"",0),"edx");#
+		}
+
+	&comment("");
+	&add($a,32);
+	&add($r,64);
+	&sub($num,8);
+	&jnz(&label("sw_loop"));
+
+	&set_label("sw_finish",0);
+	&mov($num,&wparam(2));	# get num
+	&and($num,7);
+	&jz(&label("sw_end"));
+
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		&mov("eax",&DWP($i*4,$a,"",0));	# *a
+		 # XXX
+		&mul("eax");			# *a * *a
+		&mov(&DWP($i*8,$r,"",0),"eax");	#
+		 &dec($num) if ($i != 7-1);
+		&mov(&DWP($i*8+4,$r,"",0),"edx");
+		 &jz(&label("sw_end")) if ($i != 7-1);
+		}
+	&set_label("sw_end",0);
+
+	&function_end($name);
+	}
+
+sub bn_div64
+	{
+	local($name)=@_;
+
+	&function_begin($name,"");
+	&mov("edx",&wparam(0));	#
+	&mov("eax",&wparam(1));	#
+	&mov("ebx",&wparam(2));	#
+	&div("ebx");
+	&function_end($name);
+	}
+
+sub bn_add_words
+	{
+	local($name)=@_;
+
+	&function_begin($name,"");
+
+	&comment("");
+	$a="esi";
+	$b="edi";
+	$c="eax";
+	$r="ebx";
+	$tmp1="ecx";
+	$tmp2="edx";
+	$num="ebp";
+
+	&mov($r,&wparam(0));	# get r
+	 &mov($a,&wparam(1));	# get a
+	&mov($b,&wparam(2));	# get b
+	 &mov($num,&wparam(3));	# get num
+	&xor($c,$c);		# clear carry
+	 &and($num,0xfffffff8);	# num / 8
+
+	&jz(&label("aw_finish"));
+
+	&set_label("aw_loop",0);
+	for ($i=0; $i<8; $i++)
+		{
+		&comment("Round $i");
+
+		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
+		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
+		&add($tmp1,$c);
+		 &mov($c,0);
+		&adc($c,$c);
+		 &add($tmp1,$tmp2);
+		&adc($c,0);
+		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
+		}
+
+	&comment("");
+	&add($a,32);
+	 &add($b,32);
+	&add($r,32);
+	 &sub($num,8);
+	&jnz(&label("aw_loop"));
+
+	&set_label("aw_finish",0);
+	&mov($num,&wparam(3));	# get num
+	&and($num,7);
+	 &jz(&label("aw_end"));
+
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		&mov($tmp1,&DWP($i*4,$a,"",0));	# *a
+		 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
+		&add($tmp1,$c);
+		 &mov($c,0);
+		&adc($c,$c);
+		 &add($tmp1,$tmp2);
+		&adc($c,0);
+		 &dec($num) if ($i != 6);
+		&mov(&DWP($i*4,$r,"",0),$tmp1);	# *a
+		 &jz(&label("aw_end")) if ($i != 6);
+		}
+	&set_label("aw_end",0);
+
+	&mov("eax",$c);
+
+	&function_end($name);
+	}
+
diff --git a/crypto/bn/asm/bn-win32.asm b/crypto/bn/asm/bn-win32.asm
new file mode 100644
index 0000000000..017ea462b0
--- /dev/null
+++ b/crypto/bn/asm/bn-win32.asm
@@ -0,0 +1,689 @@
+	; Don't even think of reading this code
+	; It was automatically generated by bn-586.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, BSDI,Win32, or Solaris
+	; eric <eay@cryptsoft.com>
+	; 
+	TITLE	bn-586.asm
+        .386
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_bn_mul_add_words
+
+_bn_mul_add_words PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	; 
+	xor	esi,		esi
+	mov	edi,		DWORD PTR 20[esp]
+	mov	ecx,		DWORD PTR 28[esp]
+	mov	ebx,		DWORD PTR 24[esp]
+	and	ecx,		4294967288
+	mov	ebp,		DWORD PTR 32[esp]
+	push	ecx
+	jz	$L000maw_finish
+L001maw_loop:
+	mov	DWORD PTR [esp],ecx
+	; Round 0
+	mov	eax,		DWORD PTR [ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR [edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR [edi],eax
+	mov	esi,		edx
+	; Round 4
+	mov	eax,		DWORD PTR 4[ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR 4[edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 4[edi],eax
+	mov	esi,		edx
+	; Round 8
+	mov	eax,		DWORD PTR 8[ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR 8[edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 8[edi],eax
+	mov	esi,		edx
+	; Round 12
+	mov	eax,		DWORD PTR 12[ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR 12[edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 12[edi],eax
+	mov	esi,		edx
+	; Round 16
+	mov	eax,		DWORD PTR 16[ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR 16[edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 16[edi],eax
+	mov	esi,		edx
+	; Round 20
+	mov	eax,		DWORD PTR 20[ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR 20[edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 20[edi],eax
+	mov	esi,		edx
+	; Round 24
+	mov	eax,		DWORD PTR 24[ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR 24[edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 24[edi],eax
+	mov	esi,		edx
+	; Round 28
+	mov	eax,		DWORD PTR 28[ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR 28[edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 28[edi],eax
+	mov	esi,		edx
+	; 
+	mov	ecx,		DWORD PTR [esp]
+	add	ebx,		32
+	add	edi,		32
+	sub	ecx,		8
+	jnz	L001maw_loop
+$L000maw_finish:
+	mov	ecx,		DWORD PTR 32[esp]
+	and	ecx,		7
+	jnz	$L002maw_finish2
+	jmp	$L003maw_end
+$L002maw_finish2:
+	; Tail Round 0
+	mov	eax,		DWORD PTR [ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR [edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	dec	ecx
+	mov	DWORD PTR [edi],eax
+	mov	esi,		edx
+	jz	$L003maw_end
+	; Tail Round 1
+	mov	eax,		DWORD PTR 4[ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR 4[edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	dec	ecx
+	mov	DWORD PTR 4[edi],eax
+	mov	esi,		edx
+	jz	$L003maw_end
+	; Tail Round 2
+	mov	eax,		DWORD PTR 8[ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR 8[edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	dec	ecx
+	mov	DWORD PTR 8[edi],eax
+	mov	esi,		edx
+	jz	$L003maw_end
+	; Tail Round 3
+	mov	eax,		DWORD PTR 12[ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR 12[edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	dec	ecx
+	mov	DWORD PTR 12[edi],eax
+	mov	esi,		edx
+	jz	$L003maw_end
+	; Tail Round 4
+	mov	eax,		DWORD PTR 16[ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR 16[edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	dec	ecx
+	mov	DWORD PTR 16[edi],eax
+	mov	esi,		edx
+	jz	$L003maw_end
+	; Tail Round 5
+	mov	eax,		DWORD PTR 20[ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR 20[edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	dec	ecx
+	mov	DWORD PTR 20[edi],eax
+	mov	esi,		edx
+	jz	$L003maw_end
+	; Tail Round 6
+	mov	eax,		DWORD PTR 24[ebx]
+	mul	ebp
+	add	eax,		esi
+	mov	esi,		DWORD PTR 24[edi]
+	adc	edx,		0
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 24[edi],eax
+	mov	esi,		edx
+$L003maw_end:
+	mov	eax,		esi
+	pop	ecx
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_bn_mul_add_words ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_bn_mul_words
+
+_bn_mul_words PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	; 
+	xor	esi,		esi
+	mov	edi,		DWORD PTR 20[esp]
+	mov	ebx,		DWORD PTR 24[esp]
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	ecx,		DWORD PTR 32[esp]
+	and	ebp,		4294967288
+	jz	$L004mw_finish
+L005mw_loop:
+	; Round 0
+	mov	eax,		DWORD PTR [ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR [edi],eax
+	mov	esi,		edx
+	; Round 4
+	mov	eax,		DWORD PTR 4[ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 4[edi],eax
+	mov	esi,		edx
+	; Round 8
+	mov	eax,		DWORD PTR 8[ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 8[edi],eax
+	mov	esi,		edx
+	; Round 12
+	mov	eax,		DWORD PTR 12[ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 12[edi],eax
+	mov	esi,		edx
+	; Round 16
+	mov	eax,		DWORD PTR 16[ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 16[edi],eax
+	mov	esi,		edx
+	; Round 20
+	mov	eax,		DWORD PTR 20[ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 20[edi],eax
+	mov	esi,		edx
+	; Round 24
+	mov	eax,		DWORD PTR 24[ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 24[edi],eax
+	mov	esi,		edx
+	; Round 28
+	mov	eax,		DWORD PTR 28[ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 28[edi],eax
+	mov	esi,		edx
+	; 
+	add	ebx,		32
+	add	edi,		32
+	sub	ebp,		8
+	jz	$L004mw_finish
+	jmp	L005mw_loop
+$L004mw_finish:
+	mov	ebp,		DWORD PTR 28[esp]
+	and	ebp,		7
+	jnz	$L006mw_finish2
+	jmp	$L007mw_end
+$L006mw_finish2:
+	; Tail Round 0
+	mov	eax,		DWORD PTR [ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR [edi],eax
+	mov	esi,		edx
+	dec	ebp
+	jz	$L007mw_end
+	; Tail Round 1
+	mov	eax,		DWORD PTR 4[ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 4[edi],eax
+	mov	esi,		edx
+	dec	ebp
+	jz	$L007mw_end
+	; Tail Round 2
+	mov	eax,		DWORD PTR 8[ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 8[edi],eax
+	mov	esi,		edx
+	dec	ebp
+	jz	$L007mw_end
+	; Tail Round 3
+	mov	eax,		DWORD PTR 12[ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 12[edi],eax
+	mov	esi,		edx
+	dec	ebp
+	jz	$L007mw_end
+	; Tail Round 4
+	mov	eax,		DWORD PTR 16[ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 16[edi],eax
+	mov	esi,		edx
+	dec	ebp
+	jz	$L007mw_end
+	; Tail Round 5
+	mov	eax,		DWORD PTR 20[ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 20[edi],eax
+	mov	esi,		edx
+	dec	ebp
+	jz	$L007mw_end
+	; Tail Round 6
+	mov	eax,		DWORD PTR 24[ebx]
+	mul	ecx
+	add	eax,		esi
+	adc	edx,		0
+	mov	DWORD PTR 24[edi],eax
+	mov	esi,		edx
+$L007mw_end:
+	mov	eax,		esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_bn_mul_words ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_bn_sqr_words
+
+_bn_sqr_words PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	; 
+	mov	esi,		DWORD PTR 20[esp]
+	mov	edi,		DWORD PTR 24[esp]
+	mov	ebx,		DWORD PTR 28[esp]
+	and	ebx,		4294967288
+	jz	$L008sw_finish
+L009sw_loop:
+	; Round 0
+	mov	eax,		DWORD PTR [edi]
+	mul	eax
+	mov	DWORD PTR [esi],eax
+	mov	DWORD PTR 4[esi],edx
+	; Round 4
+	mov	eax,		DWORD PTR 4[edi]
+	mul	eax
+	mov	DWORD PTR 8[esi],eax
+	mov	DWORD PTR 12[esi],edx
+	; Round 8
+	mov	eax,		DWORD PTR 8[edi]
+	mul	eax
+	mov	DWORD PTR 16[esi],eax
+	mov	DWORD PTR 20[esi],edx
+	; Round 12
+	mov	eax,		DWORD PTR 12[edi]
+	mul	eax
+	mov	DWORD PTR 24[esi],eax
+	mov	DWORD PTR 28[esi],edx
+	; Round 16
+	mov	eax,		DWORD PTR 16[edi]
+	mul	eax
+	mov	DWORD PTR 32[esi],eax
+	mov	DWORD PTR 36[esi],edx
+	; Round 20
+	mov	eax,		DWORD PTR 20[edi]
+	mul	eax
+	mov	DWORD PTR 40[esi],eax
+	mov	DWORD PTR 44[esi],edx
+	; Round 24
+	mov	eax,		DWORD PTR 24[edi]
+	mul	eax
+	mov	DWORD PTR 48[esi],eax
+	mov	DWORD PTR 52[esi],edx
+	; Round 28
+	mov	eax,		DWORD PTR 28[edi]
+	mul	eax
+	mov	DWORD PTR 56[esi],eax
+	mov	DWORD PTR 60[esi],edx
+	; 
+	add	edi,		32
+	add	esi,		64
+	sub	ebx,		8
+	jnz	L009sw_loop
+$L008sw_finish:
+	mov	ebx,		DWORD PTR 28[esp]
+	and	ebx,		7
+	jz	$L010sw_end
+	; Tail Round 0
+	mov	eax,		DWORD PTR [edi]
+	mul	eax
+	mov	DWORD PTR [esi],eax
+	dec	ebx
+	mov	DWORD PTR 4[esi],edx
+	jz	$L010sw_end
+	; Tail Round 1
+	mov	eax,		DWORD PTR 4[edi]
+	mul	eax
+	mov	DWORD PTR 8[esi],eax
+	dec	ebx
+	mov	DWORD PTR 12[esi],edx
+	jz	$L010sw_end
+	; Tail Round 2
+	mov	eax,		DWORD PTR 8[edi]
+	mul	eax
+	mov	DWORD PTR 16[esi],eax
+	dec	ebx
+	mov	DWORD PTR 20[esi],edx
+	jz	$L010sw_end
+	; Tail Round 3
+	mov	eax,		DWORD PTR 12[edi]
+	mul	eax
+	mov	DWORD PTR 24[esi],eax
+	dec	ebx
+	mov	DWORD PTR 28[esi],edx
+	jz	$L010sw_end
+	; Tail Round 4
+	mov	eax,		DWORD PTR 16[edi]
+	mul	eax
+	mov	DWORD PTR 32[esi],eax
+	dec	ebx
+	mov	DWORD PTR 36[esi],edx
+	jz	$L010sw_end
+	; Tail Round 5
+	mov	eax,		DWORD PTR 20[edi]
+	mul	eax
+	mov	DWORD PTR 40[esi],eax
+	dec	ebx
+	mov	DWORD PTR 44[esi],edx
+	jz	$L010sw_end
+	; Tail Round 6
+	mov	eax,		DWORD PTR 24[edi]
+	mul	eax
+	mov	DWORD PTR 48[esi],eax
+	mov	DWORD PTR 52[esi],edx
+$L010sw_end:
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_bn_sqr_words ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_bn_div64
+
+_bn_div64 PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	mov	edx,		DWORD PTR 20[esp]
+	mov	eax,		DWORD PTR 24[esp]
+	mov	ebx,		DWORD PTR 28[esp]
+	div	ebx
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_bn_div64 ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_bn_add_words
+
+_bn_add_words PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	; 
+	mov	ebx,		DWORD PTR 20[esp]
+	mov	esi,		DWORD PTR 24[esp]
+	mov	edi,		DWORD PTR 28[esp]
+	mov	ebp,		DWORD PTR 32[esp]
+	xor	eax,		eax
+	and	ebp,		4294967288
+	jz	$L011aw_finish
+L012aw_loop:
+	; Round 0
+	mov	ecx,		DWORD PTR [esi]
+	mov	edx,		DWORD PTR [edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	mov	DWORD PTR [ebx],ecx
+	; Round 1
+	mov	ecx,		DWORD PTR 4[esi]
+	mov	edx,		DWORD PTR 4[edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	mov	DWORD PTR 4[ebx],ecx
+	; Round 2
+	mov	ecx,		DWORD PTR 8[esi]
+	mov	edx,		DWORD PTR 8[edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	mov	DWORD PTR 8[ebx],ecx
+	; Round 3
+	mov	ecx,		DWORD PTR 12[esi]
+	mov	edx,		DWORD PTR 12[edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	mov	DWORD PTR 12[ebx],ecx
+	; Round 4
+	mov	ecx,		DWORD PTR 16[esi]
+	mov	edx,		DWORD PTR 16[edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	mov	DWORD PTR 16[ebx],ecx
+	; Round 5
+	mov	ecx,		DWORD PTR 20[esi]
+	mov	edx,		DWORD PTR 20[edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	mov	DWORD PTR 20[ebx],ecx
+	; Round 6
+	mov	ecx,		DWORD PTR 24[esi]
+	mov	edx,		DWORD PTR 24[edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	mov	DWORD PTR 24[ebx],ecx
+	; Round 7
+	mov	ecx,		DWORD PTR 28[esi]
+	mov	edx,		DWORD PTR 28[edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	mov	DWORD PTR 28[ebx],ecx
+	; 
+	add	esi,		32
+	add	edi,		32
+	add	ebx,		32
+	sub	ebp,		8
+	jnz	L012aw_loop
+$L011aw_finish:
+	mov	ebp,		DWORD PTR 32[esp]
+	and	ebp,		7
+	jz	$L013aw_end
+	; Tail Round 0
+	mov	ecx,		DWORD PTR [esi]
+	mov	edx,		DWORD PTR [edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	dec	ebp
+	mov	DWORD PTR [ebx],ecx
+	jz	$L013aw_end
+	; Tail Round 1
+	mov	ecx,		DWORD PTR 4[esi]
+	mov	edx,		DWORD PTR 4[edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	dec	ebp
+	mov	DWORD PTR 4[ebx],ecx
+	jz	$L013aw_end
+	; Tail Round 2
+	mov	ecx,		DWORD PTR 8[esi]
+	mov	edx,		DWORD PTR 8[edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	dec	ebp
+	mov	DWORD PTR 8[ebx],ecx
+	jz	$L013aw_end
+	; Tail Round 3
+	mov	ecx,		DWORD PTR 12[esi]
+	mov	edx,		DWORD PTR 12[edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	dec	ebp
+	mov	DWORD PTR 12[ebx],ecx
+	jz	$L013aw_end
+	; Tail Round 4
+	mov	ecx,		DWORD PTR 16[esi]
+	mov	edx,		DWORD PTR 16[edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	dec	ebp
+	mov	DWORD PTR 16[ebx],ecx
+	jz	$L013aw_end
+	; Tail Round 5
+	mov	ecx,		DWORD PTR 20[esi]
+	mov	edx,		DWORD PTR 20[edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	dec	ebp
+	mov	DWORD PTR 20[ebx],ecx
+	jz	$L013aw_end
+	; Tail Round 6
+	mov	ecx,		DWORD PTR 24[esi]
+	mov	edx,		DWORD PTR 24[edi]
+	add	ecx,		eax
+	mov	eax,		0
+	adc	eax,		eax
+	add	ecx,		edx
+	adc	eax,		0
+	mov	DWORD PTR 24[ebx],ecx
+$L013aw_end:
+	mov	eax,		eax
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_bn_add_words ENDP
+_TEXT	ENDS
+END
diff --git a/crypto/bn/asm/bn86unix.cpp b/crypto/bn/asm/bn86unix.cpp
new file mode 100644
index 0000000000..64702201ea
--- /dev/null
+++ b/crypto/bn/asm/bn86unix.cpp
@@ -0,0 +1,752 @@
+/* Run the C pre-processor over this file with one of the following defined
+ * ELF - elf object files,
+ * OUT - a.out object files,
+ * BSDI - BSDI style a.out object files
+ * SOL - Solaris style elf
+ */
+
+#define TYPE(a,b)       .type   a,b
+#define SIZE(a,b)       .size   a,b
+
+#if defined(OUT) || defined(BSDI)
+#define bn_mul_add_words _bn_mul_add_words
+#define bn_mul_words _bn_mul_words
+#define bn_sqr_words _bn_sqr_words
+#define bn_div64 _bn_div64
+#define bn_add_words _bn_add_words
+
+#endif
+
+#ifdef OUT
+#define OK	1
+#define ALIGN	4
+#endif
+
+#ifdef BSDI
+#define OK              1
+#define ALIGN           4
+#undef SIZE
+#undef TYPE
+#define SIZE(a,b)
+#define TYPE(a,b)
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK              1
+#define ALIGN           16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+/* Let the Assembler begin :-) */
+	/* Don't even think of reading this code */
+	/* It was automatically generated by bn-586.pl */
+	/* Which is a perl program used to generate the x86 assember for */
+	/* any of elf, a.out, BSDI,Win32, or Solaris */
+	/* eric <eay@cryptsoft.com> */
+
+	.file	"bn-586.s"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align ALIGN
+.globl bn_mul_add_words
+	TYPE(bn_mul_add_words,@function)
+bn_mul_add_words:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+
+
+	xorl	%esi,		%esi
+	movl	20(%esp),	%edi
+	movl	28(%esp),	%ecx
+	movl	24(%esp),	%ebx
+	andl	$4294967288,	%ecx
+	movl	32(%esp),	%ebp
+	pushl	%ecx
+	jz	.L000maw_finish
+.L001maw_loop:
+	movl	%ecx,		(%esp)
+	/* Round 0 */
+	movl	(%ebx),		%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	(%edi),		%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		(%edi)
+	movl	%edx,		%esi
+	/* Round 4 */
+	movl	4(%ebx),	%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	4(%edi),	%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		4(%edi)
+	movl	%edx,		%esi
+	/* Round 8 */
+	movl	8(%ebx),	%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	8(%edi),	%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		8(%edi)
+	movl	%edx,		%esi
+	/* Round 12 */
+	movl	12(%ebx),	%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	12(%edi),	%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		12(%edi)
+	movl	%edx,		%esi
+	/* Round 16 */
+	movl	16(%ebx),	%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	16(%edi),	%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		16(%edi)
+	movl	%edx,		%esi
+	/* Round 20 */
+	movl	20(%ebx),	%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	20(%edi),	%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		20(%edi)
+	movl	%edx,		%esi
+	/* Round 24 */
+	movl	24(%ebx),	%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	24(%edi),	%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		24(%edi)
+	movl	%edx,		%esi
+	/* Round 28 */
+	movl	28(%ebx),	%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	28(%edi),	%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		28(%edi)
+	movl	%edx,		%esi
+
+	movl	(%esp),		%ecx
+	addl	$32,		%ebx
+	addl	$32,		%edi
+	subl	$8,		%ecx
+	jnz	.L001maw_loop
+.L000maw_finish:
+	movl	32(%esp),	%ecx
+	andl	$7,		%ecx
+	jnz	.L002maw_finish2
+	jmp	.L003maw_end
+.align ALIGN
+.L002maw_finish2:
+	/* Tail Round 0 */
+	movl	(%ebx),		%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	(%edi),		%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	decl	%ecx
+	movl	%eax,		(%edi)
+	movl	%edx,		%esi
+	jz	.L003maw_end
+	/* Tail Round 1 */
+	movl	4(%ebx),	%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	4(%edi),	%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	decl	%ecx
+	movl	%eax,		4(%edi)
+	movl	%edx,		%esi
+	jz	.L003maw_end
+	/* Tail Round 2 */
+	movl	8(%ebx),	%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	8(%edi),	%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	decl	%ecx
+	movl	%eax,		8(%edi)
+	movl	%edx,		%esi
+	jz	.L003maw_end
+	/* Tail Round 3 */
+	movl	12(%ebx),	%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	12(%edi),	%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	decl	%ecx
+	movl	%eax,		12(%edi)
+	movl	%edx,		%esi
+	jz	.L003maw_end
+	/* Tail Round 4 */
+	movl	16(%ebx),	%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	16(%edi),	%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	decl	%ecx
+	movl	%eax,		16(%edi)
+	movl	%edx,		%esi
+	jz	.L003maw_end
+	/* Tail Round 5 */
+	movl	20(%ebx),	%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	20(%edi),	%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	decl	%ecx
+	movl	%eax,		20(%edi)
+	movl	%edx,		%esi
+	jz	.L003maw_end
+	/* Tail Round 6 */
+	movl	24(%ebx),	%eax
+	mull	%ebp
+	addl	%esi,		%eax
+	movl	24(%edi),	%esi
+	adcl	$0,		%edx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		24(%edi)
+	movl	%edx,		%esi
+.L003maw_end:
+	movl	%esi,		%eax
+	popl	%ecx
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.bn_mul_add_words_end:
+	SIZE(bn_mul_add_words,.bn_mul_add_words_end-bn_mul_add_words)
+.ident	"bn_mul_add_words"
+.text
+	.align ALIGN
+.globl bn_mul_words
+	TYPE(bn_mul_words,@function)
+bn_mul_words:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+
+
+	xorl	%esi,		%esi
+	movl	20(%esp),	%edi
+	movl	24(%esp),	%ebx
+	movl	28(%esp),	%ebp
+	movl	32(%esp),	%ecx
+	andl	$4294967288,	%ebp
+	jz	.L004mw_finish
+.L005mw_loop:
+	/* Round 0 */
+	movl	(%ebx),		%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		(%edi)
+	movl	%edx,		%esi
+	/* Round 4 */
+	movl	4(%ebx),	%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		4(%edi)
+	movl	%edx,		%esi
+	/* Round 8 */
+	movl	8(%ebx),	%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		8(%edi)
+	movl	%edx,		%esi
+	/* Round 12 */
+	movl	12(%ebx),	%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		12(%edi)
+	movl	%edx,		%esi
+	/* Round 16 */
+	movl	16(%ebx),	%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		16(%edi)
+	movl	%edx,		%esi
+	/* Round 20 */
+	movl	20(%ebx),	%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		20(%edi)
+	movl	%edx,		%esi
+	/* Round 24 */
+	movl	24(%ebx),	%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		24(%edi)
+	movl	%edx,		%esi
+	/* Round 28 */
+	movl	28(%ebx),	%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		28(%edi)
+	movl	%edx,		%esi
+
+	addl	$32,		%ebx
+	addl	$32,		%edi
+	subl	$8,		%ebp
+	jz	.L004mw_finish
+	jmp	.L005mw_loop
+.L004mw_finish:
+	movl	28(%esp),	%ebp
+	andl	$7,		%ebp
+	jnz	.L006mw_finish2
+	jmp	.L007mw_end
+.align ALIGN
+.L006mw_finish2:
+	/* Tail Round 0 */
+	movl	(%ebx),		%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		(%edi)
+	movl	%edx,		%esi
+	decl	%ebp
+	jz	.L007mw_end
+	/* Tail Round 1 */
+	movl	4(%ebx),	%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		4(%edi)
+	movl	%edx,		%esi
+	decl	%ebp
+	jz	.L007mw_end
+	/* Tail Round 2 */
+	movl	8(%ebx),	%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		8(%edi)
+	movl	%edx,		%esi
+	decl	%ebp
+	jz	.L007mw_end
+	/* Tail Round 3 */
+	movl	12(%ebx),	%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		12(%edi)
+	movl	%edx,		%esi
+	decl	%ebp
+	jz	.L007mw_end
+	/* Tail Round 4 */
+	movl	16(%ebx),	%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		16(%edi)
+	movl	%edx,		%esi
+	decl	%ebp
+	jz	.L007mw_end
+	/* Tail Round 5 */
+	movl	20(%ebx),	%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		20(%edi)
+	movl	%edx,		%esi
+	decl	%ebp
+	jz	.L007mw_end
+	/* Tail Round 6 */
+	movl	24(%ebx),	%eax
+	mull	%ecx
+	addl	%esi,		%eax
+	adcl	$0,		%edx
+	movl	%eax,		24(%edi)
+	movl	%edx,		%esi
+.L007mw_end:
+	movl	%esi,		%eax
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.bn_mul_words_end:
+	SIZE(bn_mul_words,.bn_mul_words_end-bn_mul_words)
+.ident	"bn_mul_words"
+.text
+	.align ALIGN
+.globl bn_sqr_words
+	TYPE(bn_sqr_words,@function)
+bn_sqr_words:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+
+
+	movl	20(%esp),	%esi
+	movl	24(%esp),	%edi
+	movl	28(%esp),	%ebx
+	andl	$4294967288,	%ebx
+	jz	.L008sw_finish
+.L009sw_loop:
+	/* Round 0 */
+	movl	(%edi),		%eax
+	mull	%eax
+	movl	%eax,		(%esi)
+	movl	%edx,		4(%esi)
+	/* Round 4 */
+	movl	4(%edi),	%eax
+	mull	%eax
+	movl	%eax,		8(%esi)
+	movl	%edx,		12(%esi)
+	/* Round 8 */
+	movl	8(%edi),	%eax
+	mull	%eax
+	movl	%eax,		16(%esi)
+	movl	%edx,		20(%esi)
+	/* Round 12 */
+	movl	12(%edi),	%eax
+	mull	%eax
+	movl	%eax,		24(%esi)
+	movl	%edx,		28(%esi)
+	/* Round 16 */
+	movl	16(%edi),	%eax
+	mull	%eax
+	movl	%eax,		32(%esi)
+	movl	%edx,		36(%esi)
+	/* Round 20 */
+	movl	20(%edi),	%eax
+	mull	%eax
+	movl	%eax,		40(%esi)
+	movl	%edx,		44(%esi)
+	/* Round 24 */
+	movl	24(%edi),	%eax
+	mull	%eax
+	movl	%eax,		48(%esi)
+	movl	%edx,		52(%esi)
+	/* Round 28 */
+	movl	28(%edi),	%eax
+	mull	%eax
+	movl	%eax,		56(%esi)
+	movl	%edx,		60(%esi)
+
+	addl	$32,		%edi
+	addl	$64,		%esi
+	subl	$8,		%ebx
+	jnz	.L009sw_loop
+.L008sw_finish:
+	movl	28(%esp),	%ebx
+	andl	$7,		%ebx
+	jz	.L010sw_end
+	/* Tail Round 0 */
+	movl	(%edi),		%eax
+	mull	%eax
+	movl	%eax,		(%esi)
+	decl	%ebx
+	movl	%edx,		4(%esi)
+	jz	.L010sw_end
+	/* Tail Round 1 */
+	movl	4(%edi),	%eax
+	mull	%eax
+	movl	%eax,		8(%esi)
+	decl	%ebx
+	movl	%edx,		12(%esi)
+	jz	.L010sw_end
+	/* Tail Round 2 */
+	movl	8(%edi),	%eax
+	mull	%eax
+	movl	%eax,		16(%esi)
+	decl	%ebx
+	movl	%edx,		20(%esi)
+	jz	.L010sw_end
+	/* Tail Round 3 */
+	movl	12(%edi),	%eax
+	mull	%eax
+	movl	%eax,		24(%esi)
+	decl	%ebx
+	movl	%edx,		28(%esi)
+	jz	.L010sw_end
+	/* Tail Round 4 */
+	movl	16(%edi),	%eax
+	mull	%eax
+	movl	%eax,		32(%esi)
+	decl	%ebx
+	movl	%edx,		36(%esi)
+	jz	.L010sw_end
+	/* Tail Round 5 */
+	movl	20(%edi),	%eax
+	mull	%eax
+	movl	%eax,		40(%esi)
+	decl	%ebx
+	movl	%edx,		44(%esi)
+	jz	.L010sw_end
+	/* Tail Round 6 */
+	movl	24(%edi),	%eax
+	mull	%eax
+	movl	%eax,		48(%esi)
+	movl	%edx,		52(%esi)
+.L010sw_end:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.bn_sqr_words_end:
+	SIZE(bn_sqr_words,.bn_sqr_words_end-bn_sqr_words)
+.ident	"bn_sqr_words"
+.text
+	.align ALIGN
+.globl bn_div64
+	TYPE(bn_div64,@function)
+bn_div64:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+
+	movl	20(%esp),	%edx
+	movl	24(%esp),	%eax
+	movl	28(%esp),	%ebx
+	divl	%ebx
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.bn_div64_end:
+	SIZE(bn_div64,.bn_div64_end-bn_div64)
+.ident	"bn_div64"
+.text
+	.align ALIGN
+.globl bn_add_words
+	TYPE(bn_add_words,@function)
+bn_add_words:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+
+
+	movl	20(%esp),	%ebx
+	movl	24(%esp),	%esi
+	movl	28(%esp),	%edi
+	movl	32(%esp),	%ebp
+	xorl	%eax,		%eax
+	andl	$4294967288,	%ebp
+	jz	.L011aw_finish
+.L012aw_loop:
+	/* Round 0 */
+	movl	(%esi),		%ecx
+	movl	(%edi),		%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	movl	%ecx,		(%ebx)
+	/* Round 1 */
+	movl	4(%esi),	%ecx
+	movl	4(%edi),	%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	movl	%ecx,		4(%ebx)
+	/* Round 2 */
+	movl	8(%esi),	%ecx
+	movl	8(%edi),	%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	movl	%ecx,		8(%ebx)
+	/* Round 3 */
+	movl	12(%esi),	%ecx
+	movl	12(%edi),	%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	movl	%ecx,		12(%ebx)
+	/* Round 4 */
+	movl	16(%esi),	%ecx
+	movl	16(%edi),	%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	movl	%ecx,		16(%ebx)
+	/* Round 5 */
+	movl	20(%esi),	%ecx
+	movl	20(%edi),	%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	movl	%ecx,		20(%ebx)
+	/* Round 6 */
+	movl	24(%esi),	%ecx
+	movl	24(%edi),	%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	movl	%ecx,		24(%ebx)
+	/* Round 7 */
+	movl	28(%esi),	%ecx
+	movl	28(%edi),	%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	movl	%ecx,		28(%ebx)
+
+	addl	$32,		%esi
+	addl	$32,		%edi
+	addl	$32,		%ebx
+	subl	$8,		%ebp
+	jnz	.L012aw_loop
+.L011aw_finish:
+	movl	32(%esp),	%ebp
+	andl	$7,		%ebp
+	jz	.L013aw_end
+	/* Tail Round 0 */
+	movl	(%esi),		%ecx
+	movl	(%edi),		%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	decl	%ebp
+	movl	%ecx,		(%ebx)
+	jz	.L013aw_end
+	/* Tail Round 1 */
+	movl	4(%esi),	%ecx
+	movl	4(%edi),	%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	decl	%ebp
+	movl	%ecx,		4(%ebx)
+	jz	.L013aw_end
+	/* Tail Round 2 */
+	movl	8(%esi),	%ecx
+	movl	8(%edi),	%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	decl	%ebp
+	movl	%ecx,		8(%ebx)
+	jz	.L013aw_end
+	/* Tail Round 3 */
+	movl	12(%esi),	%ecx
+	movl	12(%edi),	%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	decl	%ebp
+	movl	%ecx,		12(%ebx)
+	jz	.L013aw_end
+	/* Tail Round 4 */
+	movl	16(%esi),	%ecx
+	movl	16(%edi),	%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	decl	%ebp
+	movl	%ecx,		16(%ebx)
+	jz	.L013aw_end
+	/* Tail Round 5 */
+	movl	20(%esi),	%ecx
+	movl	20(%edi),	%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	decl	%ebp
+	movl	%ecx,		20(%ebx)
+	jz	.L013aw_end
+	/* Tail Round 6 */
+	movl	24(%esi),	%ecx
+	movl	24(%edi),	%edx
+	addl	%eax,		%ecx
+	movl	$0,		%eax
+	adcl	%eax,		%eax
+	addl	%edx,		%ecx
+	adcl	$0,		%eax
+	movl	%ecx,		24(%ebx)
+.L013aw_end:
+	movl	%eax,		%eax
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.bn_add_words_end:
+	SIZE(bn_add_words,.bn_add_words_end-bn_add_words)
+.ident	"bn_add_words"
diff --git a/crypto/bn/asm/pa-risc.s b/crypto/bn/asm/pa-risc.s
index c49c433a83..775130a191 100644
--- a/crypto/bn/asm/pa-risc.s
+++ b/crypto/bn/asm/pa-risc.s
@@ -11,8 +11,8 @@
 	.SUBSPA $CODE$
 
 	.align 4
-	.EXPORT bn_mul_add_word,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
-bn_mul_add_word
+	.EXPORT bn_mul_add_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_add_words
 	.PROC
 	.CALLINFO FRAME=0,CALLS,SAVE_RP
 	.ENTRY
@@ -219,8 +219,8 @@ L$0003
 	.EXIT
 	.PROCEND
 	.align 4
-	.EXPORT bn_mul_word,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
-bn_mul_word
+	.EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_words
 	.PROC
 	.CALLINFO FRAME=0,CALLS,SAVE_RP
 	.ENTRY
diff --git a/crypto/bn/asm/pa-risc2.s b/crypto/bn/asm/pa-risc2.s
index 5e07b7d2e8..c2725996a4 100644
--- a/crypto/bn/asm/pa-risc2.s
+++ b/crypto/bn/asm/pa-risc2.s
@@ -11,8 +11,8 @@
 	.SUBSPA $CODE$
 
 	.align 4
-	.EXPORT bn_mul_add_word,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
-bn_mul_add_word
+	.EXPORT bn_mul_add_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_add_words
 	.PROC
 	.CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=4
 	.ENTRY
@@ -117,8 +117,8 @@ L$0011
 	.EXIT
 	.PROCEND
 	.align 4
-	.EXPORT bn_mul_word,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
-bn_mul_word
+	.EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_words
 	.PROC
 	.CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=3
 	.ENTRY
diff --git a/crypto/bn/asm/r3000.s b/crypto/bn/asm/r3000.s
index 5be2a0d0e6..e95269afa3 100644
--- a/crypto/bn/asm/r3000.s
+++ b/crypto/bn/asm/r3000.s
@@ -55,9 +55,9 @@ __gnu_compiled_c:
 	.byte	0x0
 	.text
 	.align	2
-	.globl	bn_mul_add_word
-	.ent	bn_mul_add_word
-bn_mul_add_word:
+	.globl	bn_mul_add_words
+	.ent	bn_mul_add_words
+bn_mul_add_words:
 	.frame	$sp,0,$31		# vars= 0, regs= 0/0, args= 0, extra= 0
 	.mask	0x00000000,0
 	.fmask	0x00000000,0
@@ -206,11 +206,11 @@ $L3:
 	.set	macro
 	.set	reorder
 
-	.end	bn_mul_add_word
+	.end	bn_mul_add_words
 	.align	2
-	.globl	bn_mul_word
-	.ent	bn_mul_word
-bn_mul_word:
+	.globl	bn_mul_words
+	.ent	bn_mul_words
+bn_mul_words:
 	.frame	$sp,0,$31		# vars= 0, regs= 0/0, args= 0, extra= 0
 	.mask	0x00000000,0
 	.fmask	0x00000000,0
@@ -334,7 +334,7 @@ $L11:
 	.set	macro
 	.set	reorder
 
-	.end	bn_mul_word
+	.end	bn_mul_words
 	.align	2
 	.globl	bn_sqr_words
 	.ent	bn_sqr_words
diff --git a/crypto/bn/asm/sparc.s b/crypto/bn/asm/sparc.s
index 37c5fb194e..f9e533caa8 100644
--- a/crypto/bn/asm/sparc.s
+++ b/crypto/bn/asm/sparc.s
@@ -2,10 +2,10 @@
 gcc2_compiled.:
 .section	".text"
 	.align 4
-	.global bn_mul_add_word
-	.type	 bn_mul_add_word,#function
+	.global bn_mul_add_words
+	.type	 bn_mul_add_words,#function
 	.proc	016
-bn_mul_add_word:
+bn_mul_add_words:
 	!#PROLOGUE# 0
 	save %sp,-112,%sp
 	!#PROLOGUE# 1
@@ -98,12 +98,12 @@ bn_mul_add_word:
 	ret
 	restore %g0,%i4,%o0
 .LLfe1:
-	.size	 bn_mul_add_word,.LLfe1-bn_mul_add_word
+	.size	 bn_mul_add_words,.LLfe1-bn_mul_add_words
 	.align 4
-	.global bn_mul_word
-	.type	 bn_mul_word,#function
+	.global bn_mul_words
+	.type	 bn_mul_words,#function
 	.proc	016
-bn_mul_word:
+bn_mul_words:
 	!#PROLOGUE# 0
 	save %sp,-112,%sp
 	!#PROLOGUE# 1
@@ -176,7 +176,7 @@ bn_mul_word:
 	ret
 	restore
 .LLfe2:
-	.size	 bn_mul_word,.LLfe2-bn_mul_word
+	.size	 bn_mul_words,.LLfe2-bn_mul_words
 	.align 4
 	.global bn_sqr_words
 	.type	 bn_sqr_words,#function
@@ -234,10 +234,113 @@ bn_sqr_words:
 	nop
 .LLfe3:
 	.size	 bn_sqr_words,.LLfe3-bn_sqr_words
+	.align 4
+	.global bn_add_words
+	.type	 bn_add_words,#function
+	.proc	016
+bn_add_words:
+	!#PROLOGUE# 0
+	save %sp,-112,%sp
+	!#PROLOGUE# 1
+	mov %i0,%o2
+	mov %i1,%o3
+	mov %i2,%o4
+	mov %i3,%i5
+	mov 0,%o0
+	mov 0,%o1
+	add %o2,12,%o7
+	add %o4,12,%g4
+	b .LL42
+	add %o3,12,%g1
+.LL45:
+	add %i5,-1,%i5
+	mov %i4,%g3
+	ld [%g4-8],%i4
+	mov 0,%g2
+	mov %i4,%i1
+	mov 0,%i0
+	addcc %g3,%i1,%g3
+	addx %g2,%i0,%g2
+	addcc %o1,%g3,%o1
+	addx %o0,%g2,%o0
+	st %o1,[%o7-8]
+	mov %o0,%i3
+	mov 0,%i2
+	mov %i2,%o0
+	mov %i3,%o1
+	cmp %i5,0
+	ble .LL43
+	add %i5,-1,%i5
+	ld [%g1-4],%i4
+	mov %i4,%g3
+	ld [%g4-4],%i4
+	mov 0,%g2
+	mov %i4,%i1
+	mov 0,%i0
+	addcc %g3,%i1,%g3
+	addx %g2,%i0,%g2
+	addcc %o1,%g3,%o1
+	addx %o0,%g2,%o0
+	st %o1,[%o7-4]
+	mov %o0,%i3
+	mov 0,%i2
+	mov %i2,%o0
+	mov %i3,%o1
+	cmp %i5,0
+	ble .LL43
+	add %i5,-1,%i5
+	ld [%g1],%i4
+	mov %i4,%g3
+	ld [%g4],%i4
+	mov 0,%g2
+	mov %i4,%i1
+	mov 0,%i0
+	addcc %g3,%i1,%g3
+	addx %g2,%i0,%g2
+	addcc %o1,%g3,%o1
+	addx %o0,%g2,%o0
+	st %o1,[%o7]
+	mov %o0,%i3
+	mov 0,%i2
+	mov %i2,%o0
+	mov %i3,%o1
+	cmp %i5,0
+	ble .LL43
+	add %g1,16,%g1
+	add %o3,16,%o3
+	add %g4,16,%g4
+	add %o4,16,%o4
+	add %o7,16,%o7
+	add %o2,16,%o2
+.LL42:
+	ld [%o3],%i4
+	add %i5,-1,%i5
+	mov %i4,%g3
+	ld [%o4],%i4
+	mov 0,%g2
+	mov %i4,%i1
+	mov 0,%i0
+	addcc %g3,%i1,%g3
+	addx %g2,%i0,%g2
+	addcc %o1,%g3,%o1
+	addx %o0,%g2,%o0
+	st %o1,[%o2]
+	mov %o0,%i3
+	mov 0,%i2
+	mov %i2,%o0
+	mov %i3,%o1
+	cmp %i5,0
+	bg,a .LL45
+	ld [%g1-8],%i4
+.LL43:
+	ret
+	restore %g0,%o1,%o0
+.LLfe4:
+	.size	 bn_add_words,.LLfe4-bn_add_words
 .section	".rodata"
 	.align 8
 .LLC0:
-	.asciz	"Division would overflow\n"
+	.asciz	"Division would overflow (%d)\n"
 .section	".text"
 	.align 4
 	.global bn_div64
@@ -249,20 +352,20 @@ bn_div64:
 	!#PROLOGUE# 1
 	mov 0,%l1
 	cmp %i2,0
-	bne .LL42
+	bne .LL51
 	mov 2,%l0
-	b .LL59
+	b .LL68
 	mov -1,%i0
-.LL42:
+.LL51:
 	call BN_num_bits_word,0
 	mov %i2,%o0
 	mov %o0,%o2
 	cmp %o2,32
-	be .LL43
+	be .LL52
 	mov 1,%o0
 	sll %o0,%o2,%o0
 	cmp %i0,%o0
-	bleu .LL60
+	bleu .LL69
 	mov 32,%o0
 	sethi %hi(__iob+32),%o0
 	or %o0,%lo(__iob+32),%o0
@@ -271,89 +374,89 @@ bn_div64:
 	or %o1,%lo(.LLC0),%o1
 	call abort,0
 	nop
-.LL43:
+.LL52:
 	mov 32,%o0
-.LL60:
+.LL69:
 	cmp %i0,%i2
-	blu .LL44
+	blu .LL53
 	sub %o0,%o2,%o2
 	sub %i0,%i2,%i0
-.LL44:
+.LL53:
 	cmp %o2,0
-	be .LL45
-	sethi %hi(-65536),%o7
-	sll %i2,%o2,%i2
+	be .LL54
 	sll %i0,%o2,%o1
+	sll %i2,%o2,%i2
 	sub %o0,%o2,%o0
 	srl %i1,%o0,%o0
 	or %o1,%o0,%i0
 	sll %i1,%o2,%i1
-.LL45:
+.LL54:
 	srl %i2,16,%g2
 	sethi %hi(65535),%o0
 	or %o0,%lo(65535),%o1
 	and %i2,%o1,%g3
 	mov %o0,%g4
+	sethi %hi(-65536),%o7
 	mov %o1,%g1
-.LL46:
+.LL55:
 	srl %i0,16,%o0
 	cmp %o0,%g2
-	be .LL50
+	be .LL59
 	or %g4,%lo(65535),%o3
 	wr %g0,%g0,%y
 	nop
 	nop
 	nop
 	udiv %i0,%g2,%o3
-.LL50:
+.LL59:
 	and %i1,%o7,%o0
 	srl %o0,16,%o5
 	smul %o3,%g3,%o4
 	smul %o3,%g2,%o2
-.LL51:
+.LL60:
 	sub %i0,%o2,%o1
 	andcc %o1,%o7,%g0
-	bne .LL52
+	bne .LL61
 	sll %o1,16,%o0
 	add %o0,%o5,%o0
 	cmp %o4,%o0
-	bleu .LL52
+	bleu .LL61
 	sub %o4,%g3,%o4
 	sub %o2,%g2,%o2
-	b .LL51
+	b .LL60
 	add %o3,-1,%o3
-.LL52:
+.LL61:
 	smul %o3,%g2,%o2
 	smul %o3,%g3,%o0
 	srl %o0,16,%o1
 	sll %o0,16,%o0
 	and %o0,%o7,%o0
 	cmp %i1,%o0
-	bgeu .LL56
+	bgeu .LL65
 	add %o2,%o1,%o2
 	add %o2,1,%o2
-.LL56:
+.LL65:
 	cmp %i0,%o2
-	bgeu .LL57
+	bgeu .LL66
 	sub %i1,%o0,%i1
 	add %i0,%i2,%i0
 	add %o3,-1,%o3
-.LL57:
+.LL66:
 	addcc %l0,-1,%l0
-	be .LL47
+	be .LL56
 	sub %i0,%o2,%i0
 	sll %o3,16,%l1
 	sll %i0,16,%o0
 	srl %i1,16,%o1
 	or %o0,%o1,%i0
 	and %i1,%g1,%o0
-	b .LL46
+	b .LL55
 	sll %o0,16,%i1
-.LL47:
+.LL56:
 	or %l1,%o3,%i0
-.LL59:
+.LL68:
 	ret
 	restore
-.LLfe4:
-	.size	 bn_div64,.LLfe4-bn_div64
-	.ident	"GCC: (GNU) 2.7.0"
+.LLfe5:
+	.size	 bn_div64,.LLfe5-bn_div64
+	.ident	"GCC: (GNU) 2.7.2.3"
diff --git a/crypto/bn/asm/x86w16.asm b/crypto/bn/asm/x86w16.asm
index 66874913e9..74a933a8cd 100644
--- a/crypto/bn/asm/x86w16.asm
+++ b/crypto/bn/asm/x86w16.asm
@@ -14,8 +14,8 @@ DGROUP	GROUP	CONST, _BSS, _DATA
 	ASSUME DS: DGROUP, SS: DGROUP
 F_TEXT      SEGMENT
 	ASSUME	CS: F_TEXT
-	PUBLIC	_bn_mul_add_word
-_bn_mul_add_word	PROC FAR
+	PUBLIC	_bn_mul_add_words
+_bn_mul_add_words	PROC FAR
 ; Line 58
 	push	bp
 	push	bx
@@ -133,9 +133,9 @@ $L547:
 	ret	
 	nop	
 
-_bn_mul_add_word	ENDP
-	PUBLIC	_bn_mul_word
-_bn_mul_word	PROC FAR
+_bn_mul_add_words	ENDP
+	PUBLIC	_bn_mul_words
+_bn_mul_words	PROC FAR
 ; Line 76
 	push	bp
 	push	bx
@@ -202,7 +202,7 @@ $L764:
 	pop	bp
 	ret	
 	nop	
-_bn_mul_word	ENDP
+_bn_mul_words	ENDP
 	PUBLIC	_bn_sqr_words
 _bn_sqr_words	PROC FAR
 ; Line 92
diff --git a/crypto/bn/asm/x86w32.asm b/crypto/bn/asm/x86w32.asm
index 0e4452dfa9..fc6f917714 100644
--- a/crypto/bn/asm/x86w32.asm
+++ b/crypto/bn/asm/x86w32.asm
@@ -14,8 +14,8 @@ DGROUP	GROUP	CONST, _BSS, _DATA
 	ASSUME DS: DGROUP, SS: DGROUP
 F_TEXT      SEGMENT
 	ASSUME	CS: F_TEXT
-	PUBLIC	_bn_mul_add_word
-_bn_mul_add_word	PROC FAR
+	PUBLIC	_bn_mul_add_words
+_bn_mul_add_words	PROC FAR
 ; Line 58
 	push	bp
 	push	bx
@@ -133,10 +133,10 @@ $L547:
 	pop	bp
 	ret	
 	nop	
+_bn_mul_add_words	ENDP
 
-_bn_mul_add_word	ENDP
-	PUBLIC	_bn_mul_word
-_bn_mul_word	PROC FAR
+	PUBLIC	_bn_mul_words
+_bn_mul_words	PROC FAR
 ; Line 76
 	push	bp
 	push	bx
@@ -206,7 +206,7 @@ $L764:
 	pop	bp
 	ret	
 	nop	
-_bn_mul_word	ENDP
+_bn_mul_words	ENDP
 	PUBLIC	_bn_sqr_words
 _bn_sqr_words	PROC FAR
 ; Line 92
@@ -285,8 +285,8 @@ $L645:
 	pop	bx
 	pop	bp
 	ret	
-
 _bn_sqr_words	ENDP
+
 	PUBLIC	_bn_div64
 _bn_div64	PROC FAR
 	push	bp
@@ -299,5 +299,64 @@ _bn_div64	PROC FAR
 	pop	bp
 	ret	
 _bn_div64	ENDP
+
+	PUBLIC	_bn_add_words
+_bn_add_words	PROC FAR
+; Line 58
+	push	bp
+	push	bx
+	push	esi
+	push	di
+	push	ds
+	push	es
+	mov	bp,sp
+;	w = 28
+;	num = 26
+;	ap = 22
+;	rp = 18
+	xor	esi,esi			;c=0;
+	mov	si,WORD PTR [bp+22]	; load a
+	mov	es,WORD PTR [bp+24]	; load a
+	mov	di,WORD PTR [bp+26]	; load b
+	mov	ds,WORD PTR [bp+28]	; load b
+
+	mov	dx,WORD PTR [bp+30]	; load num
+	dec	dx
+	js	$L547
+	xor	ecx,ecx
+
+$L5477:
+	xor	ebx,ebx
+	mov	eax,DWORD PTR es:[si]	; *a
+	add	eax,ecx
+	adc	ebx,0
+	add	si,4			; a++
+	add	eax,DWORD PTR ds:[di]	; + *b
+	mov	ecx,ebx
+	adc	ecx,0
+	add	di,4
+	mov	bx,WORD PTR [bp+18]
+	mov	ds,WORD PTR [bp+20]
+	mov	DWORD PTR ds:[bx],eax
+	add	bx,4
+	mov	ds,WORD PTR [bp+28]
+	mov	WORD PTR [bp+18],bx
+	dec	dx
+	js	$L547			; Note that we are now testing for -1
+	jmp	$L5477
+	;
+$L547:
+	mov	eax,ecx
+	mov	edx,ecx
+	shr	edx,16
+	pop	es
+	pop	ds
+	pop	di
+	pop	esi
+	pop	bx
+	pop	bp
+	ret	
+	nop	
+_bn_add_words	ENDP
 F_TEXT	ENDS
 END
diff --git a/crypto/bn/bn.err b/crypto/bn/bn.err
index 5fe4b6dbf6..7ccc247c41 100644
--- a/crypto/bn/bn.err
+++ b/crypto/bn/bn.err
@@ -1,20 +1,27 @@
 /* Error codes for the BN functions. */
 
 /* Function codes. */
-#define BN_F_BN_BL_CTX_INIT				 100
-#define BN_F_BN_BL_CTX_NEW				 101
-#define BN_F_BN_BN2ASCII				 102
-#define BN_F_BN_CTX_NEW					 103
-#define BN_F_BN_DIV					 104
-#define BN_F_BN_EXPAND2					 105
-#define BN_F_BN_MOD_EXP_MONT				 106
-#define BN_F_BN_MOD_INVERSE				 107
-#define BN_F_BN_MOD_MUL_RECIPROCAL			 108
-#define BN_F_BN_NEW					 109
-#define BN_F_BN_RAND					 110
+#define BN_F_BN_BLINDING_CONVERT			 100
+#define BN_F_BN_BLINDING_INVERT				 101
+#define BN_F_BN_BLINDING_NEW				 102
+#define BN_F_BN_BLINDING_UPDATE				 103
+#define BN_F_BN_BN2DEC					 104
+#define BN_F_BN_BN2HEX					 105
+#define BN_F_BN_CTX_NEW					 106
+#define BN_F_BN_DIV					 107
+#define BN_F_BN_EXPAND2					 108
+#define BN_F_BN_MOD_EXP_MONT				 109
+#define BN_F_BN_MOD_INVERSE				 110
+#define BN_F_BN_MOD_MUL_RECIPROCAL			 111
+#define BN_F_BN_MPI2BN					 112
+#define BN_F_BN_NEW					 113
+#define BN_F_BN_RAND					 114
 
 /* Reason codes. */
 #define BN_R_BAD_RECIPROCAL				 100
 #define BN_R_CALLED_WITH_EVEN_MODULUS			 101
 #define BN_R_DIV_BY_ZERO				 102
-#define BN_R_NO_INVERSE					 103
+#define BN_R_ENCODING_ERROR				 103
+#define BN_R_INVALID_LENGTH				 104
+#define BN_R_NOT_INITALISED				 105
+#define BN_R_NO_INVERSE					 106
diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h
index 9326f4df50..66dde285d6 100644
--- a/crypto/bn/bn.h
+++ b/crypto/bn/bn.h
@@ -121,6 +121,10 @@ extern "C" {
 #define BN_MASK2h	(0xffffffff00000000L)
 #define BN_MASK2h1	(0xffffffff80000000L)
 #define BN_TBIT		(0x8000000000000000L)
+#define BN_DEC_CONV	(10000000000000000000L)
+#define BN_DEC_FMT1	"%lu"
+#define BN_DEC_FMT2	"%019lu"
+#define BN_DEC_NUM	19
 #endif
 
 #ifdef SIXTY_FOUR_BIT
@@ -137,6 +141,10 @@ extern "C" {
 #define BN_MASK2h	(0xffffffff00000000LL)
 #define BN_MASK2h1	(0xffffffff80000000LL)
 #define BN_TBIT		(0x8000000000000000LL)
+#define BN_DEC_CONV	(10000000000000000000L)
+#define BN_DEC_FMT1	"%lu"
+#define BN_DEC_FMT2	"%019lu"
+#define BN_DEC_NUM	19
 #endif
 
 #ifdef THIRTY_TWO_BIT
@@ -156,6 +164,10 @@ extern "C" {
 #define BN_MASK2h1	(0xffff8000L)
 #define BN_MASK2h	(0xffff0000L)
 #define BN_TBIT		(0x80000000L)
+#define BN_DEC_CONV	(1000000000L)
+#define BN_DEC_FMT1	"%lu"
+#define BN_DEC_FMT2	"%09lu"
+#define BN_DEC_NUM	9
 #endif
 
 #ifdef SIXTEEN_BIT
@@ -174,6 +186,10 @@ extern "C" {
 #define BN_MASK2h1	(0xff80)
 #define BN_MASK2h	(0xff00)
 #define BN_TBIT		(0x8000)
+#define BN_DEC_CONV	(100000)
+#define BN_DEC_FMT1	"%u"
+#define BN_DEC_FMT2	"%05u"
+#define BN_DEC_NUM	5
 #endif
 
 #ifdef EIGHT_BIT
@@ -192,6 +208,10 @@ extern "C" {
 #define BN_MASK2h1	(0xf8)
 #define BN_MASK2h	(0xf0)
 #define BN_TBIT		(0x80)
+#define BN_DEC_CONV	(100)
+#define BN_DEC_FMT1	"%u"
+#define BN_DEC_FMT2	"%02u"
+#define BN_DEC_NUM	2
 #endif
 
 #define BN_DEFAULT_BITS	1280
@@ -217,6 +237,14 @@ typedef struct bignum_ctx
 	BIGNUM *bn[BN_CTX_NUM+1];
 	} BN_CTX;
 
+typedef struct bn_blinding_st
+	{
+	int init;
+	BIGNUM *A;
+	BIGNUM *Ai;
+	BIGNUM *mod; /* just a reference */
+	} BN_BLINDING;
+
 /* Used for montgomery multiplication */
 typedef struct bn_mont_ctx_st
         {
@@ -241,6 +269,9 @@ typedef struct bn_mont_ctx_st
 #define BN_one(a)	(BN_set_word((a),1))
 #define BN_zero(a)	(BN_set_word((a),0))
 
+#define BN_ascii2bn(a)	BN_hex2bn(a)
+#define BN_bn2ascii(a)	BN_bn2hex(a)
+
 #define bn_fix_top(a) \
 	{ \
 	BN_ULONG *fix_top_l; \
@@ -248,7 +279,9 @@ typedef struct bn_mont_ctx_st
 		if (*(fix_top_l--)) break; \
 	}
 
-#define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?(n):bn_expand2((n),(b)))
+#define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?\
+	(n):bn_expand2((n),(b)/BN_BITS2))
+#define bn_wexpand(n,b) (((b) <= (n)->max)?(n):bn_expand2((n),(b)))
 
 
 #ifndef NOPROTO
@@ -264,6 +297,8 @@ void	BN_clear_free(BIGNUM *a);
 BIGNUM *BN_copy(BIGNUM *a, BIGNUM *b);
 BIGNUM *BN_bin2bn(unsigned char *s,int len,BIGNUM *ret);
 int	BN_bn2bin(BIGNUM *a, unsigned char *to);
+BIGNUM *BN_mpi2bn(unsigned char *s,int len,BIGNUM *ret);
+int	BN_bn2mpi(BIGNUM *a, unsigned char *to);
 int	BN_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
 void	bn_qsub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
 void	bn_qadd(BIGNUM *r, BIGNUM *a, BIGNUM *b);
@@ -274,7 +309,9 @@ int	BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b);
 int	BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx);
 BN_ULONG BN_mod_word(BIGNUM *a, unsigned long w);
 BN_ULONG BN_div_word(BIGNUM *a, unsigned long w);
+int	BN_mul_word(BIGNUM *a, unsigned long w);
 int	BN_add_word(BIGNUM *a, unsigned long w);
+int	BN_sub_word(BIGNUM *a, unsigned long w);
 int	BN_set_word(BIGNUM *a, unsigned long w);
 unsigned long BN_get_word(BIGNUM *a);
 int	BN_cmp(BIGNUM *a, BIGNUM *b);
@@ -282,8 +319,10 @@ void	BN_free(BIGNUM *a);
 int	BN_is_bit_set(BIGNUM *a, int n);
 int	BN_lshift(BIGNUM *r, BIGNUM *a, int n);
 int	BN_lshift1(BIGNUM *r, BIGNUM *a);
+int	BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p,BN_CTX *ctx);
 int	BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
-int	BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+int	BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx,
+		BN_MONT_CTX *m_ctx);
 int	BN_mod_exp_recp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
 int	BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p,
 	BIGNUM *m,BN_CTX *ctx);
@@ -309,20 +348,23 @@ BIGNUM *BN_dup(BIGNUM *a);
 int	BN_ucmp(BIGNUM *a, BIGNUM *b);
 int	BN_set_bit(BIGNUM *a, int n);
 int	BN_clear_bit(BIGNUM *a, int n);
-char *	BN_bn2ascii(BIGNUM *a);
-int 	BN_ascii2bn(BIGNUM **a,char *str);
+char *	BN_bn2hex(BIGNUM *a);
+char *	BN_bn2dec(BIGNUM *a);
+int 	BN_hex2bn(BIGNUM **a,char *str);
+int 	BN_dec2bn(BIGNUM **a,char *str);
 int	BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx);
 BIGNUM *BN_mod_inverse(BIGNUM *a, BIGNUM *n,BN_CTX *ctx);
 BIGNUM *BN_generate_prime(int bits,int strong,BIGNUM *add,
-		BIGNUM *rem,void (*callback)(int,int));
-int	BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(int,int),
-		BN_CTX *ctx);
+		BIGNUM *rem,void (*callback)(int,int,char *),char *cb_arg);
+int	BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(int,int,char *),
+		BN_CTX *ctx,char *cb_arg);
 void	ERR_load_BN_strings(void );
 
-BN_ULONG bn_mul_add_word(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
-BN_ULONG bn_mul_word(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
 void     bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num);
 BN_ULONG bn_div64(BN_ULONG h, BN_ULONG l, BN_ULONG d);
+BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
 
 BN_MONT_CTX *BN_MONT_CTX_new(void );
 int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont,
@@ -331,6 +373,12 @@ int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx);
 void BN_MONT_CTX_free(BN_MONT_CTX *mont);
 int BN_MONT_CTX_set(BN_MONT_CTX *mont,BIGNUM *modulus,BN_CTX *ctx);
 
+BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod);
+void BN_BLINDING_free(BN_BLINDING *b);
+int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
+int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *r, BN_CTX *ctx);
+int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+
 #else
 
 BIGNUM *BN_value_one();
@@ -345,6 +393,8 @@ void	BN_clear_free();
 BIGNUM *BN_copy();
 BIGNUM *BN_bin2bn();
 int	BN_bn2bin();
+BIGNUM *BN_mpi2bn();
+int	BN_bn2mpi();
 int	BN_sub();
 void	bn_qsub();
 void	bn_qadd();
@@ -356,6 +406,8 @@ int	BN_sqr();
 BN_ULONG BN_mod_word();
 BN_ULONG BN_div_word();
 int	BN_add_word();
+int	BN_sub_word();
+int	BN_mul_word();
 int	BN_set_word();
 unsigned long BN_get_word();
 int	BN_cmp();
@@ -363,6 +415,7 @@ void	BN_free();
 int	BN_is_bit_set();
 int	BN_lshift();
 int	BN_lshift1();
+int	BN_exp();
 int	BN_mod_exp();
 int	BN_mod_exp_mont();
 int	BN_mod_exp_recp();
@@ -383,18 +436,21 @@ BIGNUM *BN_dup();
 int	BN_ucmp();
 int	BN_set_bit();
 int	BN_clear_bit();
-char *	BN_bn2ascii();
-int 	BN_ascii2bn();
+char *	BN_bn2hex();
+char *	BN_bn2dec();
+int 	BN_hex2bn();
+int 	BN_dec2bn();
 int	BN_gcd();
 BIGNUM *BN_mod_inverse();
 BIGNUM *BN_generate_prime();
 int	BN_is_prime();
 void	ERR_load_BN_strings();
 
-BN_ULONG bn_mul_add_word();
-BN_ULONG bn_mul_word();
+BN_ULONG bn_mul_add_words();
+BN_ULONG bn_mul_words();
 void     bn_sqr_words();
 BN_ULONG bn_div64();
+BN_ULONG bn_add_words();
 
 int BN_mod_mul_montgomery();
 int BN_from_montgomery();
@@ -402,29 +458,42 @@ BN_MONT_CTX *BN_MONT_CTX_new();
 void BN_MONT_CTX_free();
 int BN_MONT_CTX_set();
 
+BN_BLINDING *BN_BLINDING_new();
+void BN_BLINDING_free();
+int BN_BLINDING_update();
+int BN_BLINDING_convert();
+int BN_BLINDING_invert();
+
 #endif
 
 /* BEGIN ERROR CODES */
 /* Error codes for the BN functions. */
 
 /* Function codes. */
-#define BN_F_BN_BL_CTX_INIT				 100
-#define BN_F_BN_BL_CTX_NEW				 101
-#define BN_F_BN_BN2ASCII				 102
-#define BN_F_BN_CTX_NEW					 103
-#define BN_F_BN_DIV					 104
-#define BN_F_BN_EXPAND2					 105
-#define BN_F_BN_MOD_EXP_MONT				 106
-#define BN_F_BN_MOD_INVERSE				 107
-#define BN_F_BN_MOD_MUL_RECIPROCAL			 108
-#define BN_F_BN_NEW					 109
-#define BN_F_BN_RAND					 110
+#define BN_F_BN_BLINDING_CONVERT			 100
+#define BN_F_BN_BLINDING_INVERT				 101
+#define BN_F_BN_BLINDING_NEW				 102
+#define BN_F_BN_BLINDING_UPDATE				 103
+#define BN_F_BN_BN2DEC					 104
+#define BN_F_BN_BN2HEX					 105
+#define BN_F_BN_CTX_NEW					 106
+#define BN_F_BN_DIV					 107
+#define BN_F_BN_EXPAND2					 108
+#define BN_F_BN_MOD_EXP_MONT				 109
+#define BN_F_BN_MOD_INVERSE				 110
+#define BN_F_BN_MOD_MUL_RECIPROCAL			 111
+#define BN_F_BN_MPI2BN					 112
+#define BN_F_BN_NEW					 113
+#define BN_F_BN_RAND					 114
 
 /* Reason codes. */
 #define BN_R_BAD_RECIPROCAL				 100
 #define BN_R_CALLED_WITH_EVEN_MODULUS			 101
 #define BN_R_DIV_BY_ZERO				 102
-#define BN_R_NO_INVERSE					 103
+#define BN_R_ENCODING_ERROR				 103
+#define BN_R_INVALID_LENGTH				 104
+#define BN_R_NOT_INITALISED				 105
+#define BN_R_NO_INVERSE					 106
  
 #ifdef  __cplusplus
 }
diff --git a/crypto/bn/bn.org b/crypto/bn/bn.org
index 9326f4df50..66dde285d6 100644
--- a/crypto/bn/bn.org
+++ b/crypto/bn/bn.org
@@ -121,6 +121,10 @@ extern "C" {
 #define BN_MASK2h	(0xffffffff00000000L)
 #define BN_MASK2h1	(0xffffffff80000000L)
 #define BN_TBIT		(0x8000000000000000L)
+#define BN_DEC_CONV	(10000000000000000000L)
+#define BN_DEC_FMT1	"%lu"
+#define BN_DEC_FMT2	"%019lu"
+#define BN_DEC_NUM	19
 #endif
 
 #ifdef SIXTY_FOUR_BIT
@@ -137,6 +141,10 @@ extern "C" {
 #define BN_MASK2h	(0xffffffff00000000LL)
 #define BN_MASK2h1	(0xffffffff80000000LL)
 #define BN_TBIT		(0x8000000000000000LL)
+#define BN_DEC_CONV	(10000000000000000000L)
+#define BN_DEC_FMT1	"%lu"
+#define BN_DEC_FMT2	"%019lu"
+#define BN_DEC_NUM	19
 #endif
 
 #ifdef THIRTY_TWO_BIT
@@ -156,6 +164,10 @@ extern "C" {
 #define BN_MASK2h1	(0xffff8000L)
 #define BN_MASK2h	(0xffff0000L)
 #define BN_TBIT		(0x80000000L)
+#define BN_DEC_CONV	(1000000000L)
+#define BN_DEC_FMT1	"%lu"
+#define BN_DEC_FMT2	"%09lu"
+#define BN_DEC_NUM	9
 #endif
 
 #ifdef SIXTEEN_BIT
@@ -174,6 +186,10 @@ extern "C" {
 #define BN_MASK2h1	(0xff80)
 #define BN_MASK2h	(0xff00)
 #define BN_TBIT		(0x8000)
+#define BN_DEC_CONV	(100000)
+#define BN_DEC_FMT1	"%u"
+#define BN_DEC_FMT2	"%05u"
+#define BN_DEC_NUM	5
 #endif
 
 #ifdef EIGHT_BIT
@@ -192,6 +208,10 @@ extern "C" {
 #define BN_MASK2h1	(0xf8)
 #define BN_MASK2h	(0xf0)
 #define BN_TBIT		(0x80)
+#define BN_DEC_CONV	(100)
+#define BN_DEC_FMT1	"%u"
+#define BN_DEC_FMT2	"%02u"
+#define BN_DEC_NUM	2
 #endif
 
 #define BN_DEFAULT_BITS	1280
@@ -217,6 +237,14 @@ typedef struct bignum_ctx
 	BIGNUM *bn[BN_CTX_NUM+1];
 	} BN_CTX;
 
+typedef struct bn_blinding_st
+	{
+	int init;
+	BIGNUM *A;
+	BIGNUM *Ai;
+	BIGNUM *mod; /* just a reference */
+	} BN_BLINDING;
+
 /* Used for montgomery multiplication */
 typedef struct bn_mont_ctx_st
         {
@@ -241,6 +269,9 @@ typedef struct bn_mont_ctx_st
 #define BN_one(a)	(BN_set_word((a),1))
 #define BN_zero(a)	(BN_set_word((a),0))
 
+#define BN_ascii2bn(a)	BN_hex2bn(a)
+#define BN_bn2ascii(a)	BN_bn2hex(a)
+
 #define bn_fix_top(a) \
 	{ \
 	BN_ULONG *fix_top_l; \
@@ -248,7 +279,9 @@ typedef struct bn_mont_ctx_st
 		if (*(fix_top_l--)) break; \
 	}
 
-#define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?(n):bn_expand2((n),(b)))
+#define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?\
+	(n):bn_expand2((n),(b)/BN_BITS2))
+#define bn_wexpand(n,b) (((b) <= (n)->max)?(n):bn_expand2((n),(b)))
 
 
 #ifndef NOPROTO
@@ -264,6 +297,8 @@ void	BN_clear_free(BIGNUM *a);
 BIGNUM *BN_copy(BIGNUM *a, BIGNUM *b);
 BIGNUM *BN_bin2bn(unsigned char *s,int len,BIGNUM *ret);
 int	BN_bn2bin(BIGNUM *a, unsigned char *to);
+BIGNUM *BN_mpi2bn(unsigned char *s,int len,BIGNUM *ret);
+int	BN_bn2mpi(BIGNUM *a, unsigned char *to);
 int	BN_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
 void	bn_qsub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
 void	bn_qadd(BIGNUM *r, BIGNUM *a, BIGNUM *b);
@@ -274,7 +309,9 @@ int	BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b);
 int	BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx);
 BN_ULONG BN_mod_word(BIGNUM *a, unsigned long w);
 BN_ULONG BN_div_word(BIGNUM *a, unsigned long w);
+int	BN_mul_word(BIGNUM *a, unsigned long w);
 int	BN_add_word(BIGNUM *a, unsigned long w);
+int	BN_sub_word(BIGNUM *a, unsigned long w);
 int	BN_set_word(BIGNUM *a, unsigned long w);
 unsigned long BN_get_word(BIGNUM *a);
 int	BN_cmp(BIGNUM *a, BIGNUM *b);
@@ -282,8 +319,10 @@ void	BN_free(BIGNUM *a);
 int	BN_is_bit_set(BIGNUM *a, int n);
 int	BN_lshift(BIGNUM *r, BIGNUM *a, int n);
 int	BN_lshift1(BIGNUM *r, BIGNUM *a);
+int	BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p,BN_CTX *ctx);
 int	BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
-int	BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+int	BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx,
+		BN_MONT_CTX *m_ctx);
 int	BN_mod_exp_recp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
 int	BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p,
 	BIGNUM *m,BN_CTX *ctx);
@@ -309,20 +348,23 @@ BIGNUM *BN_dup(BIGNUM *a);
 int	BN_ucmp(BIGNUM *a, BIGNUM *b);
 int	BN_set_bit(BIGNUM *a, int n);
 int	BN_clear_bit(BIGNUM *a, int n);
-char *	BN_bn2ascii(BIGNUM *a);
-int 	BN_ascii2bn(BIGNUM **a,char *str);
+char *	BN_bn2hex(BIGNUM *a);
+char *	BN_bn2dec(BIGNUM *a);
+int 	BN_hex2bn(BIGNUM **a,char *str);
+int 	BN_dec2bn(BIGNUM **a,char *str);
 int	BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx);
 BIGNUM *BN_mod_inverse(BIGNUM *a, BIGNUM *n,BN_CTX *ctx);
 BIGNUM *BN_generate_prime(int bits,int strong,BIGNUM *add,
-		BIGNUM *rem,void (*callback)(int,int));
-int	BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(int,int),
-		BN_CTX *ctx);
+		BIGNUM *rem,void (*callback)(int,int,char *),char *cb_arg);
+int	BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(int,int,char *),
+		BN_CTX *ctx,char *cb_arg);
 void	ERR_load_BN_strings(void );
 
-BN_ULONG bn_mul_add_word(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
-BN_ULONG bn_mul_word(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
 void     bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num);
 BN_ULONG bn_div64(BN_ULONG h, BN_ULONG l, BN_ULONG d);
+BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
 
 BN_MONT_CTX *BN_MONT_CTX_new(void );
 int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont,
@@ -331,6 +373,12 @@ int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx);
 void BN_MONT_CTX_free(BN_MONT_CTX *mont);
 int BN_MONT_CTX_set(BN_MONT_CTX *mont,BIGNUM *modulus,BN_CTX *ctx);
 
+BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod);
+void BN_BLINDING_free(BN_BLINDING *b);
+int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
+int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *r, BN_CTX *ctx);
+int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+
 #else
 
 BIGNUM *BN_value_one();
@@ -345,6 +393,8 @@ void	BN_clear_free();
 BIGNUM *BN_copy();
 BIGNUM *BN_bin2bn();
 int	BN_bn2bin();
+BIGNUM *BN_mpi2bn();
+int	BN_bn2mpi();
 int	BN_sub();
 void	bn_qsub();
 void	bn_qadd();
@@ -356,6 +406,8 @@ int	BN_sqr();
 BN_ULONG BN_mod_word();
 BN_ULONG BN_div_word();
 int	BN_add_word();
+int	BN_sub_word();
+int	BN_mul_word();
 int	BN_set_word();
 unsigned long BN_get_word();
 int	BN_cmp();
@@ -363,6 +415,7 @@ void	BN_free();
 int	BN_is_bit_set();
 int	BN_lshift();
 int	BN_lshift1();
+int	BN_exp();
 int	BN_mod_exp();
 int	BN_mod_exp_mont();
 int	BN_mod_exp_recp();
@@ -383,18 +436,21 @@ BIGNUM *BN_dup();
 int	BN_ucmp();
 int	BN_set_bit();
 int	BN_clear_bit();
-char *	BN_bn2ascii();
-int 	BN_ascii2bn();
+char *	BN_bn2hex();
+char *	BN_bn2dec();
+int 	BN_hex2bn();
+int 	BN_dec2bn();
 int	BN_gcd();
 BIGNUM *BN_mod_inverse();
 BIGNUM *BN_generate_prime();
 int	BN_is_prime();
 void	ERR_load_BN_strings();
 
-BN_ULONG bn_mul_add_word();
-BN_ULONG bn_mul_word();
+BN_ULONG bn_mul_add_words();
+BN_ULONG bn_mul_words();
 void     bn_sqr_words();
 BN_ULONG bn_div64();
+BN_ULONG bn_add_words();
 
 int BN_mod_mul_montgomery();
 int BN_from_montgomery();
@@ -402,29 +458,42 @@ BN_MONT_CTX *BN_MONT_CTX_new();
 void BN_MONT_CTX_free();
 int BN_MONT_CTX_set();
 
+BN_BLINDING *BN_BLINDING_new();
+void BN_BLINDING_free();
+int BN_BLINDING_update();
+int BN_BLINDING_convert();
+int BN_BLINDING_invert();
+
 #endif
 
 /* BEGIN ERROR CODES */
 /* Error codes for the BN functions. */
 
 /* Function codes. */
-#define BN_F_BN_BL_CTX_INIT				 100
-#define BN_F_BN_BL_CTX_NEW				 101
-#define BN_F_BN_BN2ASCII				 102
-#define BN_F_BN_CTX_NEW					 103
-#define BN_F_BN_DIV					 104
-#define BN_F_BN_EXPAND2					 105
-#define BN_F_BN_MOD_EXP_MONT				 106
-#define BN_F_BN_MOD_INVERSE				 107
-#define BN_F_BN_MOD_MUL_RECIPROCAL			 108
-#define BN_F_BN_NEW					 109
-#define BN_F_BN_RAND					 110
+#define BN_F_BN_BLINDING_CONVERT			 100
+#define BN_F_BN_BLINDING_INVERT				 101
+#define BN_F_BN_BLINDING_NEW				 102
+#define BN_F_BN_BLINDING_UPDATE				 103
+#define BN_F_BN_BN2DEC					 104
+#define BN_F_BN_BN2HEX					 105
+#define BN_F_BN_CTX_NEW					 106
+#define BN_F_BN_DIV					 107
+#define BN_F_BN_EXPAND2					 108
+#define BN_F_BN_MOD_EXP_MONT				 109
+#define BN_F_BN_MOD_INVERSE				 110
+#define BN_F_BN_MOD_MUL_RECIPROCAL			 111
+#define BN_F_BN_MPI2BN					 112
+#define BN_F_BN_NEW					 113
+#define BN_F_BN_RAND					 114
 
 /* Reason codes. */
 #define BN_R_BAD_RECIPROCAL				 100
 #define BN_R_CALLED_WITH_EVEN_MODULUS			 101
 #define BN_R_DIV_BY_ZERO				 102
-#define BN_R_NO_INVERSE					 103
+#define BN_R_ENCODING_ERROR				 103
+#define BN_R_INVALID_LENGTH				 104
+#define BN_R_NOT_INITALISED				 105
+#define BN_R_NO_INVERSE					 106
  
 #ifdef  __cplusplus
 }
diff --git a/crypto/bn/bn_add.c b/crypto/bn/bn_add.c
index ecdb7453b5..efb2e312e8 100644
--- a/crypto/bn/bn_add.c
+++ b/crypto/bn/bn_add.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_add.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -81,16 +81,16 @@ BIGNUM *b;
 			{ tmp=a; a=b; b=tmp; }
 
 		/* we are now a - b */
-		if (bn_expand(r,((a->top > b->top)?a->top:b->top)*BN_BITS2)
-			== NULL) return(0);
 
 		if (BN_ucmp(a,b) < 0)
 			{
+			if (bn_wexpand(r,b->top) == NULL) return(0);
 			bn_qsub(r,b,a);
 			r->neg=1;
 			}
 		else
 			{
+			if (bn_wexpand(r,a->top) == NULL) return(0);
 			bn_qsub(r,a,b);
 			r->neg=0;
 			}
@@ -103,12 +103,17 @@ BIGNUM *b;
 		r->neg=0;
 
 	i=(a->top > b->top);
-	if (bn_expand(r,(((i)?a->top:b->top)+1)*BN_BITS2) == NULL) return(0);
 
 	if (i)
+		{
+		if (bn_wexpand(r,a->top+1) == NULL) return(0);
 		bn_qadd(r,a,b);
+		}
 	else
+		{
+		if (bn_wexpand(r,b->top+1) == NULL) return(0);
 		bn_qadd(r,b,a);
+		}
 	return(1);
 	}
 
@@ -120,7 +125,7 @@ BIGNUM *b;
 	{
 	register int i;
 	int max,min;
-	BN_ULONG *ap,*bp,*rp,carry,t1,t2;
+	BN_ULONG *ap,*bp,*rp,carry,t1;
 
 	max=a->top;
 	min=b->top;
@@ -130,32 +135,24 @@ BIGNUM *b;
 	bp=b->d;
 	rp=r->d;
 	carry=0;
-	for (i=0; i<min; i++)
-		{
-		t1= *(ap++);
-		t2= *(bp++);
-		if (carry)
-			{
-			carry=(t2 >= ((~t1)&BN_MASK2));
-			t2=(t1+t2+1)&BN_MASK2;
-			}
-		else
-			{
-			t2=(t1+t2)&BN_MASK2;
-			carry=(t2 < t1);
-			}
-		*(rp++)=t2;
-		}
+
+	carry=bn_add_words(rp,ap,bp,min);
+	rp+=min;
+	ap+=min;
+	bp+=min;
+	i=min;
+
 	if (carry)
 		{
 		while (i < max)
 			{
-			t1= *(ap++);
-			t2=(t1+1)&BN_MASK2;
-			*(rp++)=t2;
-			carry=(t2 < t1);
 			i++;
-			if (!carry) break;
+			t1= *(ap++);
+			if ((*(rp++)=(t1+1)&BN_MASK2) >= t1)
+				{
+				carry=0;
+				break;
+				}
 			}
 		if ((i >= max) && carry)
 			{
diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c
new file mode 100644
index 0000000000..a7b34f0bf0
--- /dev/null
+++ b/crypto/bn/bn_blind.c
@@ -0,0 +1,143 @@
+/* crypto/bn/bn_blind.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+BN_BLINDING *BN_BLINDING_new(A,Ai,mod)
+BIGNUM *A;
+BIGNUM *Ai;
+BIGNUM *mod;
+	{
+	BN_BLINDING *ret=NULL;
+
+	if ((ret=(BN_BLINDING *)Malloc(sizeof(BN_BLINDING))) == NULL)
+		BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE);
+	memset(ret,0,sizeof(BN_BLINDING));
+	if ((ret->A=BN_new()) == NULL) goto err;
+	if ((ret->Ai=BN_new()) == NULL) goto err;
+	if (!BN_copy(ret->A,A)) goto err;
+	if (!BN_copy(ret->Ai,Ai)) goto err;
+	ret->mod=mod;
+	return(ret);
+err:
+	if (ret != NULL) BN_BLINDING_free(ret);
+	return(ret);
+	}
+
+void BN_BLINDING_free(r)
+BN_BLINDING *r;
+	{
+	if (r->A  != NULL) BN_free(r->A );
+	if (r->Ai != NULL) BN_free(r->Ai);
+	Free(r);
+	}
+
+int BN_BLINDING_update(b,ctx)
+BN_BLINDING *b;
+BN_CTX *ctx;
+	{
+	int ret=0;
+
+	if ((b->A == NULL) || (b->Ai == NULL))
+		{
+		BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITALISED);
+		goto err;
+		}
+		
+	if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err;
+	if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err;
+
+	ret=1;
+err:
+	return(ret);
+	}
+
+int BN_BLINDING_convert(n,b,ctx)
+BIGNUM *n;
+BN_BLINDING *b;
+BN_CTX *ctx;
+	{
+	if ((b->A == NULL) || (b->Ai == NULL))
+		{
+		BNerr(BN_F_BN_BLINDING_CONVERT,BN_R_NOT_INITALISED);
+		return(0);
+		}
+	return(BN_mod_mul(n,n,b->A,b->mod,ctx));
+	}
+
+int BN_BLINDING_invert(n,b,ctx)
+BIGNUM *n;
+BN_BLINDING *b;
+BN_CTX *ctx;
+	{
+	int ret;
+	if ((b->A == NULL) || (b->Ai == NULL))
+		{
+		BNerr(BN_F_BN_BLINDING_INVERT,BN_R_NOT_INITALISED);
+		return(0);
+		}
+	if ((ret=BN_mod_mul(n,n,b->Ai,b->mod,ctx)) >= 0)
+		{
+		if (!BN_BLINDING_update(b,ctx))
+			return(0);
+		}
+	return(ret);
+	}
+
diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c
index 0ce4d4182f..2263bdc7da 100644
--- a/crypto/bn/bn_div.c
+++ b/crypto/bn/bn_div.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_div.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -132,7 +132,7 @@ BN_CTX *ctx;
 	BN_ULONG d0,d1;
 	int num_n,div_n;
 
-	if (BN_is_zero(num))
+	if (BN_is_zero(divisor))
 		{
 		BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
 		return(0);
@@ -184,11 +184,11 @@ BN_CTX *ctx;
 	/* Setup to 'res' */
 	res->neg= (num->neg^divisor->neg);
 	res->top=loop;
-	if (!bn_expand(res,(loop+1)*BN_BITS2)) goto err;
+	if (!bn_wexpand(res,(loop+1))) goto err;
 	resp= &(res->d[loop-1]);
 
 	/* space for temp */
-	if (!bn_expand(tmp,(div_n+1)*BN_BITS2)) goto err;
+	if (!bn_wexpand(tmp,(div_n+1))) goto err;
 
 	if (BN_ucmp(&wnum,sdiv) >= 0)
 		{
@@ -237,9 +237,9 @@ BN_CTX *ctx;
 
 			t3t=LBITS(d0); t3h=HBITS(d0);
 			mul64(t3t,t3h,ql,qh); /* t3=t1-(BN_ULLONG)q*d0; */
-			t3l=(t1l-t3t);
+			t3l=(t1l-t3t)&BN_MASK2;
 			if (t3l > t1l) t3h++;
-			t3h=(t1h-t3h);
+			t3h=(t1h-t3h)&BN_MASK2;
 
 			/*if ((t3>>BN_BITS2) ||
 				(t2 <= ((t3<<BN_BITS2)+wnump[-2])))
@@ -252,7 +252,7 @@ BN_CTX *ctx;
 			}
 #endif
 		}
-		l0=bn_mul_word(tmp->d,sdiv->d,div_n,q);
+		l0=bn_mul_words(tmp->d,sdiv->d,div_n,q);
 		tmp->d[div_n]=l0;
 		for (j=div_n+1; j>0; j--)
 			if (tmp->d[j-1]) break;
diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c
index 38818d6e67..029ae810d5 100644
--- a/crypto/bn/bn_err.c
+++ b/crypto/bn/bn_err.c
@@ -60,17 +60,22 @@
 #include "bn.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA BN_str_functs[]=
 	{
-{ERR_PACK(0,BN_F_BN_BL_CTX_INIT,0),	"BN_BL_CTX_INIT"},
-{ERR_PACK(0,BN_F_BN_BL_CTX_NEW,0),	"BN_BL_CTX_NEW"},
-{ERR_PACK(0,BN_F_BN_BN2ASCII,0),	"BN_bn2ascii"},
+{ERR_PACK(0,BN_F_BN_BLINDING_CONVERT,0),	"BN_BLINDING_convert"},
+{ERR_PACK(0,BN_F_BN_BLINDING_INVERT,0),	"BN_BLINDING_invert"},
+{ERR_PACK(0,BN_F_BN_BLINDING_NEW,0),	"BN_BLINDING_new"},
+{ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0),	"BN_BLINDING_update"},
+{ERR_PACK(0,BN_F_BN_BN2DEC,0),	"BN_bn2dec"},
+{ERR_PACK(0,BN_F_BN_BN2HEX,0),	"BN_bn2hex"},
 {ERR_PACK(0,BN_F_BN_CTX_NEW,0),	"BN_CTX_new"},
 {ERR_PACK(0,BN_F_BN_DIV,0),	"BN_div"},
 {ERR_PACK(0,BN_F_BN_EXPAND2,0),	"bn_expand2"},
 {ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0),	"BN_mod_exp_mont"},
 {ERR_PACK(0,BN_F_BN_MOD_INVERSE,0),	"BN_mod_inverse"},
 {ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0),	"BN_mod_mul_reciprocal"},
+{ERR_PACK(0,BN_F_BN_MPI2BN,0),	"BN_mpi2bn"},
 {ERR_PACK(0,BN_F_BN_NEW,0),	"BN_new"},
 {ERR_PACK(0,BN_F_BN_RAND,0),	"BN_rand"},
 {0,NULL},
@@ -81,18 +86,26 @@ static ERR_STRING_DATA BN_str_reasons[]=
 {BN_R_BAD_RECIPROCAL                     ,"bad reciprocal"},
 {BN_R_CALLED_WITH_EVEN_MODULUS           ,"called with even modulus"},
 {BN_R_DIV_BY_ZERO                        ,"div by zero"},
+{BN_R_ENCODING_ERROR                     ,"encoding error"},
+{BN_R_INVALID_LENGTH                     ,"invalid length"},
+{BN_R_NOT_INITALISED                     ,"not initalised"},
 {BN_R_NO_INVERSE                         ,"no inverse"},
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_BN_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_BN,BN_str_functs);
 		ERR_load_strings(ERR_LIB_BN,BN_str_reasons);
+#endif
+
 		}
 	}
diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
index 0a0db370c3..c056a5083f 100644
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_exp.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -120,6 +120,38 @@ err:
 
 #endif
 
+/* this one works - simple but works */
+int BN_exp(r,a,p,ctx)
+BIGNUM *r,*a,*p;
+BN_CTX *ctx;
+	{
+	int i,bits,ret=0;
+	BIGNUM *v,*tmp;
+
+	v=ctx->bn[ctx->tos++];
+	tmp=ctx->bn[ctx->tos++];
+
+	if (BN_copy(v,a) == NULL) goto err;
+	bits=BN_num_bits(p);
+
+	if (BN_is_odd(p))
+		{ if (BN_copy(r,a) == NULL) goto err; }
+	else	{ if (BN_one(r)) goto err; }
+
+	for (i=1; i<bits; i++)
+		{
+		if (!BN_sqr(tmp,v,ctx)) goto err;
+		if (BN_is_bit_set(p,i))
+			{
+			if (!BN_mul(tmp,r,v)) goto err;
+			}
+		}
+	ret=1;
+err:
+	ctx->tos-=2;
+	return(ret);
+	}
+
 int BN_mod_exp(r,a,p,m,ctx)
 BIGNUM *r;
 BIGNUM *a;
@@ -137,7 +169,7 @@ BN_CTX *ctx;
 /*	if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */
 
 	if (BN_is_odd(m))
-		{ ret=BN_mod_exp_mont(r,a,p,m,ctx); }
+		{ ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL); }
 	else
 #endif
 #ifdef RECP_MUL_MOD
@@ -266,17 +298,19 @@ err:
 /* #endif */
 
 /* #ifdef MONT_MUL_MOD */
-int BN_mod_exp_mont(r,a,p,m,ctx)
+int BN_mod_exp_mont(r,a,p,m,ctx,in_mont)
 BIGNUM *r;
 BIGNUM *a;
 BIGNUM *p;
 BIGNUM *m;
 BN_CTX *ctx;
+BN_MONT_CTX *in_mont;
 	{
+#define TABLE_SIZE	16
 	int i,j,bits,ret=0,wstart,wend,window,wvalue;
 	int start=1;
 	BIGNUM *d,*aa;
-	BIGNUM *val[16];
+	BIGNUM *val[TABLE_SIZE];
 	BN_MONT_CTX *mont=NULL;
 
 	if (!(m->d[0] & 1))
@@ -295,8 +329,15 @@ BN_CTX *ctx;
 	/* If this is not done, things will break in the montgomery
 	 * part */
 
-	if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
-	if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
+#if 1
+	if (in_mont != NULL)
+		mont=in_mont;
+	else
+#endif
+		{
+		if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
+		if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
+		}
 
 	val[0]=BN_new();
 	if (BN_ucmp(a,m) >= 0)
@@ -309,11 +350,11 @@ BN_CTX *ctx;
 	if (!BN_to_montgomery(val[0],aa,mont,ctx)) goto err; /* 1 */
 	if (!BN_mod_mul_montgomery(d,val[0],val[0],mont,ctx)) goto err; /* 2 */
 
-	if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */
+	if (bits <= 20) /* This is probably 3 or 0x10001, so just do singles */
 		window=1;
-	else if (bits >= 256)
+	else if (bits > 250)
 		window=5;	/* max size of window */
-	else if (bits >= 128)
+	else if (bits >= 120)
 		window=4;
 	else
 		window=3;
@@ -325,7 +366,7 @@ BN_CTX *ctx;
 		if (!BN_mod_mul_montgomery(val[i],val[i-1],d,mont,ctx))
 			goto err;
 		}
-	for (; i<16; i++)
+	for (; i<TABLE_SIZE; i++)
 		val[i]=NULL;
 
 	start=1;	/* This is used to avoid multiplication etc
@@ -341,8 +382,10 @@ BN_CTX *ctx;
 		if (BN_is_bit_set(p,wstart) == 0)
 			{
 			if (!start)
+				{
 				if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
 				goto err;
+				}
 			if (wstart == 0) break;
 			wstart--;
 			continue;
@@ -388,9 +431,9 @@ BN_CTX *ctx;
 	BN_from_montgomery(r,r,mont,ctx);
 	ret=1;
 err:
-	if (mont != NULL) BN_MONT_CTX_free(mont);
+	if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
 	ctx->tos--;
-	for (i=0; i<16; i++)
+	for (i=0; i<TABLE_SIZE; i++)
 		if (val[i] != NULL) BN_clear_free(val[i]);
 	return(ret);
 	}
diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c
index 9b0bc2b100..071bba3b4b 100644
--- a/crypto/bn/bn_gcd.c
+++ b/crypto/bn/bn_gcd.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_gcd.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h
index 4d44651df8..edfd788338 100644
--- a/crypto/bn/bn_lcl.h
+++ b/crypto/bn/bn_lcl.h
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_lcl.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -78,31 +78,23 @@ extern "C" {
 		if (*(fix_top_l--)) break; \
 	}
 
-#define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?(n):bn_expand2((n),(b)))
+/* #define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?(n):bn_expand2((n),(b))) */
 
 #ifdef BN_LLONG
 #define mul_add(r,a,w,c) { \
 	BN_ULLONG t; \
 	t=(BN_ULLONG)w * (a) + (r) + (c); \
-	(r)=Lw(t); \
+	(r)= Lw(t); \
 	(c)= Hw(t); \
 	}
 
 #define mul(r,a,w,c) { \
 	BN_ULLONG t; \
 	t=(BN_ULLONG)w * (a) + (c); \
-	(r)=Lw(t); \
+	(r)= Lw(t); \
 	(c)= Hw(t); \
 	}
 
-#define bn_mul_words(r1,r2,a,b) \
-	{ \
-	BN_ULLONG t; \
-	t=(BN_ULLONG)(a)*(b); \
-	r1=Lw(t); \
-	r2=Hw(t); \
-	}
-
 #else
 /*************************************************************
  * No long long type
@@ -126,10 +118,10 @@ extern "C" {
 	lt=(bl)*(lt); \
 	m1=(bl)*(ht); \
 	ht =(bh)*(ht); \
-	m+=m1; if ((m&BN_MASK2) < m1) ht+=L2HBITS(1L); \
+	m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS(1L); \
 	ht+=HBITS(m); \
 	m1=L2HBITS(m); \
-	lt+=m1; if ((lt&BN_MASK2) < m1) ht++; \
+	lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \
 	(l)=lt; \
 	(h)=ht; \
 	}
@@ -146,7 +138,7 @@ extern "C" {
 	h*=h; \
 	h+=(m&BN_MASK2h1)>>(BN_BITS4-1); \
 	m =(m&BN_MASK2l)<<(BN_BITS4+1); \
-	l+=m; if ((l&BN_MASK2) < m) h++; \
+	l=(l+m)&BN_MASK2; if (l < m) h++; \
 	(lo)=l; \
 	(ho)=h; \
 	}
@@ -160,11 +152,11 @@ extern "C" {
 	mul64(l,h,(bl),(bh)); \
  \
 	/* non-multiply part */ \
-	l+=(c); if ((l&BN_MASK2) < (c)) h++; \
+	l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
 	(c)=(r); \
-	l+=(c); if ((l&BN_MASK2) < (c)) h++; \
+	l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
 	(c)=h&BN_MASK2; \
-	(r)=l&BN_MASK2; \
+	(r)=l; \
 	}
 
 #define mul(r,a,bl,bh,c) { \
@@ -181,31 +173,22 @@ extern "C" {
 	(r)=l&BN_MASK2; \
 	}
 
-#define bn_mul_words(r1,r2,a,b) \
-	{ \
-	BN_ULONG l,h,bl,bh; \
- \
-	h=(a); \
-	l=LBITS(h); \
-	h=HBITS(h); \
-	bh=(b); \
-	bl=LBITS(bh); \
-	bh=HBITS(bh); \
- \
-	mul64(l,h,bl,bh); \
- \
-	(r1)=l; \
-	(r2)=h; \
-	}
 #endif
 
 #ifndef NOPROTO
 
 BIGNUM *bn_expand2(BIGNUM *b, int bits);
 
+#ifdef X86_ASM
+void bn_add_words(BN_ULONG *r,BN_ULONG *a,int num);
+#endif
+
 #else
 
 BIGNUM *bn_expand2();
+#ifdef X86_ASM
+BN_ULONG bn_add_words();
+#endif
 
 #endif
 
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 288ebca68c..bfe7628ad4 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -60,7 +60,7 @@
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
-char *BN_version="Big Number part of SSLeay 0.8.1b 29-Jun-1998";
+char *BN_version="Big Number part of SSLeay 0.9.0b 29-Jun-1998";
 
 BIGNUM *BN_value_one()
 	{
@@ -188,7 +188,7 @@ BIGNUM *a;
 	i=(a->top-1)*BN_BITS2;
 	if (l == 0)
 		{
-#ifndef WIN16
+#if !defined(NO_STDIO) && !defined(WIN16)
 		fprintf(stderr,"BAD TOP VALUE\n");
 #endif
 		abort();
@@ -279,24 +279,23 @@ BN_CTX *c;
 	Free(c);
 	}
 
-BIGNUM *bn_expand2(b, bits)
+BIGNUM *bn_expand2(b, words)
 BIGNUM *b;
-int bits;
+int words;
 	{
 	BN_ULONG *p;
-	register int n;
 
-	while (bits > b->max*BN_BITS2)
+	if (words > b->max)
 		{
-		n=((bits+BN_BITS2-1)/BN_BITS2)*2;
-		p=b->d=(BN_ULONG *)Realloc(b->d,sizeof(BN_ULONG)*(n+1));
+		p=(BN_ULONG *)Realloc(b->d,sizeof(BN_ULONG)*(words+1));
 		if (p == NULL)
 			{
 			BNerr(BN_F_BN_EXPAND2,ERR_R_MALLOC_FAILURE);
 			return(NULL);
 			}
-		memset(&(p[b->max]),0,((n+1)-b->max)*sizeof(BN_ULONG));
-		b->max=n;
+		b->d=p;
+		memset(&(p[b->max]),0,((words+1)-b->max)*sizeof(BN_ULONG));
+		b->max=words;
 		}
 	return(b);
 	}
@@ -315,10 +314,53 @@ BIGNUM *BN_copy(a, b)
 BIGNUM *a;
 BIGNUM *b;
 	{
-	if (bn_expand(a,b->top*BN_BITS2) == NULL) return(NULL);
+	int i;
+	BN_ULONG *A,*B;
+
+	if (a == b) return(a);
+	if (bn_wexpand(a,b->top) == NULL) return(NULL);
+
+#if 1
+	A=a->d;
+	B=b->d;
+	for (i=b->top&(~7); i>0; i-=8)
+		{
+		A[0]=B[0];
+		A[1]=B[1];
+		A[2]=B[2];
+		A[3]=B[3];
+		A[4]=B[4];
+		A[5]=B[5];
+		A[6]=B[6];
+		A[7]=B[7];
+		A+=8;
+		B+=8;
+		}
+	switch (b->top&7)
+		{
+	case 7:
+		A[6]=B[6];
+	case 6:
+		A[5]=B[5];
+	case 5:
+		A[4]=B[4];
+	case 4:
+		A[3]=B[3];
+	case 3:
+		A[2]=B[2];
+	case 2:
+		A[1]=B[1];
+	case 1:
+		A[0]=B[0];
+		}
+#else
 	memcpy(a->d,b->d,sizeof(b->d[0])*b->top);
+#endif
+
 /*	memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/
 	a->top=b->top;
+	if (a->top == 0)
+		a->d[0]=0;
 	a->neg=b->neg;
 	return(a);
 	}
@@ -507,7 +549,11 @@ int n;
 
 	i=n/BN_BITS2;
 	j=n%BN_BITS2;
-	if (a->top <= i) return(0);
+	if (a->top <= i)
+		{
+		if (bn_expand(a,n) == NULL) return(0);
+		a->top=i+1;
+		}
 
 	a->d[i]|=(1L<<j);
 	return(1);
diff --git a/crypto/bn/bn_m.c b/crypto/bn/bn_m.c
new file mode 100644
index 0000000000..5166daaeec
--- /dev/null
+++ b/crypto/bn/bn_m.c
@@ -0,0 +1,169 @@
+/* crypto/bn/bn_m.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+#include "stack.h"
+
+int limit=16;
+
+typedef struct bn_pool_st
+	{
+	int used;
+	int tos;
+	STACK *sk; 
+	} BN_POOL;
+
+BIGNUM *BN_POOL_push(bp)
+BN_POOL *bp;
+	{
+	BIGNUM *ret;
+
+	if (bp->used >= bp->tos)
+		{
+		ret=BN_new();
+		sk_push(bp->sk,(char *)ret);
+		bp->tos++;
+		bp->used++;
+		}
+	else
+		{
+		ret=(BIGNUM *)sk_value(bp->sk,bp->used);
+		bp->used++;
+		}
+	return(ret);
+	}
+
+void BN_POOL_pop(bp,num)
+BN_POOL *bp;
+int num;
+	{
+	bp->used-=num;
+	}
+
+int BN_m(r,a,b)
+BIGNUM *r,*a,*b;
+	{
+	static BN_POOL bp;
+	static init=1;
+
+	if (init)
+		{
+		bp.used=0;
+		bp.tos=0;
+		bp.sk=sk_new_null();
+		init=0;
+		}
+	return(BN_mm(r,a,b,&bp));
+	}
+
+/* r must be different to a and b */
+int BN_mm(m, A, B, bp)
+BIGNUM *m,*A,*B;
+BN_POOL *bp;
+	{
+	int i,num;
+	int an,bn;
+	BIGNUM *a,*b,*c,*d,*ac,*bd;
+
+	an=A->top;
+	bn=B->top;
+	if ((an <= limit) || (bn <= limit))
+		{
+		return(BN_mul(m,A,B));
+		}
+
+	a=BN_POOL_push(bp);
+	b=BN_POOL_push(bp);
+	c=BN_POOL_push(bp);
+	d=BN_POOL_push(bp);
+	ac=BN_POOL_push(bp);
+	bd=BN_POOL_push(bp);
+
+	num=(an <= bn)?an:bn;
+	num=1<<(BN_num_bits_word(num-1)-1);
+
+	/* Are going to now chop things into 'num' word chunks. */
+	num*=BN_BITS2;
+
+	BN_copy(a,A);
+	BN_mask_bits(a,num);
+	BN_rshift(b,A,num);
+
+	BN_copy(c,B);
+	BN_mask_bits(c,num);
+	BN_rshift(d,B,num);
+
+	BN_sub(ac ,b,a);
+	BN_sub(bd,c,d);
+	BN_mm(m,ac,bd,bp);
+	BN_mm(ac,a,c,bp);
+	BN_mm(bd,b,d,bp);
+
+	BN_add(m,m,ac);
+	BN_add(m,m,bd);
+	BN_lshift(m,m,num);
+	BN_lshift(bd,bd,num*2);
+
+	BN_add(m,m,ac);
+	BN_add(m,m,bd);
+	BN_POOL_pop(bp,6);
+	return(1);
+	}
+
diff --git a/crypto/bn/bn_mod.c b/crypto/bn/bn_mod.c
index c94241f59e..c351aac14f 100644
--- a/crypto/bn/bn_mod.c
+++ b/crypto/bn/bn_mod.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_mod.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index 932d10b736..e435df61f8 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_mont.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -95,8 +95,8 @@ BN_MONT_CTX *mont;
 BN_CTX *ctx;
 	{
 	BIGNUM *n,*t1,*r;
-	BN_ULONG *ap,*np,*rp,k,n0,v,v2;
-	int al,nl,max,i,x;
+	BN_ULONG *ap,*np,*rp,n0,v;
+	int al,nl,max,i,x,ri;
 	int retn=0;
 
 	t1=ctx->bn[ctx->tos];
@@ -105,50 +105,76 @@ BN_CTX *ctx;
 	if (!BN_copy(r,a)) goto err;
 	n=mont->N;
 
-	if (!BN_copy(t1,a)) goto err;
-	BN_mask_bits(t1,mont->ri);
-
-	a=t1;
+	ap=a->d;
+	/* mont->ri is the size of mont->N in bits/words */
+	al=ri=mont->ri/BN_BITS2;
 
-	al=a->top;
 	nl=n->top;
 	if ((al == 0) || (nl == 0)) { r->top=0; return(1); }
 
 	max=(nl+al+1); /* allow for overflow (no?) XXX */
-	if (bn_expand(r,(max)*BN_BITS2) == NULL) goto err;
+	if (bn_wexpand(r,max) == NULL) goto err;
+	if (bn_wexpand(ret,max) == NULL) goto err;
 
 	r->neg=a->neg^n->neg;
-	ap=a->d;
 	np=n->d;
 	rp=r->d;
 
-	/* clear the top bytes of T */
+	/* clear the top words of T */
+#if 1
 	for (i=r->top; i<max; i++) /* memset? XXX */
 		r->d[i]=0;
-/*	memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG)); */
+#else
+	memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG)); 
+#endif
 
 	r->top=max;
 	n0=mont->n0;
 
 	for (i=0; i<nl; i++)
 		{
-		/* This is were part words probably goes wrong */
-		k=(rp[0]*n0)&BN_MASK2;
-		v=bn_mul_add_word(rp,np,nl,k);
-		
-		for (x=nl; v; x++)
+#if 0
+		int x1,x2;
+
+		if (i+4 > nl)
+			{
+			x2=nl;
+			x1=0;
+			}
+		else
 			{
-			v2=rp[x];
-			v2+=v;
-			rp[x]=v2;
-			v=((v2&BN_MASK2) < v)?1:0; /* ever true? XXX */
+			x2=i+4;
+			x1=nl-x2;
+			}
+		v=bn_mul_add_words(&(rp[x1]),&(np[x1]),x2,(rp[x1]*n0)&BN_MASK2);
+#else
+		v=bn_mul_add_words(rp,np,nl,(rp[0]*n0)&BN_MASK2);
+#endif
+
+		if (((rp[nl]+=v)&BN_MASK2) < v)
+			{
+			for (x=(nl+1); (((++rp[x])&BN_MASK2) == 0); x++)
+				;
 			}
 		rp++;
 		}
 	while (r->d[r->top-1] == 0)
 		r->top--;
 
+	/* mont->ri will be a multiple of the word size */
+#if 0
 	BN_rshift(ret,r,mont->ri);
+#else
+	ap=r->d;
+	rp=ret->d;
+	x=ri;
+	al=r->top-x;
+	for (i=0; i<al; i++)
+		{
+		rp[i]=ap[i+x];
+		}
+	ret->top=al;
+#endif
 
 	if (BN_ucmp(ret,mont->N) >= 0)
 		{
diff --git a/crypto/bn/bn_mpi.c b/crypto/bn/bn_mpi.c
new file mode 100644
index 0000000000..53945c1057
--- /dev/null
+++ b/crypto/bn/bn_mpi.c
@@ -0,0 +1,134 @@
+/* crypto/bn/bn_mpi.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+int BN_bn2mpi(a,d)
+BIGNUM *a;
+unsigned char *d;
+	{
+	int bits;
+	int num=0;
+	int ext=0;
+	long l;
+
+	bits=BN_num_bits(a);
+	num=(bits+7)/8;
+	if (bits > 0)
+		{
+		ext=((bits & 0x07) == 0);
+		}
+	if (d == NULL)
+		return(num+4+ext);
+
+	l=num+ext;
+	d[0]=(unsigned char)(l>>24)&0xff;
+	d[1]=(unsigned char)(l>>16)&0xff;
+	d[2]=(unsigned char)(l>> 8)&0xff;
+	d[3]=(unsigned char)(l    )&0xff;
+	if (ext) d[4]=0;
+	num=BN_bn2bin(a,&(d[4+ext]));
+	if (a->neg)
+		d[4]|=0x80;
+	return(num+4+ext);
+	}
+
+BIGNUM *BN_mpi2bn(d,n,a)
+unsigned char *d;
+int n;
+BIGNUM *a;
+	{
+	long len;
+	int neg=0;
+
+	if (n < 4)
+		{
+		BNerr(BN_F_BN_MPI2BN,BN_R_INVALID_LENGTH);
+		return(NULL);
+		}
+	len=(d[0]<<24)|(d[1]<<16)|(d[2]<<8)|d[3];
+	if ((len+4) != n)
+		{
+		BNerr(BN_F_BN_MPI2BN,BN_R_ENCODING_ERROR);
+		return(NULL);
+		}
+
+	if (a == NULL) a=BN_new();
+	if (a == NULL) return(NULL);
+
+	if (len == 0)
+		{
+		a->neg=0;
+		a->top=0;
+		return(a);
+		}
+	d+=4;
+	if ((*d) & 0x80)
+		neg=1;
+	if (BN_bin2bn(d,(int)len,a) == NULL)
+		return(NULL);
+	a->neg=neg;
+	if (neg)
+		{
+		BN_clear_bit(a,BN_num_bits(a)-1);
+		}
+	return(a);
+	}
+
diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c
index 3c8bf23a70..d0c04e1d4b 100644
--- a/crypto/bn/bn_mul.c
+++ b/crypto/bn/bn_mul.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_mul.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -61,6 +61,7 @@
 #include "bn_lcl.h"
 
 /* r must be different to a and b */
+/* int BN_mmul(r, a, b) */
 int BN_mul(r, a, b)
 BIGNUM *r;
 BIGNUM *a;
@@ -79,21 +80,130 @@ BIGNUM *b;
 		}
 
 	max=(al+bl);
-	if (bn_expand(r,(max)*BN_BITS2) == NULL) return(0);
+	if (bn_wexpand(r,max) == NULL) return(0);
 	r->top=max;
 	r->neg=a->neg^b->neg;
 	ap=a->d;
 	bp=b->d;
 	rp=r->d;
 
-	rp[al]=bn_mul_word(rp,ap,al,*(bp++));
+	rp[al]=bn_mul_words(rp,ap,al,*(bp++));
 	rp++;
 	for (i=1; i<bl; i++)
 		{
-		rp[al]=bn_mul_add_word(rp,ap,al,*(bp++));
+		rp[al]=bn_mul_add_words(rp,ap,al,*(bp++));
 		rp++;
 		}
 	if (r->d[max-1] == 0) r->top--;
 	return(1);
 	}
 
+#if 0
+#include "stack.h"
+
+int limit=16;
+
+typedef struct bn_pool_st
+	{
+	int used;
+	int tos;
+	STACK *sk; 
+	} BN_POOL;
+
+BIGNUM *BN_POOL_push(bp)
+BN_POOL *bp;
+	{
+	BIGNUM *ret;
+
+	if (bp->used >= bp->tos)
+		{
+		ret=BN_new();
+		sk_push(bp->sk,(char *)ret);
+		bp->tos++;
+		bp->used++;
+		}
+	else
+		{
+		ret=(BIGNUM *)sk_value(bp->sk,bp->used);
+		bp->used++;
+		}
+	return(ret);
+	}
+
+void BN_POOL_pop(bp,num)
+BN_POOL *bp;
+int num;
+	{
+	bp->used-=num;
+	}
+
+int BN_mul(r,a,b)
+BIGNUM *r,*a,*b;
+	{
+	static BN_POOL bp;
+	static init=1;
+
+	if (init)
+		{
+		bp.used=0;
+		bp.tos=0;
+		bp.sk=sk_new_null();
+		init=0;
+		}
+	return(BN_mm(r,a,b,&bp));
+	}
+
+/* r must be different to a and b */
+int BN_mm(m, A, B, bp)
+BIGNUM *m,*A,*B;
+BN_POOL *bp;
+	{
+	int i,num;
+	int an,bn;
+	BIGNUM *a,*b,*c,*d,*ac,*bd;
+
+	an=A->top;
+	bn=B->top;
+	if ((an <= limit) || (bn <= limit))
+		{
+		return(BN_mmul(m,A,B));
+		}
+
+	a=BN_POOL_push(bp);
+	b=BN_POOL_push(bp);
+	c=BN_POOL_push(bp);
+	d=BN_POOL_push(bp);
+	ac=BN_POOL_push(bp);
+	bd=BN_POOL_push(bp);
+
+	num=(an <= bn)?an:bn;
+	num=1<<(BN_num_bits_word(num-1)-1);
+
+	/* Are going to now chop things into 'num' word chunks. */
+	num*=BN_BITS2;
+
+	BN_copy(a,A);
+	BN_mask_bits(a,num);
+	BN_rshift(b,A,num);
+
+	BN_copy(c,B);
+	BN_mask_bits(c,num);
+	BN_rshift(d,B,num);
+
+	BN_sub(ac ,b,a);
+	BN_sub(bd,c,d);
+	BN_mm(m,ac,bd,bp);
+	BN_mm(ac,a,c,bp);
+	BN_mm(bd,b,d,bp);
+
+	BN_add(m,m,ac);
+	BN_add(m,m,bd);
+	BN_lshift(m,m,num);
+	BN_lshift(bd,bd,num*2);
+
+	BN_add(m,m,ac);
+	BN_add(m,m,bd);
+	BN_POOL_pop(bp,6);
+	return(1);
+	}
+#endif
diff --git a/crypto/bn/bn_mulw.c b/crypto/bn/bn_mulw.c
index d903127395..abfc7e4d6c 100644
--- a/crypto/bn/bn_mulw.c
+++ b/crypto/bn/bn_mulw.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_mulw.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -62,7 +62,7 @@
 
 #ifdef BN_LLONG 
 
-BN_ULONG bn_mul_add_word(rp,ap,num,w)
+BN_ULONG bn_mul_add_words(rp,ap,num,w)
 BN_ULONG *rp,*ap;
 int num;
 BN_ULONG w;
@@ -86,7 +86,7 @@ BN_ULONG w;
 	return(c1);
 	} 
 
-BN_ULONG bn_mul_word(rp,ap,num,w)
+BN_ULONG bn_mul_words(rp,ap,num,w)
 BN_ULONG *rp,*ap;
 int num;
 BN_ULONG w;
@@ -138,9 +138,45 @@ int n;
 		}
 	}
 
+BN_ULONG bn_add_words(r,a,b,n)
+BN_ULONG *r,*a,*b;
+int n;
+        {
+	BN_ULLONG ll;
+
+	ll=0;
+	for (;;)
+		{
+		ll+= (BN_ULLONG)a[0]+b[0];
+		r[0]=(BN_ULONG)ll&BN_MASK2;
+		ll>>=BN_BITS2;
+		if (--n <= 0) break;
+
+		ll+= (BN_ULLONG)a[1]+b[1];
+		r[1]=(BN_ULONG)ll&BN_MASK2;
+		ll>>=BN_BITS2;
+		if (--n <= 0) break;
+
+		ll+= (BN_ULLONG)a[2]+b[2];
+		r[2]=(BN_ULONG)ll&BN_MASK2;
+		ll>>=BN_BITS2;
+		if (--n <= 0) break;
+
+		ll+= (BN_ULLONG)a[3]+b[3];
+		r[3]=(BN_ULONG)ll&BN_MASK2;
+		ll>>=BN_BITS2;
+		if (--n <= 0) break;
+
+		a+=4;
+		b+=4;
+		r+=4;
+		}
+	return(ll&BN_MASK2);
+	}
+
 #else
 
-BN_ULONG bn_mul_add_word(rp,ap,num,w)
+BN_ULONG bn_mul_add_words(rp,ap,num,w)
 BN_ULONG *rp,*ap;
 int num;
 BN_ULONG w;
@@ -167,7 +203,7 @@ BN_ULONG w;
 	return(c);
 	} 
 
-BN_ULONG bn_mul_word(rp,ap,num,w)
+BN_ULONG bn_mul_words(rp,ap,num,w)
 BN_ULONG *rp,*ap;
 int num;
 BN_ULONG w;
@@ -217,6 +253,33 @@ int n;
 		}
 	}
 
+BN_ULONG bn_add_words(r,a,b,n)
+BN_ULONG *r,*a,*b;
+int n;
+        {
+	BN_ULONG t1,t2;
+	int carry,i;
+
+	carry=0;
+	for (i=0; i<n; i++)
+		{
+		t1= *(a++);
+		t2= *(b++);
+		if (carry)
+			{
+			carry=(t2 >= ((~t1)&BN_MASK2));
+			t2=(t1+t2+1)&BN_MASK2;
+			}
+		else
+			{
+			t2=(t1+t2)&BN_MASK2;
+			carry=(t2<t1);
+			}
+		*(r++)=t2;
+		}
+	return(carry);
+	}
+
 #endif
 
 #if defined(BN_LLONG) && defined(BN_DIV2W)
@@ -242,7 +305,7 @@ BN_ULONG h,l,d;
 	i=BN_num_bits_word(d);
 	if ((i != BN_BITS2) && (h > (BN_ULONG)1<<i))
 		{
-#ifndef WIN16
+#if !defined(NO_STDIO) && !defined(WIN16)
 		fprintf(stderr,"Division would overflow (%d)\n",i);
 #endif
 		abort();
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
index 07a8289492..0c85f70b59 100644
--- a/crypto/bn/bn_prime.c
+++ b/crypto/bn/bn_prime.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_prime.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -69,7 +69,8 @@
 #include "bn_prime.h"
 
 #ifndef NOPROTO
-static int witness(BIGNUM *a, BIGNUM *n, BN_CTX *ctx);
+static int witness(BIGNUM *a, BIGNUM *n, BN_CTX *ctx,BN_CTX *ctx2,
+	BN_MONT_CTX *mont);
 static int probable_prime(BIGNUM *rnd, int bits);
 static int probable_prime_dh(BIGNUM *rnd, int bits,
 	BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
@@ -82,12 +83,13 @@ static int probable_prime_dh();
 static int probable_prime_dh_strong();
 #endif
 
-BIGNUM *BN_generate_prime(bits,strong,add,rem,callback)
+BIGNUM *BN_generate_prime(bits,strong,add,rem,callback,cb_arg)
 int bits;
 int strong;
 BIGNUM *add;
 BIGNUM *rem;
-void (*callback)(P_I_I); 
+void (*callback)(P_I_I_P); 
+char *cb_arg;
 	{
 	BIGNUM *rnd=NULL;
 	BIGNUM *ret=NULL;
@@ -120,11 +122,11 @@ loop:
 			}
 		}
 	/* if (BN_mod_word(rnd,(BN_ULONG)3) == 1) goto loop; */
-	if (callback != NULL) callback(0,c1++);
+	if (callback != NULL) callback(0,c1++,cb_arg);
 
 	if (!strong)
 		{
-		i=BN_is_prime(rnd,BN_prime_checks,callback,ctx);
+		i=BN_is_prime(rnd,BN_prime_checks,callback,ctx,cb_arg);
 		if (i == -1) goto err;
 		if (i == 0) goto loop;
 		}
@@ -138,15 +140,15 @@ loop:
 
 		for (i=0; i<BN_prime_checks; i++)
 			{
-			j=BN_is_prime(rnd,1,callback,ctx);
+			j=BN_is_prime(rnd,1,callback,ctx,cb_arg);
 			if (j == -1) goto err;
 			if (j == 0) goto loop;
 
-			j=BN_is_prime(t,1,callback,ctx);
+			j=BN_is_prime(t,1,callback,ctx,cb_arg);
 			if (j == -1) goto err;
 			if (j == 0) goto loop;
 
-			if (callback != NULL) callback(2,c1-1);
+			if (callback != NULL) callback(2,c1-1,cb_arg);
 			/* We have a strong prime test pass */
 			}
 		}
@@ -159,60 +161,78 @@ err:
 	return(ret);
 	}
 
-int BN_is_prime(a,checks,callback,ctx_passed)
+int BN_is_prime(a,checks,callback,ctx_passed,cb_arg)
 BIGNUM *a;
 int checks;
-void (*callback)(P_I_I);
+void (*callback)(P_I_I_P);
 BN_CTX *ctx_passed;
+char *cb_arg;
 	{
 	int i,j,c2=0,ret= -1;
 	BIGNUM *check;
-	BN_CTX *ctx;
+	BN_CTX *ctx=NULL,*ctx2=NULL;
+	BN_MONT_CTX *mont=NULL;
 
+	if (!BN_is_odd(a))
+		return(0);
 	if (ctx_passed != NULL)
 		ctx=ctx_passed;
 	else
 		if ((ctx=BN_CTX_new()) == NULL) goto err;
 
+	if ((ctx2=BN_CTX_new()) == NULL) goto err;
+	if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
+
 	check=ctx->bn[ctx->tos++];
+
+	/* Setup the montgomery structure */
+	if (!BN_MONT_CTX_set(mont,a,ctx2)) goto err;
+
 	for (i=0; i<checks; i++)
 		{
 		if (!BN_rand(check,BN_num_bits(a)-1,0,0)) goto err;
-		j=witness(check,a,ctx);
+		j=witness(check,a,ctx,ctx2,mont);
 		if (j == -1) goto err;
 		if (j)
 			{
 			ret=0;
 			goto err;
 			}
-		if (callback != NULL) callback(1,c2++);
+		if (callback != NULL) callback(1,c2++,cb_arg);
 		}
 	ret=1;
 err:
 	ctx->tos--;
 	if ((ctx_passed == NULL) && (ctx != NULL))
 		BN_CTX_free(ctx);
+	if (ctx2 != NULL)
+		BN_CTX_free(ctx2);
+	if (mont != NULL) BN_MONT_CTX_free(mont);
 		
 	return(ret);
 	}
 
 #define RECP_MUL_MOD
 
-static int witness(a, n,ctx)
+static int witness(a,n,ctx,ctx2,mont)
 BIGNUM *a;
 BIGNUM *n;
-BN_CTX *ctx;
+BN_CTX *ctx,*ctx2;
+BN_MONT_CTX *mont;
 	{
-	int k,i,nb,ret= -1;
-	BIGNUM *d,*dd,*tmp;
-	BIGNUM *d1,*d2,*x,*n1,*inv;
+	int k,i,ret= -1,good;
+	BIGNUM *d,*dd,*tmp,*d1,*d2,*n1;
+	BIGNUM *mont_one,*mont_n1,*mont_a;
 
 	d1=ctx->bn[ctx->tos];
 	d2=ctx->bn[ctx->tos+1];
-	x=ctx->bn[ctx->tos+2];
-	n1=ctx->bn[ctx->tos+3];
-	inv=ctx->bn[ctx->tos+4];
-	ctx->tos+=5;
+	n1=ctx->bn[ctx->tos+2];
+	ctx->tos+=3;
+
+	mont_one=ctx2->bn[ctx2->tos];
+	mont_n1=ctx2->bn[ctx2->tos+1];
+	mont_a=ctx2->bn[ctx2->tos+2];
+	ctx2->tos+=3;
 
 	d=d1;
 	dd=d2;
@@ -220,34 +240,29 @@ BN_CTX *ctx;
 	if (!BN_sub(n1,n,d)) goto err; /* n1=n-1; */
 	k=BN_num_bits(n1);
 
-	/* i=BN_num_bits(n); */
-#ifdef RECP_MUL_MOD
-	nb=BN_reciprocal(inv,n,ctx); /**/
-	if (nb == -1) goto err;
-#endif
+	if (!BN_to_montgomery(mont_one,BN_value_one(),mont,ctx2)) goto err;
+	if (!BN_to_montgomery(mont_n1,n1,mont,ctx2)) goto err;
+	if (!BN_to_montgomery(mont_a,a,mont,ctx2)) goto err;
 
+	BN_copy(d,mont_one);
 	for (i=k-1; i>=0; i--)
 		{
-		if (BN_copy(x,d) == NULL) goto err;
-#ifndef RECP_MUL_MOD
-		if (!BN_mod_mul(dd,d,d,n,ctx)) goto err;
-#else
-		if (!BN_mod_mul_reciprocal(dd,d,d,n,inv,nb,ctx)) goto err;
-#endif
-		if (	BN_is_one(dd) &&
-			!BN_is_one(x) &&
-			(BN_cmp(x,n1) != 0))
+		if (	(BN_cmp(d,mont_one) != 0) &&
+			(BN_cmp(d,mont_n1) != 0))
+			good=1;
+		else
+			good=0;
+
+		BN_mod_mul_montgomery(dd,d,d,mont,ctx2);
+		
+		if (good && (BN_cmp(dd,mont_one) == 0))
 			{
 			ret=1;
 			goto err;
 			}
 		if (BN_is_bit_set(n1,i))
 			{
-#ifndef RECP_MUL_MOD
-			if (!BN_mod_mul(d,dd,a,n,ctx)) goto err;
-#else
-			if (!BN_mod_mul_reciprocal(d,dd,a,n,inv,nb,ctx)) goto err; 
-#endif
+			BN_mod_mul_montgomery(d,dd,mont_a,mont,ctx2);
 			}
 		else
 			{
@@ -256,12 +271,13 @@ BN_CTX *ctx;
 			dd=tmp;
 			}
 		}
-	if (BN_is_one(d))
+	if (BN_cmp(d,mont_one) == 0)
 		i=0;
 	else	i=1;
 	ret=i;
 err:
-	ctx->tos-=5;
+	ctx->tos-=3;
+	ctx2->tos-=3;
 	return(ret);
 	}
 
@@ -387,3 +403,71 @@ err:
 	return(ret);
 	}
 
+#if 0
+static int witness(a, n,ctx)
+BIGNUM *a;
+BIGNUM *n;
+BN_CTX *ctx;
+	{
+	int k,i,nb,ret= -1;
+	BIGNUM *d,*dd,*tmp;
+	BIGNUM *d1,*d2,*x,*n1,*inv;
+
+	d1=ctx->bn[ctx->tos];
+	d2=ctx->bn[ctx->tos+1];
+	x=ctx->bn[ctx->tos+2];
+	n1=ctx->bn[ctx->tos+3];
+	inv=ctx->bn[ctx->tos+4];
+	ctx->tos+=5;
+
+	d=d1;
+	dd=d2;
+	if (!BN_one(d)) goto err;
+	if (!BN_sub(n1,n,d)) goto err; /* n1=n-1; */
+	k=BN_num_bits(n1);
+
+	/* i=BN_num_bits(n); */
+#ifdef RECP_MUL_MOD
+	nb=BN_reciprocal(inv,n,ctx); /**/
+	if (nb == -1) goto err;
+#endif
+
+	for (i=k-1; i>=0; i--)
+		{
+		if (BN_copy(x,d) == NULL) goto err;
+#ifndef RECP_MUL_MOD
+		if (!BN_mod_mul(dd,d,d,n,ctx)) goto err;
+#else
+		if (!BN_mod_mul_reciprocal(dd,d,d,n,inv,nb,ctx)) goto err;
+#endif
+		if (	BN_is_one(dd) &&
+			!BN_is_one(x) &&
+			(BN_cmp(x,n1) != 0))
+			{
+			ret=1;
+			goto err;
+			}
+		if (BN_is_bit_set(n1,i))
+			{
+#ifndef RECP_MUL_MOD
+			if (!BN_mod_mul(d,dd,a,n,ctx)) goto err;
+#else
+			if (!BN_mod_mul_reciprocal(d,dd,a,n,inv,nb,ctx)) goto err; 
+#endif
+			}
+		else
+			{
+			tmp=d;
+			d=dd;
+			dd=tmp;
+			}
+		}
+	if (BN_is_one(d))
+		i=0;
+	else	i=1;
+	ret=i;
+err:
+	ctx->tos-=5;
+	return(ret);
+	}
+#endif
diff --git a/crypto/bn/bn_prime.h b/crypto/bn/bn_prime.h
index 1d6df587a8..6fce0210cd 100644
--- a/crypto/bn/bn_prime.h
+++ b/crypto/bn/bn_prime.h
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_prime.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c
index 36bc0d1430..2bcc11c852 100644
--- a/crypto/bn/bn_print.c
+++ b/crypto/bn/bn_print.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_print.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -65,7 +65,7 @@
 static char *Hex="0123456789ABCDEF";
 
 /* Must 'Free' the returned data */
-char *BN_bn2ascii(a)
+char *BN_bn2hex(a)
 BIGNUM *a;
 	{
 	int i,j,v,z=0;
@@ -75,7 +75,7 @@ BIGNUM *a;
 	buf=(char *)Malloc(a->top*BN_BYTES*2+2);
 	if (buf == NULL)
 		{
-		BNerr(BN_F_BN_BN2ASCII,ERR_R_MALLOC_FAILURE);
+		BNerr(BN_F_BN_BN2HEX,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
 	p=buf;
@@ -100,7 +100,63 @@ err:
 	return(buf);
 	}
 
-int BN_ascii2bn(bn,a)
+/* Must 'Free' the returned data */
+char *BN_bn2dec(a)
+BIGNUM *a;
+	{
+	int i=0,num;
+	char *buf=NULL;
+	char *p;
+	BIGNUM *t=NULL;
+	BN_ULONG *bn_data=NULL,*lp;
+
+	i=BN_num_bits(a)*3;
+	num=(i/10+i/1000+3)+1;
+	bn_data=(BN_ULONG *)Malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG));
+	buf=(char *)Malloc(num+3);
+	if ((buf == NULL) || (bn_data == NULL))
+		{
+		BNerr(BN_F_BN_BN2DEC,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	if ((t=BN_dup(a)) == NULL) goto err;
+
+	p=buf;
+	lp=bn_data;
+	if (t->neg) *(p++)='-';
+	if (t->top == 0)
+		{
+		*(p++)='0';
+		*(p++)='\0';
+		}
+	else
+		{
+		i=0;
+		while (!BN_is_zero(t))
+			{
+			*lp=BN_div_word(t,BN_DEC_CONV);
+			lp++;
+			}
+		lp--;
+		/* We now have a series of blocks, BN_DEC_NUM chars
+		 * in length, where the last one needs trucation.
+		 * The blocks need to be reversed in order. */
+		sprintf(p,BN_DEC_FMT1,*lp);
+		while (*p) p++;
+		while (lp != bn_data)
+			{
+			lp--;
+			sprintf(p,BN_DEC_FMT2,*lp);
+			while (*p) p++;
+			}
+		}
+err:
+	if (bn_data != NULL) Free(bn_data);
+	if (t != NULL) BN_free(t);
+	return(buf);
+	}
+
+int BN_hex2bn(bn,a)
 BIGNUM **bn;
 char *a;
 	{
@@ -168,9 +224,68 @@ err:
 	return(0);
 	}
 
+int BN_dec2bn(bn,a)
+BIGNUM **bn;
+char *a;
+	{
+	BIGNUM *ret=NULL;
+	BN_ULONG l=0;
+	int neg=0,i,j;
+	int num;
+
+	if ((a == NULL) || (*a == '\0')) return(0);
+	if (*a == '-') { neg=1; a++; }
+
+	for (i=0; isdigit(a[i]); i++)
+		;
+
+	num=i+neg;
+	if (bn == NULL) return(num);
+
+	/* a is the start of the digets, and it is 'i' long.
+	 * We chop it into BN_DEC_NUM digets at a time */
+	if (*bn == NULL)
+		{
+		if ((ret=BN_new()) == NULL) return(0);
+		}
+	else
+		{
+		ret= *bn;
+		BN_zero(ret);
+		}
+
+	/* i is the number of digests, a bit of an over expand; */
+	if (bn_expand(ret,i*4) == NULL) goto err;
+
+	j=BN_DEC_NUM-(i%BN_DEC_NUM);
+	if (j == BN_DEC_NUM) j=0;
+	l=0;
+	while (*a)
+		{
+		l*=10;
+		l+= *a-'0';
+		a++;
+		if (++j == BN_DEC_NUM)
+			{
+			BN_mul_word(ret,BN_DEC_CONV);
+			BN_add_word(ret,l);
+			l=0;
+			j=0;
+			}
+		}
+	ret->neg=neg;
+
+	bn_fix_top(ret);
+	*bn=ret;
+	return(num);
+err:
+	if (*bn == NULL) BN_free(ret);
+	return(0);
+	}
+
 #ifndef NO_BIO
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int BN_print_fp(fp, a)
 FILE *fp;
 BIGNUM *a;
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
index e3530a5bf2..75b6b0493b 100644
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_rand.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c
index fd9ca4dbf6..72cd69d3fc 100644
--- a/crypto/bn/bn_recp.c
+++ b/crypto/bn/bn_recp.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_recp.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/bn/bn_shift.c b/crypto/bn/bn_shift.c
index d711887373..944bf1794b 100644
--- a/crypto/bn/bn_shift.c
+++ b/crypto/bn/bn_shift.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_shift.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -70,12 +70,12 @@ BIGNUM *a;
 	if (r != a)
 		{
 		r->neg=a->neg;
-		if (bn_expand(r,(a->top+1)*BN_BITS2) == NULL) return(0);
+		if (bn_wexpand(r,a->top+1) == NULL) return(0);
 		r->top=a->top;
 		}
 	else
 		{
-		if (bn_expand(r,(a->top+1)*BN_BITS2) == NULL) return(0);
+		if (bn_wexpand(r,a->top+1) == NULL) return(0);
 		}
 	ap=a->d;
 	rp=r->d;
@@ -108,7 +108,7 @@ BIGNUM *a;
 		}
 	if (a != r)
 		{
-		if (bn_expand(r,a->top*BN_BITS2) == NULL) return(0);
+		if (bn_wexpand(r,a->top) == NULL) return(0);
 		r->top=a->top;
 		r->neg=a->neg;
 		}
@@ -135,7 +135,7 @@ int n;
 	BN_ULONG l;
 
 	r->neg=a->neg;
-	if (bn_expand(r,(a->top*BN_BITS2)+n) == NULL) return(0);
+	if (bn_wexpand(r,a->top+(n/BN_BITS2)+1) == NULL) return(0);
 	nw=n/BN_BITS2;
 	lb=n%BN_BITS2;
 	rb=BN_BITS2-lb;
@@ -180,7 +180,7 @@ int n;
 	if (r != a)
 		{
 		r->neg=a->neg;
-		if (bn_expand(r,(a->top-nw+1)*BN_BITS2) == NULL) return(0);
+		if (bn_wexpand(r,a->top-nw+1) == NULL) return(0);
 		}
 
 	f= &(a->d[nw]);
diff --git a/crypto/bn/bn_sqr.c b/crypto/bn/bn_sqr.c
index 4c3f0a0986..a8464610e5 100644
--- a/crypto/bn/bn_sqr.c
+++ b/crypto/bn/bn_sqr.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_sqr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -69,7 +69,7 @@ BN_CTX *ctx;
 	{
 	int i,j,max,al;
 	BIGNUM *tmp;
-	BN_ULONG *ap,*rp,c;
+	BN_ULONG *ap,*rp;
 
 	tmp=ctx->bn[ctx->tos];
 
@@ -81,8 +81,8 @@ BN_CTX *ctx;
 		}
 
 	max=(al*2);
-	if (bn_expand(r,max*BN_BITS2) == NULL) return(0);
-	if (bn_expand(tmp,max*BN_BITS2) == NULL) return(0);
+	if (bn_wexpand(r,1+max) == NULL) return(0);
+	if (bn_wexpand(tmp,1+max) == NULL) return(0);
 
 	r->neg=0;
 
@@ -95,7 +95,7 @@ BN_CTX *ctx;
 	if (--j > 0)
 		{
 		ap++;
-		rp[j]=bn_mul_word(rp,ap,j,ap[-1]);
+		rp[j]=bn_mul_words(rp,ap,j,ap[-1]);
 		rp+=2;
 		}
 
@@ -103,56 +103,17 @@ BN_CTX *ctx;
 		{
 		j--;
 		ap++;
-		rp[j]=bn_mul_add_word(rp,ap,j,ap[-1]);
+		rp[j]=bn_mul_add_words(rp,ap,j,ap[-1]);
 		rp+=2;
 		}
 
-	/* inlined shift, 2 words at once */
-	j=max;
-	rp=r->d;
-	c=0;
-	for (i=0; i<j; i++)
-		{
-		BN_ULONG t;
+	bn_add_words(r->d,r->d,r->d,max);
 
-		t= *rp;
-		*(rp++)=((t<<1)|c)&BN_MASK2;
-		c=(t & BN_TBIT)?1:0;
-
-#if 0
-		t= *rp;
-		*(rp++)=((t<<1)|c)&BN_MASK2;
-		c=(t & BN_TBIT)?1:0;
-#endif
-		}
-	/* there will not be a carry */
+	/* There will not be a carry */
 
 	bn_sqr_words(tmp->d,a->d,al);
 
-	/* inlined add */
-	ap=tmp->d;
-	rp=r->d;
-	c=0;
-	j=max;
-	for (i=0; i<j; i++)
-		{
-		BN_ULONG t1,t2;
-
-		t1= *(ap++);
-		t2= *rp;
-		if (c)
-			{
-			c=(t2 >= ((~t1)&BN_MASK2));
-			t2=(t1+t2+1)&BN_MASK2;
-			}
-		else
-			{
-			t2=(t1+t2)&BN_MASK2;
-			c=(t2<t1);
-			}
-		*(rp++)=t2;
-		}
-	/* there will be no carry */
+	bn_add_words(r->d,r->d,tmp->d,max);
 
 	r->top=max;
 	if (r->d[max-1] == 0) r->top--;
diff --git a/crypto/bn/bn_sub.c b/crypto/bn/bn_sub.c
index b0febc3421..bba80f8afb 100644
--- a/crypto/bn/bn_sub.c
+++ b/crypto/bn/bn_sub.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_sub.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -87,12 +87,12 @@ BIGNUM *b;
 		if (carry)
 			{
 			carry=(t1 <= t2);
-			t1=(t1-t2-1);
+			t1=(t1-t2-1)&BN_MASK2;
 			}
 		else
 			{
 			carry=(t1 < t2);
-			t1=(t1-t2);
+			t1=(t1-t2)&BN_MASK2;
 			}
 #if defined(IRIX_CC_BUG) && !defined(LINT)
 		dummy=t1;
@@ -110,9 +110,12 @@ BIGNUM *b;
 			if (t1 > t2) break;
 			}
 		}
+#if 0
 	memcpy(rp,ap,sizeof(*rp)*(max-i));
-/*	for (; i<max; i++)
-		*(rp++)= *(ap++);*/
+#else
+	for (; i<max; i++)
+		*(rp++)= *(ap++);
+#endif
 
 	r->top=max;
 	bn_fix_top(r);
@@ -146,8 +149,9 @@ BIGNUM *b;
 
 	if (add)
 		{
-		i=(a->top > b->top);
-	        if (bn_expand(r,(((i)?a->top:b->top)+1)*BN_BITS2) == NULL)
+		/* As a fast max size, do a a->top | b->top */
+		i=(a->top | b->top)+1;
+	        if (bn_wexpand(r,i) == NULL)
 			return(0);
 		if (i)
 			bn_qadd(r,a,b);
@@ -160,7 +164,7 @@ BIGNUM *b;
 	/* We are actually doing a - b :-) */
 
 	max=(a->top > b->top)?a->top:b->top;
-	if (bn_expand(r,max*BN_BITS2) == NULL) return(0);
+	if (bn_wexpand(r,max) == NULL) return(0);
 	if (BN_ucmp(a,b) < 0)
 		{
 		bn_qsub(r,b,a);
diff --git a/crypto/bn/bn_word.c b/crypto/bn/bn_word.c
index b61ddd95ce..4b3d0f011d 100644
--- a/crypto/bn/bn_word.c
+++ b/crypto/bn/bn_word.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bn_word.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -71,11 +71,12 @@ unsigned long w;
 #endif
 	int i;
 
+	w&=BN_MASK2;
 	for (i=a->top-1; i>=0; i--)
 		{
 #ifndef BN_LLONG
-		ret=((ret<<BN_BITS4)|((a->d[i]>>BN_BITS4)&BN_MASK2l))%(int)w;
-		ret=((ret<<BN_BITS4)|(a->d[i]&BN_MASK2l))%(int)w;
+		ret=((ret<<BN_BITS4)|((a->d[i]>>BN_BITS4)&BN_MASK2l))%(unsigned long)w;
+		ret=((ret<<BN_BITS4)|(a->d[i]&BN_MASK2l))%(unsigned long)w;
 #else
 		ret=(BN_ULLONG)(((ret<<(BN_ULLONG)BN_BITS2)|a->d[i])%
 			(BN_ULLONG)w);
@@ -93,18 +94,15 @@ unsigned long w;
 
 	if (a->top == 0) return(0);
 	ret=0;
+	w&=BN_MASK2;
 	for (i=a->top-1; i>=0; i--)
 		{
-#ifndef BN_LLONG
-		ret=((ret<<BN_BITS4)|((a->d[i]>>BN_BITS4)&BN_MASK2l))%(int)w;
-		ret=((ret<<BN_BITS4)|(a->d[i]&BN_MASK2l))%(int)w;
-#else
-		BN_ULLONG ll;
-
-		ll=((BN_ULLONG)ret<<(BN_ULONG)BN_BITS2)|a->d[i];
-		a->d[i]=(BN_ULONG)(ll/w);
-		ret=(BN_ULONG)(ll%w);
-#endif
+		BN_ULONG l,d;
+		
+		l=a->d[i];
+		d=bn_div64(ret,l,w);
+		ret=(l-((d*w)&BN_MASK2))&BN_MASK2;
+		a->d[i]=d;
 		}
 	if (a->d[a->top-1] == 0)
 		a->top--;
@@ -118,7 +116,16 @@ unsigned long w;
 	BN_ULONG l;
 	int i;
 
-	if (bn_expand(a,a->top*BN_BITS2+1) == NULL) return(0);
+	if (a->neg)
+		{
+		a->neg=0;
+		i=BN_sub_word(a,w);
+		if (!BN_is_zero(a))
+			a->neg=1;
+		return(i);
+		}
+	w&=BN_MASK2;
+	if (bn_wexpand(a,a->top+1) == NULL) return(0);
 	i=0;
 	for (;;)
 		{
@@ -135,21 +142,63 @@ unsigned long w;
 	return(1);
 	}
 
-#ifdef undef
-BN_ULONG *BN_mod_inverse_word(a)
-BN_ULONG a;
+int BN_sub_word(a, w)
+BIGNUM *a;
+unsigned long w;
 	{
-	BN_ULONG A,B,X,Y,M,D,R,RET,T;
-	int sign,hight=1;
+	int i;
 
-	X=0;
-	Y=1;
-	A=0;
-	B=a;
-	sign=1;
+	if (a->neg)
+		{
+		a->neg=0;
+		i=BN_add_word(a,w);
+		a->neg=1;
+		return(i);
+		}
 
-	while (B != 0)
+	w&=BN_MASK2;
+	if ((a->top == 1) && (a->d[0] < w))
+		{
+		a->d[0]=w-a->d[0];
+		a->neg=1;
+		return(1);
+		}
+	i=0;
+	for (;;)
 		{
+		if (a->d[i] >= w)
+			{
+			a->d[i]-=w;
+			break;
+			}
+		else
+			{
+			a->d[i]=(a->d[i]-w)&BN_MASK2;
+			i++;
+			w=1;
+			}
+		}
+	if ((a->d[i] == 0) && (i == (a->top-1)))
+		a->top--;
+	return(1);
+	}
 
-#endif
+int BN_mul_word(a,w)
+BIGNUM *a;
+unsigned long w;
+	{
+	BN_ULONG ll;
+
+	w&=BN_MASK2;
+	if (a->top)
+		{
+		ll=bn_mul_words(a->d,a->d,a->top,w);
+		if (ll)
+			{
+			if (bn_wexpand(a,a->top+1) == NULL) return(0);
+			a->d[a->top++]=ll;
+			}
+		}
+	return(0);
+	}
 
diff --git a/crypto/bn/bnspeed.c b/crypto/bn/bnspeed.c
index 3b83a26dea..f7c2790fff 100644
--- a/crypto/bn/bnspeed.c
+++ b/crypto/bn/bnspeed.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bnspeed.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -58,6 +58,7 @@
 
 /* most of this code has been pilfered from my libdes speed.c program */
 
+#define BASENUM	1000000
 #undef PROG
 #define PROG bnspeed_main
 
@@ -169,8 +170,8 @@ int s;
 	}
 
 #define NUM_SIZES	5
-/*static int sizes[NUM_SIZES]={256,512,1024,2048};*/
-static int sizes[NUM_SIZES]={59,179,299,419,539};
+static int sizes[NUM_SIZES]={128,256,512,1024,2048};
+/*static int sizes[NUM_SIZES]={59,179,299,419,539}; */
 
 void do_mul(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_CTX *ctx); 
 
@@ -198,34 +199,41 @@ BN_CTX *ctx;
 	{
 	int i,j,k;
 	double tm;
+	long num;
 
 	for (i=0; i<NUM_SIZES; i++)
 		{
+		num=BASENUM;
+		if (i) num/=(i*3);
 		BN_rand(a,sizes[i],1,0);
 		for (j=i; j<NUM_SIZES; j++)
 			{
 			BN_rand(b,sizes[j],1,0);
 			Time_F(START);
-			for (k=0; k<100000; k++)
+			for (k=0; k<num; k++)
 				BN_mul(r,b,a);
 			tm=Time_F(STOP);
-			printf("mul %3d x %3d -> %7.4f\n",sizes[i],sizes[j],tm/10.0);
+			printf("mul %4d x %4d -> %8.3fms\n",sizes[i],sizes[j],tm*1000.0/num);
 			}
 		}
 
 	for (i=0; i<NUM_SIZES; i++)
 		{
+		num=BASENUM;
+		if (i) num/=(i*3);
 		BN_rand(a,sizes[i],1,0);
 		Time_F(START);
-		for (k=0; k<100000; k++)
+		for (k=0; k<num; k++)
 			BN_sqr(r,a,ctx);
 		tm=Time_F(STOP);
-		printf("sqr %3d x %3d -> %7.4f\n",sizes[i],sizes[i],tm/10.0);
+		printf("sqr %4d x %4d -> %8.3fms\n",sizes[i],sizes[i],tm*1000.0/num);
 		}
 
 	for (i=0; i<NUM_SIZES; i++)
 		{
-		BN_rand(a,sizes[i],1,0);
+		num=BASENUM/10;
+		if (i) num/=(i*3);
+		BN_rand(a,sizes[i]-1,1,0);
 		for (j=i; j<NUM_SIZES; j++)
 			{
 			BN_rand(b,sizes[j],1,0);
@@ -233,7 +241,7 @@ BN_CTX *ctx;
 			for (k=0; k<100000; k++)
 				BN_div(r, NULL, b, a,ctx);
 			tm=Time_F(STOP);
-			printf("div %3d / %3d -> %7.4f\n",sizes[j],sizes[i],tm/10.0);
+			printf("div %4d / %4d -> %8.3fms\n",sizes[j],sizes[i]-1,tm*1000.0/num);
 			}
 		}
 	}
diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c
index 7a2f0b8d6d..9ebd68b429 100644
--- a/crypto/bn/bntest.c
+++ b/crypto/bn/bntest.c
@@ -1,5 +1,5 @@
 /* crypto/bn/bntest.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -59,15 +59,17 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#ifdef WIN16
-#define APPS_WIN16
-#endif
+#include "e_os.h"
 #include "bio.h"
 #include "bn.h"
 #include "rand.h"
 #include "x509.h"
 #include "err.h"
 
+#ifdef WINDOWS
+#include "../bio/bss_file.c"
+#endif
+
 #ifndef NOPROTO
 int test_add (BIO *bp);
 int test_sub (BIO *bp);
@@ -102,9 +104,9 @@ int rand_neg();
 
 static int results=0;
 
-#ifdef WIN16
+#ifdef NO_STDIO
 #define APPS_WIN16
-#include "../bio/bss_file.c"
+#include "bss_file.c"
 #endif
 
 int main(argc,argv)
@@ -178,20 +180,20 @@ char *argv[];
 	if (!test_rshift(out)) goto err;
 	fflush(stdout);
 
-	fprintf(stderr,"test BN_div\n");
-	if (!test_div(out,ctx)) goto err;
-	fflush(stdout);
-
-	fprintf(stderr,"test BN_mod\n");
-	if (!test_mod(out,ctx)) goto err;
+	fprintf(stderr,"test BN_sqr\n");
+	if (!test_sqr(out,ctx)) goto err;
 	fflush(stdout);
 
 	fprintf(stderr,"test BN_mul\n");
 	if (!test_mul(out)) goto err;
 	fflush(stdout);
 
-	fprintf(stderr,"test BN_sqr\n");
-	if (!test_sqr(out,ctx)) goto err;
+	fprintf(stderr,"test BN_div\n");
+	if (!test_div(out,ctx)) goto err;
+	fflush(stdout);
+
+	fprintf(stderr,"test BN_mod\n");
+	if (!test_mod(out,ctx)) goto err;
 	fflush(stdout);
 
 	fprintf(stderr,"test BN_mod_mul\n");
diff --git a/crypto/bn/expspeed.c b/crypto/bn/expspeed.c
new file mode 100644
index 0000000000..344f883d35
--- /dev/null
+++ b/crypto/bn/expspeed.c
@@ -0,0 +1,230 @@
+/* crypto/bn/expspeed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* most of this code has been pilfered from my libdes speed.c program */
+
+#define BASENUM	5000
+#undef PROG
+#define PROG bnspeed_main
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <string.h>
+#include "crypto.h"
+#include "err.h"
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+	time_t tms_utime;
+	time_t tms_stime;
+	time_t tms_uchild;	/* I dunno...  */
+	time_t tms_uchildsys;	/* so these names are a guess :-) */
+	}
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "bn.h"
+#include "x509.h"
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
+#   ifndef VMS
+#    define HZ	100.0
+#   else /* VMS */
+#    define HZ	100.0
+#   endif
+#  else /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#undef BUFSIZE
+#define BUFSIZE	((long)1024*8)
+int run=0;
+
+#ifndef NOPROTO
+static double Time_F(int s);
+#else
+static double Time_F();
+#endif
+
+#define START	0
+#define STOP	1
+
+static double Time_F(s)
+int s;
+	{
+	double ret;
+#ifdef TIMES
+	static struct tms tstart,tend;
+
+	if (s == START)
+		{
+		times(&tstart);
+		return(0);
+		}
+	else
+		{
+		times(&tend);
+		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+		return((ret < 1e-3)?1e-3:ret);
+		}
+#else /* !times() */
+	static struct timeb tstart,tend;
+	long i;
+
+	if (s == START)
+		{
+		ftime(&tstart);
+		return(0);
+		}
+	else
+		{
+		ftime(&tend);
+		i=(long)tend.millitm-(long)tstart.millitm;
+		ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+		return((ret < 0.001)?0.001:ret);
+		}
+#endif
+	}
+
+#define NUM_SIZES	6
+static int sizes[NUM_SIZES]={256,512,1024,2048,4096,8192};
+static int mul_c[NUM_SIZES]={8*8*8*8*8,8*8*8*8,8*8*8,8*8,8,1};
+/*static int sizes[NUM_SIZES]={59,179,299,419,539}; */
+
+void do_mul_exp(BIGNUM *r,BIGNUM *a,BIGNUM *b,BIGNUM *c,BN_CTX *ctx); 
+
+int main(argc,argv)
+int argc;
+char **argv;
+	{
+	BN_CTX *ctx;
+	BIGNUM *a,*b,*c,*r;
+
+	ctx=BN_CTX_new();
+	a=BN_new();
+	b=BN_new();
+	c=BN_new();
+	r=BN_new();
+
+	do_mul_exp(r,a,b,c,ctx);
+	}
+
+void do_mul_exp(r,a,b,c,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+BIGNUM *c;
+BN_CTX *ctx;
+	{
+	int i,k;
+	double tm;
+	long num;
+	BN_MONT_CTX m;
+
+	memset(&m,0,sizeof(m));
+
+	num=BASENUM;
+	for (i=0; i<NUM_SIZES; i++)
+		{
+		BN_rand(a,sizes[i],1,0);
+		BN_rand(b,sizes[i],1,0);
+		BN_rand(c,sizes[i],1,1);
+		BN_mod(a,a,c,ctx);
+		BN_mod(b,b,c,ctx);
+
+		BN_MONT_CTX_set(&m,c,ctx);
+
+		Time_F(START);
+		for (k=0; k<num; k++)
+			BN_mod_exp_mont(r,a,b,c,ctx,&m);
+		tm=Time_F(STOP);
+		printf("mul %4d ^ %4d %% %d -> %8.3fms %5.1f\n",sizes[i],sizes[i],sizes[i],tm*1000.0/num,tm*mul_c[i]/num);
+		num/=7;
+		if (num <= 0) num=1;
+		}
+
+	}
+
diff --git a/crypto/bn/exptest.c b/crypto/bn/exptest.c
index 4880df1116..67dc95d726 100644
--- a/crypto/bn/exptest.c
+++ b/crypto/bn/exptest.c
@@ -1,5 +1,5 @@
 /* crypto/bn/exptest.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -63,6 +63,9 @@
 #include "bn.h"
 #include "rand.h"
 #include "err.h"
+#ifdef WINDOWS
+#include "../bio/bss_file.c"
+#endif
 
 #define NUM_BITS	(BN_BITS*2)
 
@@ -87,11 +90,8 @@ char *argv[];
 		(a == NULL) || (b == NULL))
 		goto err;
 
-#ifdef WIN16
-	out=BIO_new(BIO_s_file_internal_w16());
-#else
 	out=BIO_new(BIO_s_file());
-#endif
+
 	if (out == NULL) exit(1);
 	BIO_set_fp(out,stdout,BIO_NOCLOSE);
 
@@ -112,7 +112,7 @@ char *argv[];
 		BN_mod(a,a,m,ctx);
 		BN_mod(b,b,m,ctx);
 
-		ret=BN_mod_exp_mont(r_mont,a,b,m,ctx);
+		ret=BN_mod_exp_mont(r_mont,a,b,m,ctx,NULL);
 		if (ret <= 0)
 			{ printf("BN_mod_exp_mont() problems\n"); exit(1); }
 
diff --git a/crypto/buffer/Makefile.ssl b/crypto/buffer/Makefile.ssl
index 35367933b3..a5f150e523 100644
--- a/crypto/buffer/Makefile.ssl
+++ b/crypto/buffer/Makefile.ssl
@@ -79,6 +79,6 @@ clean:
 
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/buffer/buf_err.c b/crypto/buffer/buf_err.c
index 8cb9f33056..ff988852cc 100644
--- a/crypto/buffer/buf_err.c
+++ b/crypto/buffer/buf_err.c
@@ -60,6 +60,7 @@
 #include "buffer.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA BUF_str_functs[]=
 	{
 {ERR_PACK(0,BUF_F_BUF_MEM_GROW,0),	"BUF_MEM_grow"},
@@ -69,13 +70,18 @@ static ERR_STRING_DATA BUF_str_functs[]=
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_BUF_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_BUF,BUF_str_functs);
+#endif
+
 		}
 	}
diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c
index df7e2fad2b..7e8af9e2fa 100644
--- a/crypto/buffer/buffer.c
+++ b/crypto/buffer/buffer.c
@@ -1,5 +1,5 @@
 /* crypto/buffer/buffer.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -94,7 +94,11 @@ int len;
 	char *ret;
 	unsigned int n;
 
-	if (str->length >= len) return(len);
+	if (str->length >= len)
+		{
+		str->length=len;
+		return(len);
+		}
 	if (str->max >= len)
 		{
 		memset(&(str->data[str->length]),0,len-str->length);
@@ -126,6 +130,8 @@ char *str;
 	char *ret;
 	int n;
 
+	if (str == NULL) return(NULL);
+
 	n=strlen(str);
 	ret=Malloc(n+1);
 	if (ret == NULL) 
diff --git a/crypto/buffer/buffer.h b/crypto/buffer/buffer.h
index 87c9071e49..417548c04a 100644
--- a/crypto/buffer/buffer.h
+++ b/crypto/buffer/buffer.h
@@ -1,5 +1,5 @@
 /* crypto/buffer/buffer.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -65,9 +65,9 @@ extern "C" {
 
 typedef struct buf_mem_st
 	{
-	int length;
+	int length;	/* current number of bytes */
 	char *data;
-	int max;
+	int max;	/* size of buffer */
 	} BUF_MEM;
 
 #ifndef NOPROTO
diff --git a/crypto/cast/Makefile.ssl b/crypto/cast/Makefile.ssl
new file mode 100644
index 0000000000..0143827ae5
--- /dev/null
+++ b/crypto/cast/Makefile.ssl
@@ -0,0 +1,109 @@
+#
+# SSLeay/crypto/cast/Makefile
+#
+
+DIR=	cast
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CAST_ENC=c_enc.o
+# or use
+#CAST_ENC=asm/cx86-elf.o
+#CAST_ENC=asm/cx86-out.o
+#CAST_ENC=asm/cx86-sol.o
+#CAST_ENC=asm/cx86bdsi.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=casttest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c 
+LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= cast.h
+HEADER=	cast_s.h cast_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+# elf
+asm/cx86-elf.o: asm/cx86unix.cpp
+	$(CPP) -DELF asm/cx86unix.cpp | as -o asm/cx86-elf.o
+
+# solaris
+asm/cx86-sol.o: asm/cx86unix.cpp
+	$(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
+	as -o asm/cx86-sol.o asm/cx86-sol.s
+	rm -f asm/cx86-sol.s
+
+# a.out
+asm/cx86-out.o: asm/cx86unix.cpp
+	$(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o
+
+# bsdi
+asm/cx86bsdi.o: asm/cx86unix.cpp
+	$(CPP) -DBSDI asm/cx86unix.cpp | as -o asm/cx86bsdi.o
+
+asm/cx86unix.cpp:
+	(cd asm; perl cast-586.pl cpp >cx86unix.cpp)
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/cast/Makefile.uni b/crypto/cast/Makefile.uni
new file mode 100644
index 0000000000..780073e75b
--- /dev/null
+++ b/crypto/cast/Makefile.uni
@@ -0,0 +1,123 @@
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+# make x86-elf  - linux-elf etc
+# make x86-out  - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+# There are 3 possible performance options, experiment :-)
+#OPTS= -DBF_PTR
+#OPTS= -DBF_PTR2
+OPTS=
+
+DIR=    cast
+TOP=    .
+CC=     gcc
+CFLAG=	-O3 -fomit-frame-pointer
+
+CPP=    $(CC) -E
+INCLUDES=
+INSTALLTOP=/usr/local/lib
+MAKE=           make
+MAKEDEPEND=     makedepend
+MAKEFILE=       Makefile.uni
+AR=             ar r
+
+CAST_ENC=c_enc.o
+# or use
+#CAST_ENC=asm/cx86-elf.o
+#CAST_ENC=asm/cx86-out.o
+#CAST_ENC=asm/cx86-sol.o
+#CAST_ENC=asm/cx86bdsi.o
+
+CFLAGS= $(OPTS) $(INCLUDES) $(CFLAG) -DFULL_TEST
+
+GENERAL=Makefile
+TEST=casttest
+APP1=cast_spd
+APP2=castopts
+APPS=$(APP1) $(APP2)
+
+LIB=libcast.a
+LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c
+LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= cast.h
+HEADER= cast_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+all:    $(LIB) $(TEST) $(APPS)
+
+$(LIB):    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/ranlib.sh $(LIB)
+# elf
+asm/cx86-elf.o: asm/cx86unix.cpp
+	$(CPP) -DELF asm/cx86unix.cpp | as -o asm/cx86-elf.o
+
+# solaris
+asm/cx86-sol.o: asm/cx86unix.cpp
+	$(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
+	as -o asm/cx86-sol.o asm/cx86-sol.s
+	rm -f asm/cx86-sol.s
+
+# a.out
+asm/cx86-out.o: asm/cx86unix.cpp
+	$(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o
+
+# bsdi
+asm/cx86bsdi.o: asm/cx86unix.cpp
+	$(CPP) -DBSDI asm/cx86unix.cpp | as -o asm/cx86bsdi.o
+
+asm/cx86unix.cpp:
+	(cd asm; perl cast-586.pl cpp >cx86unix.cpp)
+
+test:	$(TEST)
+	./$(TEST)
+
+$(TEST): $(TEST).c $(LIB)
+	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
+
+$(APP1): $(APP1).c $(LIB)
+	$(CC) -o $(APP1) $(CFLAGS) $(APP1).c $(LIB)
+
+$(APP2): $(APP2).c $(LIB)
+	$(CC) -o $(APP2) $(CFLAGS) $(APP2).c $(LIB)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+cc:
+	$(MAKE) CC="cc" CFLAG="-O" all
+
+gcc:
+	$(MAKE) CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
+
+x86-elf:
+	$(MAKE) CAST_ENC="asm/cx86-elf.o" CFLAG="-DELF $(CFLAGS)" all
+
+x86-out:
+	$(MAKE) CAST_ENC="asm/cx86-out.o" CFLAG="-DOUT $(CFLAGS)" all
+
+x86-solaris:
+	$(MAKE) CAST_ENC="asm/cx86-sol.o" CFLAG="-DSOL $(CFLAGS)" all
+
+x86-bdsi:
+	$(MAKE) CAST_ENC="asm/cx86-bdsi.o" CFLAG="-DBDSI $(CFLAGS)" all
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/cast/asm/c-win32.asm b/crypto/cast/asm/c-win32.asm
new file mode 100644
index 0000000000..a1d8a2671a
--- /dev/null
+++ b/crypto/cast/asm/c-win32.asm
@@ -0,0 +1,940 @@
+	; Don't even think of reading this code
+	; It was automatically generated by cast-586.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, BSDI,Win32, or Solaris
+	; eric <eay@cryptsoft.com>
+	; 
+	TITLE	cast-586.asm
+        .486
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_CAST_encrypt
+EXTERN	_CAST_S_table0:DWORD
+EXTERN	_CAST_S_table1:DWORD
+EXTERN	_CAST_S_table2:DWORD
+EXTERN	_CAST_S_table3:DWORD
+
+_CAST_encrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	mov	ebx,		DWORD PTR 12[esp]
+	mov	ebp,		DWORD PTR 16[esp]
+	push	esi
+	push	edi
+	; Load the 2 words
+	mov	edi,		DWORD PTR [ebx]
+	mov	esi,		DWORD PTR 4[ebx]
+	xor	eax,		eax
+	; round 0
+	mov	edx,		DWORD PTR [ebp]
+	mov	ecx,		DWORD PTR 4[ebp]
+	add	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	edi,		ecx
+	; round 1
+	mov	edx,		DWORD PTR 8[ebp]
+	mov	ecx,		DWORD PTR 12[ebp]
+	xor	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	esi,		ecx
+	; round 2
+	mov	edx,		DWORD PTR 16[ebp]
+	mov	ecx,		DWORD PTR 20[ebp]
+	sub	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	edi,		ecx
+	; round 3
+	mov	edx,		DWORD PTR 24[ebp]
+	mov	ecx,		DWORD PTR 28[ebp]
+	add	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	esi,		ecx
+	; round 4
+	mov	edx,		DWORD PTR 32[ebp]
+	mov	ecx,		DWORD PTR 36[ebp]
+	xor	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	edi,		ecx
+	; round 5
+	mov	edx,		DWORD PTR 40[ebp]
+	mov	ecx,		DWORD PTR 44[ebp]
+	sub	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	esi,		ecx
+	; round 6
+	mov	edx,		DWORD PTR 48[ebp]
+	mov	ecx,		DWORD PTR 52[ebp]
+	add	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	edi,		ecx
+	; round 7
+	mov	edx,		DWORD PTR 56[ebp]
+	mov	ecx,		DWORD PTR 60[ebp]
+	xor	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	esi,		ecx
+	; round 8
+	mov	edx,		DWORD PTR 64[ebp]
+	mov	ecx,		DWORD PTR 68[ebp]
+	sub	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	edi,		ecx
+	; round 9
+	mov	edx,		DWORD PTR 72[ebp]
+	mov	ecx,		DWORD PTR 76[ebp]
+	add	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	esi,		ecx
+	; round 10
+	mov	edx,		DWORD PTR 80[ebp]
+	mov	ecx,		DWORD PTR 84[ebp]
+	xor	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	edi,		ecx
+	; round 11
+	mov	edx,		DWORD PTR 88[ebp]
+	mov	ecx,		DWORD PTR 92[ebp]
+	sub	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	esi,		ecx
+	; round 12
+	mov	edx,		DWORD PTR 96[ebp]
+	mov	ecx,		DWORD PTR 100[ebp]
+	add	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	edi,		ecx
+	; round 13
+	mov	edx,		DWORD PTR 104[ebp]
+	mov	ecx,		DWORD PTR 108[ebp]
+	xor	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	esi,		ecx
+	; round 14
+	mov	edx,		DWORD PTR 112[ebp]
+	mov	ecx,		DWORD PTR 116[ebp]
+	sub	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	edi,		ecx
+	; round 15
+	mov	edx,		DWORD PTR 120[ebp]
+	mov	ecx,		DWORD PTR 124[ebp]
+	add	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	mov	eax,		DWORD PTR 20[esp]
+	xor	esi,		ecx
+	nop
+	mov	DWORD PTR 4[eax],edi
+	mov	DWORD PTR [eax],esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_CAST_encrypt ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_CAST_decrypt
+EXTERN	_CAST_S_table0:DWORD
+EXTERN	_CAST_S_table1:DWORD
+EXTERN	_CAST_S_table2:DWORD
+EXTERN	_CAST_S_table3:DWORD
+
+_CAST_decrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	mov	ebx,		DWORD PTR 12[esp]
+	mov	ebp,		DWORD PTR 16[esp]
+	push	esi
+	push	edi
+	; Load the 2 words
+	mov	edi,		DWORD PTR [ebx]
+	mov	esi,		DWORD PTR 4[ebx]
+	xor	eax,		eax
+	; round 15
+	mov	edx,		DWORD PTR 120[ebp]
+	mov	ecx,		DWORD PTR 124[ebp]
+	add	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	edi,		ecx
+	; round 14
+	mov	edx,		DWORD PTR 112[ebp]
+	mov	ecx,		DWORD PTR 116[ebp]
+	sub	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	esi,		ecx
+	; round 13
+	mov	edx,		DWORD PTR 104[ebp]
+	mov	ecx,		DWORD PTR 108[ebp]
+	xor	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	edi,		ecx
+	; round 12
+	mov	edx,		DWORD PTR 96[ebp]
+	mov	ecx,		DWORD PTR 100[ebp]
+	add	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	esi,		ecx
+	; round 11
+	mov	edx,		DWORD PTR 88[ebp]
+	mov	ecx,		DWORD PTR 92[ebp]
+	sub	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	edi,		ecx
+	; round 10
+	mov	edx,		DWORD PTR 80[ebp]
+	mov	ecx,		DWORD PTR 84[ebp]
+	xor	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	esi,		ecx
+	; round 9
+	mov	edx,		DWORD PTR 72[ebp]
+	mov	ecx,		DWORD PTR 76[ebp]
+	add	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	edi,		ecx
+	; round 8
+	mov	edx,		DWORD PTR 64[ebp]
+	mov	ecx,		DWORD PTR 68[ebp]
+	sub	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	esi,		ecx
+	; round 7
+	mov	edx,		DWORD PTR 56[ebp]
+	mov	ecx,		DWORD PTR 60[ebp]
+	xor	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	edi,		ecx
+	; round 6
+	mov	edx,		DWORD PTR 48[ebp]
+	mov	ecx,		DWORD PTR 52[ebp]
+	add	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	esi,		ecx
+	; round 5
+	mov	edx,		DWORD PTR 40[ebp]
+	mov	ecx,		DWORD PTR 44[ebp]
+	sub	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	edi,		ecx
+	; round 4
+	mov	edx,		DWORD PTR 32[ebp]
+	mov	ecx,		DWORD PTR 36[ebp]
+	xor	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	esi,		ecx
+	; round 3
+	mov	edx,		DWORD PTR 24[ebp]
+	mov	ecx,		DWORD PTR 28[ebp]
+	add	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	edi,		ecx
+	; round 2
+	mov	edx,		DWORD PTR 16[ebp]
+	mov	ecx,		DWORD PTR 20[ebp]
+	sub	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	esi,		ecx
+	; round 1
+	mov	edx,		DWORD PTR 8[ebp]
+	mov	ecx,		DWORD PTR 12[ebp]
+	xor	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	edi,		ecx
+	; round 0
+	mov	edx,		DWORD PTR [ebp]
+	mov	ecx,		DWORD PTR 4[ebp]
+	add	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	mov	eax,		DWORD PTR 20[esp]
+	xor	esi,		ecx
+	nop
+	mov	DWORD PTR 4[eax],edi
+	mov	DWORD PTR [eax],esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_CAST_decrypt ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_CAST_cbc_encrypt
+
+_CAST_cbc_encrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	mov	ebp,		DWORD PTR 28[esp]
+	; getting iv ptr from parameter 4
+	mov	ebx,		DWORD PTR 36[esp]
+	mov	esi,		DWORD PTR [ebx]
+	mov	edi,		DWORD PTR 4[ebx]
+	push	edi
+	push	esi
+	push	edi
+	push	esi
+	mov	ebx,		esp
+	mov	esi,		DWORD PTR 36[esp]
+	mov	edi,		DWORD PTR 40[esp]
+	; getting encrypt flag from parameter 5
+	mov	ecx,		DWORD PTR 56[esp]
+	; get and push parameter 3
+	mov	eax,		DWORD PTR 48[esp]
+	push	eax
+	push	ebx
+	cmp	ecx,		0
+	jz	$L000decrypt
+	and	ebp,		4294967288
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	jz	$L001encrypt_finish
+L002encrypt_loop:
+	mov	ecx,		DWORD PTR [esi]
+	mov	edx,		DWORD PTR 4[esi]
+	xor	eax,		ecx
+	xor	ebx,		edx
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_CAST_encrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR [edi],eax
+	mov	DWORD PTR 4[edi],ebx
+	add	esi,		8
+	add	edi,		8
+	sub	ebp,		8
+	jnz	L002encrypt_loop
+$L001encrypt_finish:
+	mov	ebp,		DWORD PTR 52[esp]
+	and	ebp,		7
+	jz	$L003finish
+	xor	ecx,		ecx
+	xor	edx,		edx
+	mov	ebp,		DWORD PTR $L004cbc_enc_jmp_table[ebp*4]
+	jmp	 ebp
+L005ej7:
+	xor	edx,		edx
+	mov	dh,		BYTE PTR 6[esi]
+	shl	edx,		8
+L006ej6:
+	mov	dh,		BYTE PTR 5[esi]
+L007ej5:
+	mov	dl,		BYTE PTR 4[esi]
+L008ej4:
+	mov	ecx,		DWORD PTR [esi]
+	jmp	$L009ejend
+L010ej3:
+	mov	ch,		BYTE PTR 2[esi]
+	xor	ecx,		ecx
+	shl	ecx,		8
+L011ej2:
+	mov	ch,		BYTE PTR 1[esi]
+L012ej1:
+	mov	cl,		BYTE PTR [esi]
+$L009ejend:
+	xor	eax,		ecx
+	xor	ebx,		edx
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_CAST_encrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR [edi],eax
+	mov	DWORD PTR 4[edi],ebx
+	jmp	$L003finish
+$L000decrypt:
+	and	ebp,		4294967288
+	mov	eax,		DWORD PTR 16[esp]
+	mov	ebx,		DWORD PTR 20[esp]
+	jz	$L013decrypt_finish
+L014decrypt_loop:
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_CAST_decrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	ecx,		DWORD PTR 16[esp]
+	mov	edx,		DWORD PTR 20[esp]
+	xor	ecx,		eax
+	xor	edx,		ebx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	mov	DWORD PTR [edi],ecx
+	mov	DWORD PTR 4[edi],edx
+	mov	DWORD PTR 16[esp],eax
+	mov	DWORD PTR 20[esp],ebx
+	add	esi,		8
+	add	edi,		8
+	sub	ebp,		8
+	jnz	L014decrypt_loop
+$L013decrypt_finish:
+	mov	ebp,		DWORD PTR 52[esp]
+	and	ebp,		7
+	jz	$L003finish
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_CAST_decrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	ecx,		DWORD PTR 16[esp]
+	mov	edx,		DWORD PTR 20[esp]
+	xor	ecx,		eax
+	xor	edx,		ebx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+L015dj7:
+	ror	edx,		16
+	mov	BYTE PTR 6[edi],dl
+	shr	edx,		16
+L016dj6:
+	mov	BYTE PTR 5[edi],dh
+L017dj5:
+	mov	BYTE PTR 4[edi],dl
+L018dj4:
+	mov	DWORD PTR [edi],ecx
+	jmp	$L019djend
+L020dj3:
+	ror	ecx,		16
+	mov	BYTE PTR 2[edi],cl
+	shl	ecx,		16
+L021dj2:
+	mov	BYTE PTR 1[esi],ch
+L022dj1:
+	mov	BYTE PTR [esi],	cl
+$L019djend:
+	jmp	$L003finish
+$L003finish:
+	mov	ecx,		DWORD PTR 60[esp]
+	add	esp,		24
+	mov	DWORD PTR [ecx],eax
+	mov	DWORD PTR 4[ecx],ebx
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+$L004cbc_enc_jmp_table:
+	DD	0
+	DD	L012ej1
+	DD	L011ej2
+	DD	L010ej3
+	DD	L008ej4
+	DD	L007ej5
+	DD	L006ej6
+	DD	L005ej7
+L023cbc_dec_jmp_table:
+	DD	0
+	DD	L022dj1
+	DD	L021dj2
+	DD	L020dj3
+	DD	L018dj4
+	DD	L017dj5
+	DD	L016dj6
+	DD	L015dj7
+_CAST_cbc_encrypt ENDP
+_TEXT	ENDS
+END
diff --git a/crypto/cast/asm/cast-586.pl b/crypto/cast/asm/cast-586.pl
new file mode 100644
index 0000000000..d6b6f19bea
--- /dev/null
+++ b/crypto/cast/asm/cast-586.pl
@@ -0,0 +1,167 @@
+#!/usr/local/bin/perl
+
+# define for pentium pro friendly version
+$ppro=1;
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+
+&asm_init($ARGV[0],"cast-586.pl");
+
+$CAST_ROUNDS=16;
+$L="edi";
+$R="esi";
+$K="ebp";
+$tmp1="ecx";
+$tmp2="ebx";
+$tmp3="eax";
+$tmp4="edx";
+$S1="CAST_S_table0";
+$S2="CAST_S_table1";
+$S3="CAST_S_table2";
+$S4="CAST_S_table3";
+
+@F1=("add","xor","sub");
+@F2=("xor","sub","add");
+@F3=("sub","add","xor");
+
+&CAST_encrypt("CAST_encrypt",1);
+&CAST_encrypt("CAST_decrypt",0);
+&cbc("CAST_cbc_encrypt","CAST_encrypt","CAST_decrypt",1,4,5,3,-1,-1);
+
+&asm_finish();
+
+sub CAST_encrypt
+	{
+	local($name,$enc)=@_;
+
+	local($win_ex)=<<"EOF";
+EXTERN	_CAST_S_table0:DWORD
+EXTERN	_CAST_S_table1:DWORD
+EXTERN	_CAST_S_table2:DWORD
+EXTERN	_CAST_S_table3:DWORD
+EOF
+	&main'external_label(
+		"CAST_S_table0",
+		"CAST_S_table1",
+		"CAST_S_table2",
+		"CAST_S_table3",
+		);
+
+	&function_begin_B($name,$win_ex);
+
+	&comment("");
+
+	&push("ebp");
+	&push("ebx");
+	&mov($tmp2,&wparam(0));
+	&mov($K,&wparam(1));
+	&push("esi");
+	&push("edi");
+
+	&comment("Load the 2 words");
+	&mov($L,&DWP(0,$tmp2,"",0));
+	&mov($R,&DWP(4,$tmp2,"",0));
+
+	&xor(	$tmp3,	$tmp3);
+
+	# encrypting part
+
+	if ($enc)
+		{
+		&E_CAST( 0,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 1,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 2,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 3,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 4,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 5,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 6,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 7,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 8,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 9,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST(10,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST(11,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST(12,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST(13,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST(14,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST(15,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4,1);
+		}
+	else
+		{
+		&E_CAST(15,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST(14,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST(13,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST(12,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST(11,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST(10,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 9,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 8,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 7,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 6,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 5,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 4,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 3,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 2,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 1,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+		&E_CAST( 0,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4,1);
+		}
+
+	&nop();
+	&mov(&DWP(4,$tmp3,"",0),$L);
+	&mov(&DWP(0,$tmp3,"",0),$R);
+	&function_end($name);
+	}
+
+sub E_CAST
+	{
+	local($i,$S,$L,$R,$K,$OP1,$OP2,$OP3,$tmp1,$tmp2,$tmp3,$tmp4,$lst)=@_;
+	# Ri needs to have 16 pre added.
+
+	&comment("round $i");
+	&mov(	$tmp4,		&DWP($i*8,$K,"",1));
+
+	&mov(	$tmp1,		&DWP($i*8+4,$K,"",1));# must be word
+	&$OP1(	$tmp4,		$R);
+
+	&rotl(	$tmp4,		&LB($tmp1));
+
+	if ($ppro)
+		{
+		&mov(	$tmp2,		$tmp4);		# B
+		&xor(	$tmp1,		$tmp1);
+
+		&movb(	&LB($tmp1),	&HB($tmp4));	# A
+		&and(	$tmp2,		0xff);
+
+		&shr(	$tmp4,		16); 		#
+		&xor(	$tmp3,		$tmp3);
+		}
+	else
+		{
+		&mov(	$tmp2,		$tmp4);		# B
+		&movb(	&LB($tmp1),	&HB($tmp4));	# A	# BAD BAD BAD
+
+		&shr(	$tmp4,		16); 		#
+		&and(	$tmp2,		0xff);
+		}
+
+	&movb(	&LB($tmp3),	&HB($tmp4));	# C	# BAD BAD BAD
+	&and(	$tmp4,		0xff);		# D
+
+	&mov(	$tmp1,		&DWP($S1,"",$tmp1,4));
+	&mov(	$tmp2,		&DWP($S2,"",$tmp2,4));
+
+	&$OP2(	$tmp1,		$tmp2);
+	&mov(	$tmp2,		&DWP($S3,"",$tmp3,4));
+
+	&$OP3(	$tmp1,		$tmp2);
+	&mov(	$tmp2,		&DWP($S4,"",$tmp4,4));
+
+	&$OP1(	$tmp1,		$tmp2);
+	 &mov($tmp3,&wparam(0)) if $lst;
+	 # XXX
+
+	&xor(	$L,		$tmp1);
+	 # XXX
+	}
diff --git a/crypto/cast/asm/cx86unix.cpp b/crypto/cast/asm/cx86unix.cpp
new file mode 100644
index 0000000000..035692a5af
--- /dev/null
+++ b/crypto/cast/asm/cx86unix.cpp
@@ -0,0 +1,1010 @@
+/* Run the C pre-processor over this file with one of the following defined
+ * ELF - elf object files,
+ * OUT - a.out object files,
+ * BSDI - BSDI style a.out object files
+ * SOL - Solaris style elf
+ */
+
+#define TYPE(a,b)       .type   a,b
+#define SIZE(a,b)       .size   a,b
+
+#if defined(OUT) || defined(BSDI)
+#define CAST_S_table0 _CAST_S_table0
+#define CAST_S_table1 _CAST_S_table1
+#define CAST_S_table2 _CAST_S_table2
+#define CAST_S_table3 _CAST_S_table3
+#define CAST_encrypt _CAST_encrypt
+#define CAST_S_table0 _CAST_S_table0
+#define CAST_S_table1 _CAST_S_table1
+#define CAST_S_table2 _CAST_S_table2
+#define CAST_S_table3 _CAST_S_table3
+#define CAST_decrypt _CAST_decrypt
+#define CAST_cbc_encrypt _CAST_cbc_encrypt
+
+#endif
+
+#ifdef OUT
+#define OK	1
+#define ALIGN	4
+#endif
+
+#ifdef BSDI
+#define OK              1
+#define ALIGN           4
+#undef SIZE
+#undef TYPE
+#define SIZE(a,b)
+#define TYPE(a,b)
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK              1
+#define ALIGN           16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+/* Let the Assembler begin :-) */
+	/* Don't even think of reading this code */
+	/* It was automatically generated by cast-586.pl */
+	/* Which is a perl program used to generate the x86 assember for */
+	/* any of elf, a.out, BSDI,Win32, or Solaris */
+	/* eric <eay@cryptsoft.com> */
+
+	.file	"cast-586.s"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align ALIGN
+.globl CAST_encrypt
+	TYPE(CAST_encrypt,@function)
+CAST_encrypt:
+
+	pushl	%ebp
+	pushl	%ebx
+	movl	12(%esp),	%ebx
+	movl	16(%esp),	%ebp
+	pushl	%esi
+	pushl	%edi
+	/* Load the 2 words */
+	movl	(%ebx),		%edi
+	movl	4(%ebx),	%esi
+	xorl	%eax,		%eax
+	/* round 0 */
+	movl	(%ebp),		%edx
+	movl	4(%ebp),	%ecx
+	addl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	addl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 1 */
+	movl	8(%ebp),	%edx
+	movl	12(%ebp),	%ecx
+	xorl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	xorl	%ebx,		%ecx
+	xorl	%ecx,		%esi
+	/* round 2 */
+	movl	16(%ebp),	%edx
+	movl	20(%ebp),	%ecx
+	subl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	subl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 3 */
+	movl	24(%ebp),	%edx
+	movl	28(%ebp),	%ecx
+	addl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	addl	%ebx,		%ecx
+	xorl	%ecx,		%esi
+	/* round 4 */
+	movl	32(%ebp),	%edx
+	movl	36(%ebp),	%ecx
+	xorl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	xorl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 5 */
+	movl	40(%ebp),	%edx
+	movl	44(%ebp),	%ecx
+	subl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	subl	%ebx,		%ecx
+	xorl	%ecx,		%esi
+	/* round 6 */
+	movl	48(%ebp),	%edx
+	movl	52(%ebp),	%ecx
+	addl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	addl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 7 */
+	movl	56(%ebp),	%edx
+	movl	60(%ebp),	%ecx
+	xorl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	xorl	%ebx,		%ecx
+	xorl	%ecx,		%esi
+	/* round 8 */
+	movl	64(%ebp),	%edx
+	movl	68(%ebp),	%ecx
+	subl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	subl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 9 */
+	movl	72(%ebp),	%edx
+	movl	76(%ebp),	%ecx
+	addl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	addl	%ebx,		%ecx
+	xorl	%ecx,		%esi
+	/* round 10 */
+	movl	80(%ebp),	%edx
+	movl	84(%ebp),	%ecx
+	xorl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	xorl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 11 */
+	movl	88(%ebp),	%edx
+	movl	92(%ebp),	%ecx
+	subl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	subl	%ebx,		%ecx
+	xorl	%ecx,		%esi
+	/* round 12 */
+	movl	96(%ebp),	%edx
+	movl	100(%ebp),	%ecx
+	addl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	addl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 13 */
+	movl	104(%ebp),	%edx
+	movl	108(%ebp),	%ecx
+	xorl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	xorl	%ebx,		%ecx
+	xorl	%ecx,		%esi
+	/* round 14 */
+	movl	112(%ebp),	%edx
+	movl	116(%ebp),	%ecx
+	subl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	subl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 15 */
+	movl	120(%ebp),	%edx
+	movl	124(%ebp),	%ecx
+	addl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	addl	%ebx,		%ecx
+	movl	20(%esp),	%eax
+	xorl	%ecx,		%esi
+	nop
+	movl	%edi,		4(%eax)
+	movl	%esi,		(%eax)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.CAST_encrypt_end:
+	SIZE(CAST_encrypt,.CAST_encrypt_end-CAST_encrypt)
+.ident	"CAST_encrypt"
+.text
+	.align ALIGN
+.globl CAST_decrypt
+	TYPE(CAST_decrypt,@function)
+CAST_decrypt:
+
+	pushl	%ebp
+	pushl	%ebx
+	movl	12(%esp),	%ebx
+	movl	16(%esp),	%ebp
+	pushl	%esi
+	pushl	%edi
+	/* Load the 2 words */
+	movl	(%ebx),		%edi
+	movl	4(%ebx),	%esi
+	xorl	%eax,		%eax
+	/* round 15 */
+	movl	120(%ebp),	%edx
+	movl	124(%ebp),	%ecx
+	addl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	addl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 14 */
+	movl	112(%ebp),	%edx
+	movl	116(%ebp),	%ecx
+	subl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	subl	%ebx,		%ecx
+	xorl	%ecx,		%esi
+	/* round 13 */
+	movl	104(%ebp),	%edx
+	movl	108(%ebp),	%ecx
+	xorl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	xorl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 12 */
+	movl	96(%ebp),	%edx
+	movl	100(%ebp),	%ecx
+	addl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	addl	%ebx,		%ecx
+	xorl	%ecx,		%esi
+	/* round 11 */
+	movl	88(%ebp),	%edx
+	movl	92(%ebp),	%ecx
+	subl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	subl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 10 */
+	movl	80(%ebp),	%edx
+	movl	84(%ebp),	%ecx
+	xorl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	xorl	%ebx,		%ecx
+	xorl	%ecx,		%esi
+	/* round 9 */
+	movl	72(%ebp),	%edx
+	movl	76(%ebp),	%ecx
+	addl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	addl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 8 */
+	movl	64(%ebp),	%edx
+	movl	68(%ebp),	%ecx
+	subl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	subl	%ebx,		%ecx
+	xorl	%ecx,		%esi
+	/* round 7 */
+	movl	56(%ebp),	%edx
+	movl	60(%ebp),	%ecx
+	xorl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	xorl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 6 */
+	movl	48(%ebp),	%edx
+	movl	52(%ebp),	%ecx
+	addl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	addl	%ebx,		%ecx
+	xorl	%ecx,		%esi
+	/* round 5 */
+	movl	40(%ebp),	%edx
+	movl	44(%ebp),	%ecx
+	subl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	subl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 4 */
+	movl	32(%ebp),	%edx
+	movl	36(%ebp),	%ecx
+	xorl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	xorl	%ebx,		%ecx
+	xorl	%ecx,		%esi
+	/* round 3 */
+	movl	24(%ebp),	%edx
+	movl	28(%ebp),	%ecx
+	addl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	addl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 2 */
+	movl	16(%ebp),	%edx
+	movl	20(%ebp),	%ecx
+	subl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	subl	%ebx,		%ecx
+	xorl	%ecx,		%esi
+	/* round 1 */
+	movl	8(%ebp),	%edx
+	movl	12(%ebp),	%ecx
+	xorl	%esi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	addl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	xorl	%ebx,		%ecx
+	xorl	%ecx,		%edi
+	/* round 0 */
+	movl	(%ebp),		%edx
+	movl	4(%ebp),	%ecx
+	addl	%edi,		%edx
+	roll	%cl,		%edx
+	movl	%edx,		%ebx
+	xorl	%ecx,		%ecx
+	movb	%dh,		%cl
+	andl	$255,		%ebx
+	shrl	$16,		%edx
+	xorl	%eax,		%eax
+	movb	%dh,		%al
+	andl	$255,		%edx
+	movl	CAST_S_table0(,%ecx,4),%ecx
+	movl	CAST_S_table1(,%ebx,4),%ebx
+	xorl	%ebx,		%ecx
+	movl	CAST_S_table2(,%eax,4),%ebx
+	subl	%ebx,		%ecx
+	movl	CAST_S_table3(,%edx,4),%ebx
+	addl	%ebx,		%ecx
+	movl	20(%esp),	%eax
+	xorl	%ecx,		%esi
+	nop
+	movl	%edi,		4(%eax)
+	movl	%esi,		(%eax)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.CAST_decrypt_end:
+	SIZE(CAST_decrypt,.CAST_decrypt_end-CAST_decrypt)
+.ident	"CAST_decrypt"
+.text
+	.align ALIGN
+.globl CAST_cbc_encrypt
+	TYPE(CAST_cbc_encrypt,@function)
+CAST_cbc_encrypt:
+
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	28(%esp),	%ebp
+	/* getting iv ptr from parameter 4 */
+	movl	36(%esp),	%ebx
+	movl	(%ebx),		%esi
+	movl	4(%ebx),	%edi
+	pushl	%edi
+	pushl	%esi
+	pushl	%edi
+	pushl	%esi
+	movl	%esp,		%ebx
+	movl	36(%esp),	%esi
+	movl	40(%esp),	%edi
+	/* getting encrypt flag from parameter 5 */
+	movl	56(%esp),	%ecx
+	/* get and push parameter 3 */
+	movl	48(%esp),	%eax
+	pushl	%eax
+	pushl	%ebx
+	cmpl	$0,		%ecx
+	jz	.L000decrypt
+	andl	$4294967288,	%ebp
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+	jz	.L001encrypt_finish
+.L002encrypt_loop:
+	movl	(%esi),		%ecx
+	movl	4(%esi),	%edx
+	xorl	%ecx,		%eax
+	xorl	%edx,		%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	%eax,		8(%esp)
+	movl	%ebx,		12(%esp)
+	call	CAST_encrypt
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	%eax,		(%edi)
+	movl	%ebx,		4(%edi)
+	addl	$8,		%esi
+	addl	$8,		%edi
+	subl	$8,		%ebp
+	jnz	.L002encrypt_loop
+.L001encrypt_finish:
+	movl	52(%esp),	%ebp
+	andl	$7,		%ebp
+	jz	.L003finish
+	xorl	%ecx,		%ecx
+	xorl	%edx,		%edx
+	movl	.L004cbc_enc_jmp_table(,%ebp,4),%ebp
+	jmp	*%ebp
+.L005ej7:
+	xorl	%edx,		%edx
+	movb	6(%esi),	%dh
+	sall	$8,		%edx
+.L006ej6:
+	movb	5(%esi),	%dh
+.L007ej5:
+	movb	4(%esi),	%dl
+.L008ej4:
+	movl	(%esi),		%ecx
+	jmp	.L009ejend
+.L010ej3:
+	movb	2(%esi),	%ch
+	xorl	%ecx,		%ecx
+	sall	$8,		%ecx
+.L011ej2:
+	movb	1(%esi),	%ch
+.L012ej1:
+	movb	(%esi),		%cl
+.L009ejend:
+	xorl	%ecx,		%eax
+	xorl	%edx,		%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	%eax,		8(%esp)
+	movl	%ebx,		12(%esp)
+	call	CAST_encrypt
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	%eax,		(%edi)
+	movl	%ebx,		4(%edi)
+	jmp	.L003finish
+.align ALIGN
+.L000decrypt:
+	andl	$4294967288,	%ebp
+	movl	16(%esp),	%eax
+	movl	20(%esp),	%ebx
+	jz	.L013decrypt_finish
+.L014decrypt_loop:
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	%eax,		8(%esp)
+	movl	%ebx,		12(%esp)
+	call	CAST_decrypt
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	16(%esp),	%ecx
+	movl	20(%esp),	%edx
+	xorl	%eax,		%ecx
+	xorl	%ebx,		%edx
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+	movl	%ecx,		(%edi)
+	movl	%edx,		4(%edi)
+	movl	%eax,		16(%esp)
+	movl	%ebx,		20(%esp)
+	addl	$8,		%esi
+	addl	$8,		%edi
+	subl	$8,		%ebp
+	jnz	.L014decrypt_loop
+.L013decrypt_finish:
+	movl	52(%esp),	%ebp
+	andl	$7,		%ebp
+	jz	.L003finish
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	%eax,		8(%esp)
+	movl	%ebx,		12(%esp)
+	call	CAST_decrypt
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+.byte 15
+.byte 200		/* bswapl  %eax */
+.byte 15
+.byte 203		/* bswapl  %ebx */
+	movl	16(%esp),	%ecx
+	movl	20(%esp),	%edx
+	xorl	%eax,		%ecx
+	xorl	%ebx,		%edx
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+.L015dj7:
+	rorl	$16,		%edx
+	movb	%dl,		6(%edi)
+	shrl	$16,		%edx
+.L016dj6:
+	movb	%dh,		5(%edi)
+.L017dj5:
+	movb	%dl,		4(%edi)
+.L018dj4:
+	movl	%ecx,		(%edi)
+	jmp	.L019djend
+.L020dj3:
+	rorl	$16,		%ecx
+	movb	%cl,		2(%edi)
+	sall	$16,		%ecx
+.L021dj2:
+	movb	%ch,		1(%esi)
+.L022dj1:
+	movb	%cl,		(%esi)
+.L019djend:
+	jmp	.L003finish
+.align ALIGN
+.L003finish:
+	movl	60(%esp),	%ecx
+	addl	$24,		%esp
+	movl	%eax,		(%ecx)
+	movl	%ebx,		4(%ecx)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align ALIGN
+.L004cbc_enc_jmp_table:
+	.long 0
+	.long .L012ej1
+	.long .L011ej2
+	.long .L010ej3
+	.long .L008ej4
+	.long .L007ej5
+	.long .L006ej6
+	.long .L005ej7
+.align ALIGN
+.L023cbc_dec_jmp_table:
+	.long 0
+	.long .L022dj1
+	.long .L021dj2
+	.long .L020dj3
+	.long .L018dj4
+	.long .L017dj5
+	.long .L016dj6
+	.long .L015dj7
+.CAST_cbc_encrypt_end:
+	SIZE(CAST_cbc_encrypt,.CAST_cbc_encrypt_end-CAST_cbc_encrypt)
+.ident	"desasm.pl"
diff --git a/crypto/cast/asm/readme b/crypto/cast/asm/readme
new file mode 100644
index 0000000000..fbcd76289e
--- /dev/null
+++ b/crypto/cast/asm/readme
@@ -0,0 +1,7 @@
+There is a ppro flag in cast-586 which turns on/off
+generation of pentium pro/II friendly code
+
+This flag makes the inner loop one cycle longer, but generates 
+code that runs %30 faster on the pentium pro/II, while only %7 slower
+on the pentium.  By default, this flag is on.
+
diff --git a/crypto/cast/c_cfb64.c b/crypto/cast/c_cfb64.c
new file mode 100644
index 0000000000..c46c375f75
--- /dev/null
+++ b/crypto/cast/c_cfb64.c
@@ -0,0 +1,127 @@
+/* crypto/cast/c_cfb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "cast.h"
+#include "cast_lcl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void CAST_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+CAST_KEY *schedule;
+unsigned char *ivec;
+int *num;
+int encrypt;
+	{
+	register CAST_LONG v0,v1,t;
+	register int n= *num;
+	register long l=length;
+	CAST_LONG ti[2];
+	unsigned char *iv,c,cc;
+
+	iv=(unsigned char *)ivec;
+	if (encrypt)
+		{
+		while (l--)
+			{
+			if (n == 0)
+				{
+				n2l(iv,v0); ti[0]=v0;
+				n2l(iv,v1); ti[1]=v1;
+				CAST_encrypt((CAST_LONG *)ti,schedule);
+				iv=(unsigned char *)ivec;
+				t=ti[0]; l2n(t,iv);
+				t=ti[1]; l2n(t,iv);
+				iv=(unsigned char *)ivec;
+				}
+			c= *(in++)^iv[n];
+			*(out++)=c;
+			iv[n]=c;
+			n=(n+1)&0x07;
+			}
+		}
+	else
+		{
+		while (l--)
+			{
+			if (n == 0)
+				{
+				n2l(iv,v0); ti[0]=v0;
+				n2l(iv,v1); ti[1]=v1;
+				CAST_encrypt((CAST_LONG *)ti,schedule);
+				iv=(unsigned char *)ivec;
+				t=ti[0]; l2n(t,iv);
+				t=ti[1]; l2n(t,iv);
+				iv=(unsigned char *)ivec;
+				}
+			cc= *(in++);
+			c=iv[n];
+			iv[n]=cc;
+			*(out++)=c^cc;
+			n=(n+1)&0x07;
+			}
+		}
+	v0=v1=ti[0]=ti[1]=t=c=cc=0;
+	*num=n;
+	}
+
diff --git a/crypto/cast/c_ecb.c b/crypto/cast/c_ecb.c
new file mode 100644
index 0000000000..f0f2f4df0e
--- /dev/null
+++ b/crypto/cast/c_ecb.c
@@ -0,0 +1,82 @@
+/* crypto/cast/c_ecb.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "cast.h"
+#include "cast_lcl.h"
+
+char *CAST_version="CAST part of SSLeay 0.9.0b 29-Jun-1998";
+
+void CAST_ecb_encrypt(in, out, ks, encrypt)
+unsigned char *in;
+unsigned char *out;
+CAST_KEY *ks;
+int encrypt;
+	{
+	CAST_LONG l,d[2];
+
+	n2l(in,l); d[0]=l;
+	n2l(in,l); d[1]=l;
+	if (encrypt)
+		CAST_encrypt(d,ks);
+	else
+		CAST_decrypt(d,ks);
+	l=d[0]; l2n(l,out);
+	l=d[1]; l2n(l,out);
+	l=d[0]=d[1]=0;
+	}
+
diff --git a/crypto/cast/c_enc.c b/crypto/cast/c_enc.c
new file mode 100644
index 0000000000..d998dd4953
--- /dev/null
+++ b/crypto/cast/c_enc.c
@@ -0,0 +1,210 @@
+/* crypto/cast/c_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "cast.h"
+#include "cast_lcl.h"
+
+void CAST_encrypt(data,key)
+CAST_LONG *data;
+CAST_KEY *key;
+	{
+	register CAST_LONG l,r,*k,t;
+
+	k= &(key->data[0]);
+	l=data[0];
+	r=data[1];
+
+	E_CAST( 0,k,l,r,+,^,-);
+	E_CAST( 1,k,r,l,^,-,+);
+	E_CAST( 2,k,l,r,-,+,^);
+	E_CAST( 3,k,r,l,+,^,-);
+	E_CAST( 4,k,l,r,^,-,+);
+	E_CAST( 5,k,r,l,-,+,^);
+	E_CAST( 6,k,l,r,+,^,-);
+	E_CAST( 7,k,r,l,^,-,+);
+	E_CAST( 8,k,l,r,-,+,^);
+	E_CAST( 9,k,r,l,+,^,-);
+	E_CAST(10,k,l,r,^,-,+);
+	E_CAST(11,k,r,l,-,+,^);
+	E_CAST(12,k,l,r,+,^,-);
+	E_CAST(13,k,r,l,^,-,+);
+	E_CAST(14,k,l,r,-,+,^);
+	E_CAST(15,k,r,l,+,^,-);
+
+	data[1]=l&0xffffffffL;
+	data[0]=r&0xffffffffL;
+	}
+
+void CAST_decrypt(data,key)
+CAST_LONG *data;
+CAST_KEY *key;
+	{
+	register CAST_LONG l,r,*k,t;
+
+	k= &(key->data[0]);
+	l=data[0];
+	r=data[1];
+
+	E_CAST(15,k,l,r,+,^,-);
+	E_CAST(14,k,r,l,-,+,^);
+	E_CAST(13,k,l,r,^,-,+);
+	E_CAST(12,k,r,l,+,^,-);
+	E_CAST(11,k,l,r,-,+,^);
+	E_CAST(10,k,r,l,^,-,+);
+	E_CAST( 9,k,l,r,+,^,-);
+	E_CAST( 8,k,r,l,-,+,^);
+	E_CAST( 7,k,l,r,^,-,+);
+	E_CAST( 6,k,r,l,+,^,-);
+	E_CAST( 5,k,l,r,-,+,^);
+	E_CAST( 4,k,r,l,^,-,+);
+	E_CAST( 3,k,l,r,+,^,-);
+	E_CAST( 2,k,r,l,-,+,^);
+	E_CAST( 1,k,l,r,^,-,+);
+	E_CAST( 0,k,r,l,+,^,-);
+
+	data[1]=l&0xffffffffL;
+	data[0]=r&0xffffffffL;
+	}
+
+void CAST_cbc_encrypt(in, out, length, ks, iv, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+CAST_KEY *ks;
+unsigned char *iv;
+int encrypt;
+	{
+	register CAST_LONG tin0,tin1;
+	register CAST_LONG tout0,tout1,xor0,xor1;
+	register long l=length;
+	CAST_LONG tin[2];
+
+	if (encrypt)
+		{
+		n2l(iv,tout0);
+		n2l(iv,tout1);
+		iv-=8;
+		for (l-=8; l>=0; l-=8)
+			{
+			n2l(in,tin0);
+			n2l(in,tin1);
+			tin0^=tout0;
+			tin1^=tout1;
+			tin[0]=tin0;
+			tin[1]=tin1;
+			CAST_encrypt(tin,ks);
+			tout0=tin[0];
+			tout1=tin[1];
+			l2n(tout0,out);
+			l2n(tout1,out);
+			}
+		if (l != -8)
+			{
+			n2ln(in,tin0,tin1,l+8);
+			tin0^=tout0;
+			tin1^=tout1;
+			tin[0]=tin0;
+			tin[1]=tin1;
+			CAST_encrypt(tin,ks);
+			tout0=tin[0];
+			tout1=tin[1];
+			l2n(tout0,out);
+			l2n(tout1,out);
+			}
+		l2n(tout0,iv);
+		l2n(tout1,iv);
+		}
+	else
+		{
+		n2l(iv,xor0);
+		n2l(iv,xor1);
+		iv-=8;
+		for (l-=8; l>=0; l-=8)
+			{
+			n2l(in,tin0);
+			n2l(in,tin1);
+			tin[0]=tin0;
+			tin[1]=tin1;
+			CAST_decrypt(tin,ks);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2n(tout0,out);
+			l2n(tout1,out);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		if (l != -8)
+			{
+			n2l(in,tin0);
+			n2l(in,tin1);
+			tin[0]=tin0;
+			tin[1]=tin1;
+			CAST_decrypt(tin,ks);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2nn(tout0,tout1,out,l+8);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		l2n(xor0,iv);
+		l2n(xor1,iv);
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	tin[0]=tin[1]=0;
+	}
+
diff --git a/crypto/cast/c_ofb64.c b/crypto/cast/c_ofb64.c
new file mode 100644
index 0000000000..2aad2d6d96
--- /dev/null
+++ b/crypto/cast/c_ofb64.c
@@ -0,0 +1,115 @@
+/* crypto/cast/c_ofb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "cast.h"
+#include "cast_lcl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void CAST_ofb64_encrypt(in, out, length, schedule, ivec, num)
+unsigned char *in;
+unsigned char *out;
+long length;
+CAST_KEY *schedule;
+unsigned char *ivec;
+int *num;
+	{
+	register CAST_LONG v0,v1,t;
+	register int n= *num;
+	register long l=length;
+	unsigned char d[8];
+	register char *dp;
+	CAST_LONG ti[2];
+	unsigned char *iv;
+	int save=0;
+
+	iv=(unsigned char *)ivec;
+	n2l(iv,v0);
+	n2l(iv,v1);
+	ti[0]=v0;
+	ti[1]=v1;
+	dp=(char *)d;
+	l2n(v0,dp);
+	l2n(v1,dp);
+	while (l--)
+		{
+		if (n == 0)
+			{
+			CAST_encrypt((CAST_LONG *)ti,schedule);
+			dp=(char *)d;
+			t=ti[0]; l2n(t,dp);
+			t=ti[1]; l2n(t,dp);
+			save++;
+			}
+		*(out++)= *(in++)^d[n];
+		n=(n+1)&0x07;
+		}
+	if (save)
+		{
+		v0=ti[0];
+		v1=ti[1];
+		iv=(unsigned char *)ivec;
+		l2n(v0,iv);
+		l2n(v1,iv);
+		}
+	t=v0=v1=ti[0]=ti[1]=0;
+	*num=n;
+	}
+
diff --git a/crypto/cast/c_skey.c b/crypto/cast/c_skey.c
new file mode 100644
index 0000000000..2fc3363dcd
--- /dev/null
+++ b/crypto/cast/c_skey.c
@@ -0,0 +1,165 @@
+/* crypto/cast/c_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "cast.h"
+#include "cast_lcl.h"
+#include "cast_s.h"
+
+#define CAST_exp(l,A,a,n) \
+	A[n/4]=l; \
+	a[n+3]=(l    )&0xff; \
+	a[n+2]=(l>> 8)&0xff; \
+	a[n+1]=(l>>16)&0xff; \
+	a[n+0]=(l>>24)&0xff;
+
+#define S4 CAST_S_table4
+#define S5 CAST_S_table5
+#define S6 CAST_S_table6
+#define S7 CAST_S_table7
+
+void CAST_set_key(key,len,data)
+CAST_KEY *key;
+int len;
+unsigned char *data;
+	{
+	CAST_LONG x[16];
+	CAST_LONG z[16];
+	CAST_LONG k[32];
+	CAST_LONG X[4],Z[4];
+	CAST_LONG l,*K;
+	int i;
+
+	for (i=0; i<16; i++) x[i]=0;
+	if (len > 16) len=16;
+	for (i=0; i<len; i++)
+		x[i]=data[i];
+
+	K= &k[0];
+	X[0]=((x[ 0]<<24)|(x[ 1]<<16)|(x[ 2]<<8)|x[ 3])&0xffffffffL;
+	X[1]=((x[ 4]<<24)|(x[ 5]<<16)|(x[ 6]<<8)|x[ 7])&0xffffffffL;
+	X[2]=((x[ 8]<<24)|(x[ 9]<<16)|(x[10]<<8)|x[11])&0xffffffffL;
+	X[3]=((x[12]<<24)|(x[13]<<16)|(x[14]<<8)|x[15])&0xffffffffL;
+
+	for (;;)
+		{
+	l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
+	CAST_exp(l,Z,z, 0);
+	l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
+	CAST_exp(l,Z,z, 4);
+	l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
+	CAST_exp(l,Z,z, 8);
+	l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
+	CAST_exp(l,Z,z,12);
+
+	K[ 0]= S4[z[ 8]]^S5[z[ 9]]^S6[z[ 7]]^S7[z[ 6]]^S4[z[ 2]];
+	K[ 1]= S4[z[10]]^S5[z[11]]^S6[z[ 5]]^S7[z[ 4]]^S5[z[ 6]];
+	K[ 2]= S4[z[12]]^S5[z[13]]^S6[z[ 3]]^S7[z[ 2]]^S6[z[ 9]];
+	K[ 3]= S4[z[14]]^S5[z[15]]^S6[z[ 1]]^S7[z[ 0]]^S7[z[12]];
+
+	l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
+	CAST_exp(l,X,x, 0);
+	l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
+	CAST_exp(l,X,x, 4);
+	l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
+	CAST_exp(l,X,x, 8);
+	l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
+	CAST_exp(l,X,x,12);
+
+	K[ 4]= S4[x[ 3]]^S5[x[ 2]]^S6[x[12]]^S7[x[13]]^S4[x[ 8]];
+	K[ 5]= S4[x[ 1]]^S5[x[ 0]]^S6[x[14]]^S7[x[15]]^S5[x[13]];
+	K[ 6]= S4[x[ 7]]^S5[x[ 6]]^S6[x[ 8]]^S7[x[ 9]]^S6[x[ 3]];
+	K[ 7]= S4[x[ 5]]^S5[x[ 4]]^S6[x[10]]^S7[x[11]]^S7[x[ 7]];
+
+	l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
+	CAST_exp(l,Z,z, 0);
+	l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
+	CAST_exp(l,Z,z, 4);
+	l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
+	CAST_exp(l,Z,z, 8);
+	l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
+	CAST_exp(l,Z,z,12);
+
+	K[ 8]= S4[z[ 3]]^S5[z[ 2]]^S6[z[12]]^S7[z[13]]^S4[z[ 9]];
+	K[ 9]= S4[z[ 1]]^S5[z[ 0]]^S6[z[14]]^S7[z[15]]^S5[z[12]];
+	K[10]= S4[z[ 7]]^S5[z[ 6]]^S6[z[ 8]]^S7[z[ 9]]^S6[z[ 2]];
+	K[11]= S4[z[ 5]]^S5[z[ 4]]^S6[z[10]]^S7[z[11]]^S7[z[ 6]];
+
+	l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
+	CAST_exp(l,X,x, 0);
+	l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
+	CAST_exp(l,X,x, 4);
+	l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
+	CAST_exp(l,X,x, 8);
+	l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
+	CAST_exp(l,X,x,12);
+
+	K[12]= S4[x[ 8]]^S5[x[ 9]]^S6[x[ 7]]^S7[x[ 6]]^S4[x[ 3]];
+	K[13]= S4[x[10]]^S5[x[11]]^S6[x[ 5]]^S7[x[ 4]]^S5[x[ 7]];
+	K[14]= S4[x[12]]^S5[x[13]]^S6[x[ 3]]^S7[x[ 2]]^S6[x[ 8]];
+	K[15]= S4[x[14]]^S5[x[15]]^S6[x[ 1]]^S7[x[ 0]]^S7[x[13]];
+	if (K != k)  break;
+	K+=16;
+		}
+
+	for (i=0; i<16; i++)
+		{
+		key->data[i*2]=k[i];
+		key->data[i*2+1]=((k[i+16])+16)&0x1f;
+		}
+	}
+
diff --git a/crypto/cast/cast.h b/crypto/cast/cast.h
new file mode 100644
index 0000000000..528cb7c824
--- /dev/null
+++ b/crypto/cast/cast.h
@@ -0,0 +1,109 @@
+/* crypto/cast/cast.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CAST_H
+#define HEADER_CAST_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define CAST_ENCRYPT	1
+#define CAST_DECRYPT	0
+
+#define CAST_LONG unsigned long
+
+#define CAST_BLOCK	8
+#define CAST_KEY_LENGTH	16
+
+typedef struct cast_key_st
+	{
+	CAST_LONG data[32];
+	} CAST_KEY;
+
+#ifndef NOPROTO
+ 
+void CAST_set_key(CAST_KEY *key, int len, unsigned char *data);
+void CAST_ecb_encrypt(unsigned char *in,unsigned char *out,CAST_KEY *key,
+	int enc);
+void CAST_encrypt(CAST_LONG *data,CAST_KEY *key);
+void CAST_decrypt(CAST_LONG *data,CAST_KEY *key);
+void CAST_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+	CAST_KEY *ks, unsigned char *iv, int enc);
+void CAST_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	CAST_KEY *schedule, unsigned char *ivec, int *num, int enc);
+void CAST_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	CAST_KEY *schedule, unsigned char *ivec, int *num);
+
+#else
+
+void CAST_set_key();
+void CAST_ecb_encrypt();
+void CAST_encrypt();
+void CAST_decrypt();
+void CAST_cbc_encrypt();
+void CAST_cfb64_encrypt();
+void CAST_ofb64_encrypt();
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/cast/cast_lcl.h b/crypto/cast/cast_lcl.h
new file mode 100644
index 0000000000..6587952a96
--- /dev/null
+++ b/crypto/cast/cast_lcl.h
@@ -0,0 +1,224 @@
+/* crypto/cast/cast_lcl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifdef WIN32
+#include <stdlib.h>
+#endif
+
+#undef c2l
+#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
+			 l|=((unsigned long)(*((c)++)))<< 8L, \
+			 l|=((unsigned long)(*((c)++)))<<16L, \
+			 l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+			case 5: l2|=((unsigned long)(*(--(c))));     \
+			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+			case 1: l1|=((unsigned long)(*(--(c))));     \
+				} \
+			}
+
+#undef l2c
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+				} \
+			}
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))    ; \
+			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+			case 4: l1 =((unsigned long)(*(--(c))))    ; \
+			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+				} \
+			}
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+				} \
+			}
+
+#undef n2l
+#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
+#if defined(WIN32)
+#define ROTL(a,n)     (_lrotl(a,n))
+#else
+#define ROTL(a,n)     ((((a)<<(n))&0xffffffffL)|((a)>>(32-(n))))
+#endif
+
+#define C_M    0x3fc
+#define C_0    22L
+#define C_1    14L
+#define C_2     6L
+#define C_3     2L /* left shift */
+
+/* The rotate has an extra 16 added to it to help the x86 asm */
+#if defined(CAST_PTR)
+#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+	{ \
+	int i; \
+	t=(key[n*2] OP1 R)&0xffffffffL; \
+	i=key[n*2+1]; \
+	t=ROTL(t,i); \
+	L^= (((((*(CAST_LONG *)((unsigned char *) \
+			CAST_S_table0+((t>>C_2)&C_M)) OP2 \
+		*(CAST_LONG *)((unsigned char *) \
+			CAST_S_table1+((t<<C_3)&C_M)))&0xffffffffL) OP3 \
+		*(CAST_LONG *)((unsigned char *) \
+			CAST_S_table2+((t>>C_0)&C_M)))&0xffffffffL) OP1 \
+		*(CAST_LONG *)((unsigned char *) \
+			CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \
+	}
+#elif defined(CAST_PTR2)
+#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+	{ \
+	int i; \
+	CAST_LONG u,v,w; \
+	w=(key[n*2] OP1 R)&0xffffffffL; \
+	i=key[n*2+1]; \
+	w=ROTL(w,i); \
+	u=w>>C_2; \
+	v=w<<C_3; \
+	u&=C_M; \
+	v&=C_M; \
+	t= *(CAST_LONG *)((unsigned char *)CAST_S_table0+u); \
+	u=w>>C_0; \
+	t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\
+	v=w>>C_1; \
+	u&=C_M; \
+	v&=C_M; \
+	t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\
+	t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\
+	L^=(t&0xffffffff); \
+	}
+#else
+#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+	{ \
+	CAST_LONG a,b,c,d; \
+	t=(key[n*2] OP1 R)&0xffffffff; \
+	t=ROTL(t,(key[n*2+1])); \
+	a=CAST_S_table0[(t>> 8)&0xff]; \
+	b=CAST_S_table1[(t    )&0xff]; \
+	c=CAST_S_table2[(t>>24)&0xff]; \
+	d=CAST_S_table3[(t>>16)&0xff]; \
+	L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \
+	}
+#endif
+
+extern CAST_LONG CAST_S_table0[256];
+extern CAST_LONG CAST_S_table1[256];
+extern CAST_LONG CAST_S_table2[256];
+extern CAST_LONG CAST_S_table3[256];
+extern CAST_LONG CAST_S_table4[256];
+extern CAST_LONG CAST_S_table5[256];
+extern CAST_LONG CAST_S_table6[256];
+extern CAST_LONG CAST_S_table7[256];
+
diff --git a/crypto/cast/cast_s.h b/crypto/cast/cast_s.h
new file mode 100644
index 0000000000..8fe0152149
--- /dev/null
+++ b/crypto/cast/cast_s.h
@@ -0,0 +1,585 @@
+/* crypto/cast/cast_s.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+CAST_LONG CAST_S_table0[256]={
+	0x30fb40d4,0x9fa0ff0b,0x6beccd2f,0x3f258c7a,
+	0x1e213f2f,0x9c004dd3,0x6003e540,0xcf9fc949,
+	0xbfd4af27,0x88bbbdb5,0xe2034090,0x98d09675,
+	0x6e63a0e0,0x15c361d2,0xc2e7661d,0x22d4ff8e,
+	0x28683b6f,0xc07fd059,0xff2379c8,0x775f50e2,
+	0x43c340d3,0xdf2f8656,0x887ca41a,0xa2d2bd2d,
+	0xa1c9e0d6,0x346c4819,0x61b76d87,0x22540f2f,
+	0x2abe32e1,0xaa54166b,0x22568e3a,0xa2d341d0,
+	0x66db40c8,0xa784392f,0x004dff2f,0x2db9d2de,
+	0x97943fac,0x4a97c1d8,0x527644b7,0xb5f437a7,
+	0xb82cbaef,0xd751d159,0x6ff7f0ed,0x5a097a1f,
+	0x827b68d0,0x90ecf52e,0x22b0c054,0xbc8e5935,
+	0x4b6d2f7f,0x50bb64a2,0xd2664910,0xbee5812d,
+	0xb7332290,0xe93b159f,0xb48ee411,0x4bff345d,
+	0xfd45c240,0xad31973f,0xc4f6d02e,0x55fc8165,
+	0xd5b1caad,0xa1ac2dae,0xa2d4b76d,0xc19b0c50,
+	0x882240f2,0x0c6e4f38,0xa4e4bfd7,0x4f5ba272,
+	0x564c1d2f,0xc59c5319,0xb949e354,0xb04669fe,
+	0xb1b6ab8a,0xc71358dd,0x6385c545,0x110f935d,
+	0x57538ad5,0x6a390493,0xe63d37e0,0x2a54f6b3,
+	0x3a787d5f,0x6276a0b5,0x19a6fcdf,0x7a42206a,
+	0x29f9d4d5,0xf61b1891,0xbb72275e,0xaa508167,
+	0x38901091,0xc6b505eb,0x84c7cb8c,0x2ad75a0f,
+	0x874a1427,0xa2d1936b,0x2ad286af,0xaa56d291,
+	0xd7894360,0x425c750d,0x93b39e26,0x187184c9,
+	0x6c00b32d,0x73e2bb14,0xa0bebc3c,0x54623779,
+	0x64459eab,0x3f328b82,0x7718cf82,0x59a2cea6,
+	0x04ee002e,0x89fe78e6,0x3fab0950,0x325ff6c2,
+	0x81383f05,0x6963c5c8,0x76cb5ad6,0xd49974c9,
+	0xca180dcf,0x380782d5,0xc7fa5cf6,0x8ac31511,
+	0x35e79e13,0x47da91d0,0xf40f9086,0xa7e2419e,
+	0x31366241,0x051ef495,0xaa573b04,0x4a805d8d,
+	0x548300d0,0x00322a3c,0xbf64cddf,0xba57a68e,
+	0x75c6372b,0x50afd341,0xa7c13275,0x915a0bf5,
+	0x6b54bfab,0x2b0b1426,0xab4cc9d7,0x449ccd82,
+	0xf7fbf265,0xab85c5f3,0x1b55db94,0xaad4e324,
+	0xcfa4bd3f,0x2deaa3e2,0x9e204d02,0xc8bd25ac,
+	0xeadf55b3,0xd5bd9e98,0xe31231b2,0x2ad5ad6c,
+	0x954329de,0xadbe4528,0xd8710f69,0xaa51c90f,
+	0xaa786bf6,0x22513f1e,0xaa51a79b,0x2ad344cc,
+	0x7b5a41f0,0xd37cfbad,0x1b069505,0x41ece491,
+	0xb4c332e6,0x032268d4,0xc9600acc,0xce387e6d,
+	0xbf6bb16c,0x6a70fb78,0x0d03d9c9,0xd4df39de,
+	0xe01063da,0x4736f464,0x5ad328d8,0xb347cc96,
+	0x75bb0fc3,0x98511bfb,0x4ffbcc35,0xb58bcf6a,
+	0xe11f0abc,0xbfc5fe4a,0xa70aec10,0xac39570a,
+	0x3f04442f,0x6188b153,0xe0397a2e,0x5727cb79,
+	0x9ceb418f,0x1cacd68d,0x2ad37c96,0x0175cb9d,
+	0xc69dff09,0xc75b65f0,0xd9db40d8,0xec0e7779,
+	0x4744ead4,0xb11c3274,0xdd24cb9e,0x7e1c54bd,
+	0xf01144f9,0xd2240eb1,0x9675b3fd,0xa3ac3755,
+	0xd47c27af,0x51c85f4d,0x56907596,0xa5bb15e6,
+	0x580304f0,0xca042cf1,0x011a37ea,0x8dbfaadb,
+	0x35ba3e4a,0x3526ffa0,0xc37b4d09,0xbc306ed9,
+	0x98a52666,0x5648f725,0xff5e569d,0x0ced63d0,
+	0x7c63b2cf,0x700b45e1,0xd5ea50f1,0x85a92872,
+	0xaf1fbda7,0xd4234870,0xa7870bf3,0x2d3b4d79,
+	0x42e04198,0x0cd0ede7,0x26470db8,0xf881814c,
+	0x474d6ad7,0x7c0c5e5c,0xd1231959,0x381b7298,
+	0xf5d2f4db,0xab838653,0x6e2f1e23,0x83719c9e,
+	0xbd91e046,0x9a56456e,0xdc39200c,0x20c8c571,
+	0x962bda1c,0xe1e696ff,0xb141ab08,0x7cca89b9,
+	0x1a69e783,0x02cc4843,0xa2f7c579,0x429ef47d,
+	0x427b169c,0x5ac9f049,0xdd8f0f00,0x5c8165bf,
+	};
+CAST_LONG CAST_S_table1[256]={
+	0x1f201094,0xef0ba75b,0x69e3cf7e,0x393f4380,
+	0xfe61cf7a,0xeec5207a,0x55889c94,0x72fc0651,
+	0xada7ef79,0x4e1d7235,0xd55a63ce,0xde0436ba,
+	0x99c430ef,0x5f0c0794,0x18dcdb7d,0xa1d6eff3,
+	0xa0b52f7b,0x59e83605,0xee15b094,0xe9ffd909,
+	0xdc440086,0xef944459,0xba83ccb3,0xe0c3cdfb,
+	0xd1da4181,0x3b092ab1,0xf997f1c1,0xa5e6cf7b,
+	0x01420ddb,0xe4e7ef5b,0x25a1ff41,0xe180f806,
+	0x1fc41080,0x179bee7a,0xd37ac6a9,0xfe5830a4,
+	0x98de8b7f,0x77e83f4e,0x79929269,0x24fa9f7b,
+	0xe113c85b,0xacc40083,0xd7503525,0xf7ea615f,
+	0x62143154,0x0d554b63,0x5d681121,0xc866c359,
+	0x3d63cf73,0xcee234c0,0xd4d87e87,0x5c672b21,
+	0x071f6181,0x39f7627f,0x361e3084,0xe4eb573b,
+	0x602f64a4,0xd63acd9c,0x1bbc4635,0x9e81032d,
+	0x2701f50c,0x99847ab4,0xa0e3df79,0xba6cf38c,
+	0x10843094,0x2537a95e,0xf46f6ffe,0xa1ff3b1f,
+	0x208cfb6a,0x8f458c74,0xd9e0a227,0x4ec73a34,
+	0xfc884f69,0x3e4de8df,0xef0e0088,0x3559648d,
+	0x8a45388c,0x1d804366,0x721d9bfd,0xa58684bb,
+	0xe8256333,0x844e8212,0x128d8098,0xfed33fb4,
+	0xce280ae1,0x27e19ba5,0xd5a6c252,0xe49754bd,
+	0xc5d655dd,0xeb667064,0x77840b4d,0xa1b6a801,
+	0x84db26a9,0xe0b56714,0x21f043b7,0xe5d05860,
+	0x54f03084,0x066ff472,0xa31aa153,0xdadc4755,
+	0xb5625dbf,0x68561be6,0x83ca6b94,0x2d6ed23b,
+	0xeccf01db,0xa6d3d0ba,0xb6803d5c,0xaf77a709,
+	0x33b4a34c,0x397bc8d6,0x5ee22b95,0x5f0e5304,
+	0x81ed6f61,0x20e74364,0xb45e1378,0xde18639b,
+	0x881ca122,0xb96726d1,0x8049a7e8,0x22b7da7b,
+	0x5e552d25,0x5272d237,0x79d2951c,0xc60d894c,
+	0x488cb402,0x1ba4fe5b,0xa4b09f6b,0x1ca815cf,
+	0xa20c3005,0x8871df63,0xb9de2fcb,0x0cc6c9e9,
+	0x0beeff53,0xe3214517,0xb4542835,0x9f63293c,
+	0xee41e729,0x6e1d2d7c,0x50045286,0x1e6685f3,
+	0xf33401c6,0x30a22c95,0x31a70850,0x60930f13,
+	0x73f98417,0xa1269859,0xec645c44,0x52c877a9,
+	0xcdff33a6,0xa02b1741,0x7cbad9a2,0x2180036f,
+	0x50d99c08,0xcb3f4861,0xc26bd765,0x64a3f6ab,
+	0x80342676,0x25a75e7b,0xe4e6d1fc,0x20c710e6,
+	0xcdf0b680,0x17844d3b,0x31eef84d,0x7e0824e4,
+	0x2ccb49eb,0x846a3bae,0x8ff77888,0xee5d60f6,
+	0x7af75673,0x2fdd5cdb,0xa11631c1,0x30f66f43,
+	0xb3faec54,0x157fd7fa,0xef8579cc,0xd152de58,
+	0xdb2ffd5e,0x8f32ce19,0x306af97a,0x02f03ef8,
+	0x99319ad5,0xc242fa0f,0xa7e3ebb0,0xc68e4906,
+	0xb8da230c,0x80823028,0xdcdef3c8,0xd35fb171,
+	0x088a1bc8,0xbec0c560,0x61a3c9e8,0xbca8f54d,
+	0xc72feffa,0x22822e99,0x82c570b4,0xd8d94e89,
+	0x8b1c34bc,0x301e16e6,0x273be979,0xb0ffeaa6,
+	0x61d9b8c6,0x00b24869,0xb7ffce3f,0x08dc283b,
+	0x43daf65a,0xf7e19798,0x7619b72f,0x8f1c9ba4,
+	0xdc8637a0,0x16a7d3b1,0x9fc393b7,0xa7136eeb,
+	0xc6bcc63e,0x1a513742,0xef6828bc,0x520365d6,
+	0x2d6a77ab,0x3527ed4b,0x821fd216,0x095c6e2e,
+	0xdb92f2fb,0x5eea29cb,0x145892f5,0x91584f7f,
+	0x5483697b,0x2667a8cc,0x85196048,0x8c4bacea,
+	0x833860d4,0x0d23e0f9,0x6c387e8a,0x0ae6d249,
+	0xb284600c,0xd835731d,0xdcb1c647,0xac4c56ea,
+	0x3ebd81b3,0x230eabb0,0x6438bc87,0xf0b5b1fa,
+	0x8f5ea2b3,0xfc184642,0x0a036b7a,0x4fb089bd,
+	0x649da589,0xa345415e,0x5c038323,0x3e5d3bb9,
+	0x43d79572,0x7e6dd07c,0x06dfdf1e,0x6c6cc4ef,
+	0x7160a539,0x73bfbe70,0x83877605,0x4523ecf1,
+	};
+CAST_LONG CAST_S_table2[256]={
+	0x8defc240,0x25fa5d9f,0xeb903dbf,0xe810c907,
+	0x47607fff,0x369fe44b,0x8c1fc644,0xaececa90,
+	0xbeb1f9bf,0xeefbcaea,0xe8cf1950,0x51df07ae,
+	0x920e8806,0xf0ad0548,0xe13c8d83,0x927010d5,
+	0x11107d9f,0x07647db9,0xb2e3e4d4,0x3d4f285e,
+	0xb9afa820,0xfade82e0,0xa067268b,0x8272792e,
+	0x553fb2c0,0x489ae22b,0xd4ef9794,0x125e3fbc,
+	0x21fffcee,0x825b1bfd,0x9255c5ed,0x1257a240,
+	0x4e1a8302,0xbae07fff,0x528246e7,0x8e57140e,
+	0x3373f7bf,0x8c9f8188,0xa6fc4ee8,0xc982b5a5,
+	0xa8c01db7,0x579fc264,0x67094f31,0xf2bd3f5f,
+	0x40fff7c1,0x1fb78dfc,0x8e6bd2c1,0x437be59b,
+	0x99b03dbf,0xb5dbc64b,0x638dc0e6,0x55819d99,
+	0xa197c81c,0x4a012d6e,0xc5884a28,0xccc36f71,
+	0xb843c213,0x6c0743f1,0x8309893c,0x0feddd5f,
+	0x2f7fe850,0xd7c07f7e,0x02507fbf,0x5afb9a04,
+	0xa747d2d0,0x1651192e,0xaf70bf3e,0x58c31380,
+	0x5f98302e,0x727cc3c4,0x0a0fb402,0x0f7fef82,
+	0x8c96fdad,0x5d2c2aae,0x8ee99a49,0x50da88b8,
+	0x8427f4a0,0x1eac5790,0x796fb449,0x8252dc15,
+	0xefbd7d9b,0xa672597d,0xada840d8,0x45f54504,
+	0xfa5d7403,0xe83ec305,0x4f91751a,0x925669c2,
+	0x23efe941,0xa903f12e,0x60270df2,0x0276e4b6,
+	0x94fd6574,0x927985b2,0x8276dbcb,0x02778176,
+	0xf8af918d,0x4e48f79e,0x8f616ddf,0xe29d840e,
+	0x842f7d83,0x340ce5c8,0x96bbb682,0x93b4b148,
+	0xef303cab,0x984faf28,0x779faf9b,0x92dc560d,
+	0x224d1e20,0x8437aa88,0x7d29dc96,0x2756d3dc,
+	0x8b907cee,0xb51fd240,0xe7c07ce3,0xe566b4a1,
+	0xc3e9615e,0x3cf8209d,0x6094d1e3,0xcd9ca341,
+	0x5c76460e,0x00ea983b,0xd4d67881,0xfd47572c,
+	0xf76cedd9,0xbda8229c,0x127dadaa,0x438a074e,
+	0x1f97c090,0x081bdb8a,0x93a07ebe,0xb938ca15,
+	0x97b03cff,0x3dc2c0f8,0x8d1ab2ec,0x64380e51,
+	0x68cc7bfb,0xd90f2788,0x12490181,0x5de5ffd4,
+	0xdd7ef86a,0x76a2e214,0xb9a40368,0x925d958f,
+	0x4b39fffa,0xba39aee9,0xa4ffd30b,0xfaf7933b,
+	0x6d498623,0x193cbcfa,0x27627545,0x825cf47a,
+	0x61bd8ba0,0xd11e42d1,0xcead04f4,0x127ea392,
+	0x10428db7,0x8272a972,0x9270c4a8,0x127de50b,
+	0x285ba1c8,0x3c62f44f,0x35c0eaa5,0xe805d231,
+	0x428929fb,0xb4fcdf82,0x4fb66a53,0x0e7dc15b,
+	0x1f081fab,0x108618ae,0xfcfd086d,0xf9ff2889,
+	0x694bcc11,0x236a5cae,0x12deca4d,0x2c3f8cc5,
+	0xd2d02dfe,0xf8ef5896,0xe4cf52da,0x95155b67,
+	0x494a488c,0xb9b6a80c,0x5c8f82bc,0x89d36b45,
+	0x3a609437,0xec00c9a9,0x44715253,0x0a874b49,
+	0xd773bc40,0x7c34671c,0x02717ef6,0x4feb5536,
+	0xa2d02fff,0xd2bf60c4,0xd43f03c0,0x50b4ef6d,
+	0x07478cd1,0x006e1888,0xa2e53f55,0xb9e6d4bc,
+	0xa2048016,0x97573833,0xd7207d67,0xde0f8f3d,
+	0x72f87b33,0xabcc4f33,0x7688c55d,0x7b00a6b0,
+	0x947b0001,0x570075d2,0xf9bb88f8,0x8942019e,
+	0x4264a5ff,0x856302e0,0x72dbd92b,0xee971b69,
+	0x6ea22fde,0x5f08ae2b,0xaf7a616d,0xe5c98767,
+	0xcf1febd2,0x61efc8c2,0xf1ac2571,0xcc8239c2,
+	0x67214cb8,0xb1e583d1,0xb7dc3e62,0x7f10bdce,
+	0xf90a5c38,0x0ff0443d,0x606e6dc6,0x60543a49,
+	0x5727c148,0x2be98a1d,0x8ab41738,0x20e1be24,
+	0xaf96da0f,0x68458425,0x99833be5,0x600d457d,
+	0x282f9350,0x8334b362,0xd91d1120,0x2b6d8da0,
+	0x642b1e31,0x9c305a00,0x52bce688,0x1b03588a,
+	0xf7baefd5,0x4142ed9c,0xa4315c11,0x83323ec5,
+	0xdfef4636,0xa133c501,0xe9d3531c,0xee353783,
+	};
+CAST_LONG CAST_S_table3[256]={
+	0x9db30420,0x1fb6e9de,0xa7be7bef,0xd273a298,
+	0x4a4f7bdb,0x64ad8c57,0x85510443,0xfa020ed1,
+	0x7e287aff,0xe60fb663,0x095f35a1,0x79ebf120,
+	0xfd059d43,0x6497b7b1,0xf3641f63,0x241e4adf,
+	0x28147f5f,0x4fa2b8cd,0xc9430040,0x0cc32220,
+	0xfdd30b30,0xc0a5374f,0x1d2d00d9,0x24147b15,
+	0xee4d111a,0x0fca5167,0x71ff904c,0x2d195ffe,
+	0x1a05645f,0x0c13fefe,0x081b08ca,0x05170121,
+	0x80530100,0xe83e5efe,0xac9af4f8,0x7fe72701,
+	0xd2b8ee5f,0x06df4261,0xbb9e9b8a,0x7293ea25,
+	0xce84ffdf,0xf5718801,0x3dd64b04,0xa26f263b,
+	0x7ed48400,0x547eebe6,0x446d4ca0,0x6cf3d6f5,
+	0x2649abdf,0xaea0c7f5,0x36338cc1,0x503f7e93,
+	0xd3772061,0x11b638e1,0x72500e03,0xf80eb2bb,
+	0xabe0502e,0xec8d77de,0x57971e81,0xe14f6746,
+	0xc9335400,0x6920318f,0x081dbb99,0xffc304a5,
+	0x4d351805,0x7f3d5ce3,0xa6c866c6,0x5d5bcca9,
+	0xdaec6fea,0x9f926f91,0x9f46222f,0x3991467d,
+	0xa5bf6d8e,0x1143c44f,0x43958302,0xd0214eeb,
+	0x022083b8,0x3fb6180c,0x18f8931e,0x281658e6,
+	0x26486e3e,0x8bd78a70,0x7477e4c1,0xb506e07c,
+	0xf32d0a25,0x79098b02,0xe4eabb81,0x28123b23,
+	0x69dead38,0x1574ca16,0xdf871b62,0x211c40b7,
+	0xa51a9ef9,0x0014377b,0x041e8ac8,0x09114003,
+	0xbd59e4d2,0xe3d156d5,0x4fe876d5,0x2f91a340,
+	0x557be8de,0x00eae4a7,0x0ce5c2ec,0x4db4bba6,
+	0xe756bdff,0xdd3369ac,0xec17b035,0x06572327,
+	0x99afc8b0,0x56c8c391,0x6b65811c,0x5e146119,
+	0x6e85cb75,0xbe07c002,0xc2325577,0x893ff4ec,
+	0x5bbfc92d,0xd0ec3b25,0xb7801ab7,0x8d6d3b24,
+	0x20c763ef,0xc366a5fc,0x9c382880,0x0ace3205,
+	0xaac9548a,0xeca1d7c7,0x041afa32,0x1d16625a,
+	0x6701902c,0x9b757a54,0x31d477f7,0x9126b031,
+	0x36cc6fdb,0xc70b8b46,0xd9e66a48,0x56e55a79,
+	0x026a4ceb,0x52437eff,0x2f8f76b4,0x0df980a5,
+	0x8674cde3,0xedda04eb,0x17a9be04,0x2c18f4df,
+	0xb7747f9d,0xab2af7b4,0xefc34d20,0x2e096b7c,
+	0x1741a254,0xe5b6a035,0x213d42f6,0x2c1c7c26,
+	0x61c2f50f,0x6552daf9,0xd2c231f8,0x25130f69,
+	0xd8167fa2,0x0418f2c8,0x001a96a6,0x0d1526ab,
+	0x63315c21,0x5e0a72ec,0x49bafefd,0x187908d9,
+	0x8d0dbd86,0x311170a7,0x3e9b640c,0xcc3e10d7,
+	0xd5cad3b6,0x0caec388,0xf73001e1,0x6c728aff,
+	0x71eae2a1,0x1f9af36e,0xcfcbd12f,0xc1de8417,
+	0xac07be6b,0xcb44a1d8,0x8b9b0f56,0x013988c3,
+	0xb1c52fca,0xb4be31cd,0xd8782806,0x12a3a4e2,
+	0x6f7de532,0x58fd7eb6,0xd01ee900,0x24adffc2,
+	0xf4990fc5,0x9711aac5,0x001d7b95,0x82e5e7d2,
+	0x109873f6,0x00613096,0xc32d9521,0xada121ff,
+	0x29908415,0x7fbb977f,0xaf9eb3db,0x29c9ed2a,
+	0x5ce2a465,0xa730f32c,0xd0aa3fe8,0x8a5cc091,
+	0xd49e2ce7,0x0ce454a9,0xd60acd86,0x015f1919,
+	0x77079103,0xdea03af6,0x78a8565e,0xdee356df,
+	0x21f05cbe,0x8b75e387,0xb3c50651,0xb8a5c3ef,
+	0xd8eeb6d2,0xe523be77,0xc2154529,0x2f69efdf,
+	0xafe67afb,0xf470c4b2,0xf3e0eb5b,0xd6cc9876,
+	0x39e4460c,0x1fda8538,0x1987832f,0xca007367,
+	0xa99144f8,0x296b299e,0x492fc295,0x9266beab,
+	0xb5676e69,0x9bd3ddda,0xdf7e052f,0xdb25701c,
+	0x1b5e51ee,0xf65324e6,0x6afce36c,0x0316cc04,
+	0x8644213e,0xb7dc59d0,0x7965291f,0xccd6fd43,
+	0x41823979,0x932bcdf6,0xb657c34d,0x4edfd282,
+	0x7ae5290c,0x3cb9536b,0x851e20fe,0x9833557e,
+	0x13ecf0b0,0xd3ffb372,0x3f85c5c1,0x0aef7ed2,
+	};
+CAST_LONG CAST_S_table4[256]={
+	0x7ec90c04,0x2c6e74b9,0x9b0e66df,0xa6337911,
+	0xb86a7fff,0x1dd358f5,0x44dd9d44,0x1731167f,
+	0x08fbf1fa,0xe7f511cc,0xd2051b00,0x735aba00,
+	0x2ab722d8,0x386381cb,0xacf6243a,0x69befd7a,
+	0xe6a2e77f,0xf0c720cd,0xc4494816,0xccf5c180,
+	0x38851640,0x15b0a848,0xe68b18cb,0x4caadeff,
+	0x5f480a01,0x0412b2aa,0x259814fc,0x41d0efe2,
+	0x4e40b48d,0x248eb6fb,0x8dba1cfe,0x41a99b02,
+	0x1a550a04,0xba8f65cb,0x7251f4e7,0x95a51725,
+	0xc106ecd7,0x97a5980a,0xc539b9aa,0x4d79fe6a,
+	0xf2f3f763,0x68af8040,0xed0c9e56,0x11b4958b,
+	0xe1eb5a88,0x8709e6b0,0xd7e07156,0x4e29fea7,
+	0x6366e52d,0x02d1c000,0xc4ac8e05,0x9377f571,
+	0x0c05372a,0x578535f2,0x2261be02,0xd642a0c9,
+	0xdf13a280,0x74b55bd2,0x682199c0,0xd421e5ec,
+	0x53fb3ce8,0xc8adedb3,0x28a87fc9,0x3d959981,
+	0x5c1ff900,0xfe38d399,0x0c4eff0b,0x062407ea,
+	0xaa2f4fb1,0x4fb96976,0x90c79505,0xb0a8a774,
+	0xef55a1ff,0xe59ca2c2,0xa6b62d27,0xe66a4263,
+	0xdf65001f,0x0ec50966,0xdfdd55bc,0x29de0655,
+	0x911e739a,0x17af8975,0x32c7911c,0x89f89468,
+	0x0d01e980,0x524755f4,0x03b63cc9,0x0cc844b2,
+	0xbcf3f0aa,0x87ac36e9,0xe53a7426,0x01b3d82b,
+	0x1a9e7449,0x64ee2d7e,0xcddbb1da,0x01c94910,
+	0xb868bf80,0x0d26f3fd,0x9342ede7,0x04a5c284,
+	0x636737b6,0x50f5b616,0xf24766e3,0x8eca36c1,
+	0x136e05db,0xfef18391,0xfb887a37,0xd6e7f7d4,
+	0xc7fb7dc9,0x3063fcdf,0xb6f589de,0xec2941da,
+	0x26e46695,0xb7566419,0xf654efc5,0xd08d58b7,
+	0x48925401,0xc1bacb7f,0xe5ff550f,0xb6083049,
+	0x5bb5d0e8,0x87d72e5a,0xab6a6ee1,0x223a66ce,
+	0xc62bf3cd,0x9e0885f9,0x68cb3e47,0x086c010f,
+	0xa21de820,0xd18b69de,0xf3f65777,0xfa02c3f6,
+	0x407edac3,0xcbb3d550,0x1793084d,0xb0d70eba,
+	0x0ab378d5,0xd951fb0c,0xded7da56,0x4124bbe4,
+	0x94ca0b56,0x0f5755d1,0xe0e1e56e,0x6184b5be,
+	0x580a249f,0x94f74bc0,0xe327888e,0x9f7b5561,
+	0xc3dc0280,0x05687715,0x646c6bd7,0x44904db3,
+	0x66b4f0a3,0xc0f1648a,0x697ed5af,0x49e92ff6,
+	0x309e374f,0x2cb6356a,0x85808573,0x4991f840,
+	0x76f0ae02,0x083be84d,0x28421c9a,0x44489406,
+	0x736e4cb8,0xc1092910,0x8bc95fc6,0x7d869cf4,
+	0x134f616f,0x2e77118d,0xb31b2be1,0xaa90b472,
+	0x3ca5d717,0x7d161bba,0x9cad9010,0xaf462ba2,
+	0x9fe459d2,0x45d34559,0xd9f2da13,0xdbc65487,
+	0xf3e4f94e,0x176d486f,0x097c13ea,0x631da5c7,
+	0x445f7382,0x175683f4,0xcdc66a97,0x70be0288,
+	0xb3cdcf72,0x6e5dd2f3,0x20936079,0x459b80a5,
+	0xbe60e2db,0xa9c23101,0xeba5315c,0x224e42f2,
+	0x1c5c1572,0xf6721b2c,0x1ad2fff3,0x8c25404e,
+	0x324ed72f,0x4067b7fd,0x0523138e,0x5ca3bc78,
+	0xdc0fd66e,0x75922283,0x784d6b17,0x58ebb16e,
+	0x44094f85,0x3f481d87,0xfcfeae7b,0x77b5ff76,
+	0x8c2302bf,0xaaf47556,0x5f46b02a,0x2b092801,
+	0x3d38f5f7,0x0ca81f36,0x52af4a8a,0x66d5e7c0,
+	0xdf3b0874,0x95055110,0x1b5ad7a8,0xf61ed5ad,
+	0x6cf6e479,0x20758184,0xd0cefa65,0x88f7be58,
+	0x4a046826,0x0ff6f8f3,0xa09c7f70,0x5346aba0,
+	0x5ce96c28,0xe176eda3,0x6bac307f,0x376829d2,
+	0x85360fa9,0x17e3fe2a,0x24b79767,0xf5a96b20,
+	0xd6cd2595,0x68ff1ebf,0x7555442c,0xf19f06be,
+	0xf9e0659a,0xeeb9491d,0x34010718,0xbb30cab8,
+	0xe822fe15,0x88570983,0x750e6249,0xda627e55,
+	0x5e76ffa8,0xb1534546,0x6d47de08,0xefe9e7d4,
+	};
+CAST_LONG CAST_S_table5[256]={
+	0xf6fa8f9d,0x2cac6ce1,0x4ca34867,0xe2337f7c,
+	0x95db08e7,0x016843b4,0xeced5cbc,0x325553ac,
+	0xbf9f0960,0xdfa1e2ed,0x83f0579d,0x63ed86b9,
+	0x1ab6a6b8,0xde5ebe39,0xf38ff732,0x8989b138,
+	0x33f14961,0xc01937bd,0xf506c6da,0xe4625e7e,
+	0xa308ea99,0x4e23e33c,0x79cbd7cc,0x48a14367,
+	0xa3149619,0xfec94bd5,0xa114174a,0xeaa01866,
+	0xa084db2d,0x09a8486f,0xa888614a,0x2900af98,
+	0x01665991,0xe1992863,0xc8f30c60,0x2e78ef3c,
+	0xd0d51932,0xcf0fec14,0xf7ca07d2,0xd0a82072,
+	0xfd41197e,0x9305a6b0,0xe86be3da,0x74bed3cd,
+	0x372da53c,0x4c7f4448,0xdab5d440,0x6dba0ec3,
+	0x083919a7,0x9fbaeed9,0x49dbcfb0,0x4e670c53,
+	0x5c3d9c01,0x64bdb941,0x2c0e636a,0xba7dd9cd,
+	0xea6f7388,0xe70bc762,0x35f29adb,0x5c4cdd8d,
+	0xf0d48d8c,0xb88153e2,0x08a19866,0x1ae2eac8,
+	0x284caf89,0xaa928223,0x9334be53,0x3b3a21bf,
+	0x16434be3,0x9aea3906,0xefe8c36e,0xf890cdd9,
+	0x80226dae,0xc340a4a3,0xdf7e9c09,0xa694a807,
+	0x5b7c5ecc,0x221db3a6,0x9a69a02f,0x68818a54,
+	0xceb2296f,0x53c0843a,0xfe893655,0x25bfe68a,
+	0xb4628abc,0xcf222ebf,0x25ac6f48,0xa9a99387,
+	0x53bddb65,0xe76ffbe7,0xe967fd78,0x0ba93563,
+	0x8e342bc1,0xe8a11be9,0x4980740d,0xc8087dfc,
+	0x8de4bf99,0xa11101a0,0x7fd37975,0xda5a26c0,
+	0xe81f994f,0x9528cd89,0xfd339fed,0xb87834bf,
+	0x5f04456d,0x22258698,0xc9c4c83b,0x2dc156be,
+	0x4f628daa,0x57f55ec5,0xe2220abe,0xd2916ebf,
+	0x4ec75b95,0x24f2c3c0,0x42d15d99,0xcd0d7fa0,
+	0x7b6e27ff,0xa8dc8af0,0x7345c106,0xf41e232f,
+	0x35162386,0xe6ea8926,0x3333b094,0x157ec6f2,
+	0x372b74af,0x692573e4,0xe9a9d848,0xf3160289,
+	0x3a62ef1d,0xa787e238,0xf3a5f676,0x74364853,
+	0x20951063,0x4576698d,0xb6fad407,0x592af950,
+	0x36f73523,0x4cfb6e87,0x7da4cec0,0x6c152daa,
+	0xcb0396a8,0xc50dfe5d,0xfcd707ab,0x0921c42f,
+	0x89dff0bb,0x5fe2be78,0x448f4f33,0x754613c9,
+	0x2b05d08d,0x48b9d585,0xdc049441,0xc8098f9b,
+	0x7dede786,0xc39a3373,0x42410005,0x6a091751,
+	0x0ef3c8a6,0x890072d6,0x28207682,0xa9a9f7be,
+	0xbf32679d,0xd45b5b75,0xb353fd00,0xcbb0e358,
+	0x830f220a,0x1f8fb214,0xd372cf08,0xcc3c4a13,
+	0x8cf63166,0x061c87be,0x88c98f88,0x6062e397,
+	0x47cf8e7a,0xb6c85283,0x3cc2acfb,0x3fc06976,
+	0x4e8f0252,0x64d8314d,0xda3870e3,0x1e665459,
+	0xc10908f0,0x513021a5,0x6c5b68b7,0x822f8aa0,
+	0x3007cd3e,0x74719eef,0xdc872681,0x073340d4,
+	0x7e432fd9,0x0c5ec241,0x8809286c,0xf592d891,
+	0x08a930f6,0x957ef305,0xb7fbffbd,0xc266e96f,
+	0x6fe4ac98,0xb173ecc0,0xbc60b42a,0x953498da,
+	0xfba1ae12,0x2d4bd736,0x0f25faab,0xa4f3fceb,
+	0xe2969123,0x257f0c3d,0x9348af49,0x361400bc,
+	0xe8816f4a,0x3814f200,0xa3f94043,0x9c7a54c2,
+	0xbc704f57,0xda41e7f9,0xc25ad33a,0x54f4a084,
+	0xb17f5505,0x59357cbe,0xedbd15c8,0x7f97c5ab,
+	0xba5ac7b5,0xb6f6deaf,0x3a479c3a,0x5302da25,
+	0x653d7e6a,0x54268d49,0x51a477ea,0x5017d55b,
+	0xd7d25d88,0x44136c76,0x0404a8c8,0xb8e5a121,
+	0xb81a928a,0x60ed5869,0x97c55b96,0xeaec991b,
+	0x29935913,0x01fdb7f1,0x088e8dfa,0x9ab6f6f5,
+	0x3b4cbf9f,0x4a5de3ab,0xe6051d35,0xa0e1d855,
+	0xd36b4cf1,0xf544edeb,0xb0e93524,0xbebb8fbd,
+	0xa2d762cf,0x49c92f54,0x38b5f331,0x7128a454,
+	0x48392905,0xa65b1db8,0x851c97bd,0xd675cf2f,
+	};
+CAST_LONG CAST_S_table6[256]={
+	0x85e04019,0x332bf567,0x662dbfff,0xcfc65693,
+	0x2a8d7f6f,0xab9bc912,0xde6008a1,0x2028da1f,
+	0x0227bce7,0x4d642916,0x18fac300,0x50f18b82,
+	0x2cb2cb11,0xb232e75c,0x4b3695f2,0xb28707de,
+	0xa05fbcf6,0xcd4181e9,0xe150210c,0xe24ef1bd,
+	0xb168c381,0xfde4e789,0x5c79b0d8,0x1e8bfd43,
+	0x4d495001,0x38be4341,0x913cee1d,0x92a79c3f,
+	0x089766be,0xbaeeadf4,0x1286becf,0xb6eacb19,
+	0x2660c200,0x7565bde4,0x64241f7a,0x8248dca9,
+	0xc3b3ad66,0x28136086,0x0bd8dfa8,0x356d1cf2,
+	0x107789be,0xb3b2e9ce,0x0502aa8f,0x0bc0351e,
+	0x166bf52a,0xeb12ff82,0xe3486911,0xd34d7516,
+	0x4e7b3aff,0x5f43671b,0x9cf6e037,0x4981ac83,
+	0x334266ce,0x8c9341b7,0xd0d854c0,0xcb3a6c88,
+	0x47bc2829,0x4725ba37,0xa66ad22b,0x7ad61f1e,
+	0x0c5cbafa,0x4437f107,0xb6e79962,0x42d2d816,
+	0x0a961288,0xe1a5c06e,0x13749e67,0x72fc081a,
+	0xb1d139f7,0xf9583745,0xcf19df58,0xbec3f756,
+	0xc06eba30,0x07211b24,0x45c28829,0xc95e317f,
+	0xbc8ec511,0x38bc46e9,0xc6e6fa14,0xbae8584a,
+	0xad4ebc46,0x468f508b,0x7829435f,0xf124183b,
+	0x821dba9f,0xaff60ff4,0xea2c4e6d,0x16e39264,
+	0x92544a8b,0x009b4fc3,0xaba68ced,0x9ac96f78,
+	0x06a5b79a,0xb2856e6e,0x1aec3ca9,0xbe838688,
+	0x0e0804e9,0x55f1be56,0xe7e5363b,0xb3a1f25d,
+	0xf7debb85,0x61fe033c,0x16746233,0x3c034c28,
+	0xda6d0c74,0x79aac56c,0x3ce4e1ad,0x51f0c802,
+	0x98f8f35a,0x1626a49f,0xeed82b29,0x1d382fe3,
+	0x0c4fb99a,0xbb325778,0x3ec6d97b,0x6e77a6a9,
+	0xcb658b5c,0xd45230c7,0x2bd1408b,0x60c03eb7,
+	0xb9068d78,0xa33754f4,0xf430c87d,0xc8a71302,
+	0xb96d8c32,0xebd4e7be,0xbe8b9d2d,0x7979fb06,
+	0xe7225308,0x8b75cf77,0x11ef8da4,0xe083c858,
+	0x8d6b786f,0x5a6317a6,0xfa5cf7a0,0x5dda0033,
+	0xf28ebfb0,0xf5b9c310,0xa0eac280,0x08b9767a,
+	0xa3d9d2b0,0x79d34217,0x021a718d,0x9ac6336a,
+	0x2711fd60,0x438050e3,0x069908a8,0x3d7fedc4,
+	0x826d2bef,0x4eeb8476,0x488dcf25,0x36c9d566,
+	0x28e74e41,0xc2610aca,0x3d49a9cf,0xbae3b9df,
+	0xb65f8de6,0x92aeaf64,0x3ac7d5e6,0x9ea80509,
+	0xf22b017d,0xa4173f70,0xdd1e16c3,0x15e0d7f9,
+	0x50b1b887,0x2b9f4fd5,0x625aba82,0x6a017962,
+	0x2ec01b9c,0x15488aa9,0xd716e740,0x40055a2c,
+	0x93d29a22,0xe32dbf9a,0x058745b9,0x3453dc1e,
+	0xd699296e,0x496cff6f,0x1c9f4986,0xdfe2ed07,
+	0xb87242d1,0x19de7eae,0x053e561a,0x15ad6f8c,
+	0x66626c1c,0x7154c24c,0xea082b2a,0x93eb2939,
+	0x17dcb0f0,0x58d4f2ae,0x9ea294fb,0x52cf564c,
+	0x9883fe66,0x2ec40581,0x763953c3,0x01d6692e,
+	0xd3a0c108,0xa1e7160e,0xe4f2dfa6,0x693ed285,
+	0x74904698,0x4c2b0edd,0x4f757656,0x5d393378,
+	0xa132234f,0x3d321c5d,0xc3f5e194,0x4b269301,
+	0xc79f022f,0x3c997e7e,0x5e4f9504,0x3ffafbbd,
+	0x76f7ad0e,0x296693f4,0x3d1fce6f,0xc61e45be,
+	0xd3b5ab34,0xf72bf9b7,0x1b0434c0,0x4e72b567,
+	0x5592a33d,0xb5229301,0xcfd2a87f,0x60aeb767,
+	0x1814386b,0x30bcc33d,0x38a0c07d,0xfd1606f2,
+	0xc363519b,0x589dd390,0x5479f8e6,0x1cb8d647,
+	0x97fd61a9,0xea7759f4,0x2d57539d,0x569a58cf,
+	0xe84e63ad,0x462e1b78,0x6580f87e,0xf3817914,
+	0x91da55f4,0x40a230f3,0xd1988f35,0xb6e318d2,
+	0x3ffa50bc,0x3d40f021,0xc3c0bdae,0x4958c24c,
+	0x518f36b2,0x84b1d370,0x0fedce83,0x878ddada,
+	0xf2a279c7,0x94e01be8,0x90716f4b,0x954b8aa3,
+	};
+CAST_LONG CAST_S_table7[256]={
+	0xe216300d,0xbbddfffc,0xa7ebdabd,0x35648095,
+	0x7789f8b7,0xe6c1121b,0x0e241600,0x052ce8b5,
+	0x11a9cfb0,0xe5952f11,0xece7990a,0x9386d174,
+	0x2a42931c,0x76e38111,0xb12def3a,0x37ddddfc,
+	0xde9adeb1,0x0a0cc32c,0xbe197029,0x84a00940,
+	0xbb243a0f,0xb4d137cf,0xb44e79f0,0x049eedfd,
+	0x0b15a15d,0x480d3168,0x8bbbde5a,0x669ded42,
+	0xc7ece831,0x3f8f95e7,0x72df191b,0x7580330d,
+	0x94074251,0x5c7dcdfa,0xabbe6d63,0xaa402164,
+	0xb301d40a,0x02e7d1ca,0x53571dae,0x7a3182a2,
+	0x12a8ddec,0xfdaa335d,0x176f43e8,0x71fb46d4,
+	0x38129022,0xce949ad4,0xb84769ad,0x965bd862,
+	0x82f3d055,0x66fb9767,0x15b80b4e,0x1d5b47a0,
+	0x4cfde06f,0xc28ec4b8,0x57e8726e,0x647a78fc,
+	0x99865d44,0x608bd593,0x6c200e03,0x39dc5ff6,
+	0x5d0b00a3,0xae63aff2,0x7e8bd632,0x70108c0c,
+	0xbbd35049,0x2998df04,0x980cf42a,0x9b6df491,
+	0x9e7edd53,0x06918548,0x58cb7e07,0x3b74ef2e,
+	0x522fffb1,0xd24708cc,0x1c7e27cd,0xa4eb215b,
+	0x3cf1d2e2,0x19b47a38,0x424f7618,0x35856039,
+	0x9d17dee7,0x27eb35e6,0xc9aff67b,0x36baf5b8,
+	0x09c467cd,0xc18910b1,0xe11dbf7b,0x06cd1af8,
+	0x7170c608,0x2d5e3354,0xd4de495a,0x64c6d006,
+	0xbcc0c62c,0x3dd00db3,0x708f8f34,0x77d51b42,
+	0x264f620f,0x24b8d2bf,0x15c1b79e,0x46a52564,
+	0xf8d7e54e,0x3e378160,0x7895cda5,0x859c15a5,
+	0xe6459788,0xc37bc75f,0xdb07ba0c,0x0676a3ab,
+	0x7f229b1e,0x31842e7b,0x24259fd7,0xf8bef472,
+	0x835ffcb8,0x6df4c1f2,0x96f5b195,0xfd0af0fc,
+	0xb0fe134c,0xe2506d3d,0x4f9b12ea,0xf215f225,
+	0xa223736f,0x9fb4c428,0x25d04979,0x34c713f8,
+	0xc4618187,0xea7a6e98,0x7cd16efc,0x1436876c,
+	0xf1544107,0xbedeee14,0x56e9af27,0xa04aa441,
+	0x3cf7c899,0x92ecbae6,0xdd67016d,0x151682eb,
+	0xa842eedf,0xfdba60b4,0xf1907b75,0x20e3030f,
+	0x24d8c29e,0xe139673b,0xefa63fb8,0x71873054,
+	0xb6f2cf3b,0x9f326442,0xcb15a4cc,0xb01a4504,
+	0xf1e47d8d,0x844a1be5,0xbae7dfdc,0x42cbda70,
+	0xcd7dae0a,0x57e85b7a,0xd53f5af6,0x20cf4d8c,
+	0xcea4d428,0x79d130a4,0x3486ebfb,0x33d3cddc,
+	0x77853b53,0x37effcb5,0xc5068778,0xe580b3e6,
+	0x4e68b8f4,0xc5c8b37e,0x0d809ea2,0x398feb7c,
+	0x132a4f94,0x43b7950e,0x2fee7d1c,0x223613bd,
+	0xdd06caa2,0x37df932b,0xc4248289,0xacf3ebc3,
+	0x5715f6b7,0xef3478dd,0xf267616f,0xc148cbe4,
+	0x9052815e,0x5e410fab,0xb48a2465,0x2eda7fa4,
+	0xe87b40e4,0xe98ea084,0x5889e9e1,0xefd390fc,
+	0xdd07d35b,0xdb485694,0x38d7e5b2,0x57720101,
+	0x730edebc,0x5b643113,0x94917e4f,0x503c2fba,
+	0x646f1282,0x7523d24a,0xe0779695,0xf9c17a8f,
+	0x7a5b2121,0xd187b896,0x29263a4d,0xba510cdf,
+	0x81f47c9f,0xad1163ed,0xea7b5965,0x1a00726e,
+	0x11403092,0x00da6d77,0x4a0cdd61,0xad1f4603,
+	0x605bdfb0,0x9eedc364,0x22ebe6a8,0xcee7d28a,
+	0xa0e736a0,0x5564a6b9,0x10853209,0xc7eb8f37,
+	0x2de705ca,0x8951570f,0xdf09822b,0xbd691a6c,
+	0xaa12e4f2,0x87451c0f,0xe0f6a27a,0x3ada4819,
+	0x4cf1764f,0x0d771c2b,0x67cdb156,0x350d8384,
+	0x5938fa0f,0x42399ef3,0x36997b07,0x0e84093d,
+	0x4aa93e61,0x8360d87b,0x1fa98b0c,0x1149382c,
+	0xe97625a5,0x0614d1b7,0x0e25244b,0x0c768347,
+	0x589e8d82,0x0d2059d1,0xa466bb1e,0xf8da0a82,
+	0x04f19130,0xba6e4ec0,0x99265164,0x1ee7230d,
+	0x50b2ad80,0xeaee6801,0x8db2a283,0xea8bf59e,
+	};
diff --git a/crypto/cast/cast_spd.c b/crypto/cast/cast_spd.c
new file mode 100644
index 0000000000..ab75e65386
--- /dev/null
+++ b/crypto/cast/cast_spd.c
@@ -0,0 +1,294 @@
+/* crypto/cast/cast_spd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+	time_t tms_utime;
+	time_t tms_stime;
+	time_t tms_uchild;	/* I dunno...  */
+	time_t tms_uchildsys;	/* so these names are a guess :-) */
+	}
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "cast.h"
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ	100.0
+#else /* VMS */
+#define HZ	100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE	((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+	{
+	signal(SIGALRM,sig_done);
+	run=0;
+#ifdef LINT
+	sig=sig;
+#endif
+	}
+#endif
+
+#define START	0
+#define STOP	1
+
+double Time_F(s)
+int s;
+	{
+	double ret;
+#ifdef TIMES
+	static struct tms tstart,tend;
+
+	if (s == START)
+		{
+		times(&tstart);
+		return(0);
+		}
+	else
+		{
+		times(&tend);
+		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#else /* !times() */
+	static struct timeb tstart,tend;
+	long i;
+
+	if (s == START)
+		{
+		ftime(&tstart);
+		return(0);
+		}
+	else
+		{
+		ftime(&tend);
+		i=(long)tend.millitm-(long)tstart.millitm;
+		ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#endif
+	}
+
+int main(argc,argv)
+int argc;
+char **argv;
+	{
+	long count;
+	static unsigned char buf[BUFSIZE];
+	static unsigned char key[] ={
+			0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+			0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+			};
+	CAST_KEY sch;
+	double a,b,c,d;
+#ifndef SIGALRM
+	long ca,cb,cc;
+#endif
+
+#ifndef TIMES
+	printf("To get the most acurate results, try to run this\n");
+	printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+	printf("First we calculate the approximate speed ...\n");
+	CAST_set_key(&sch,16,key);
+	count=10;
+	do	{
+		long i;
+		CAST_LONG data[2];
+
+		count*=2;
+		Time_F(START);
+		for (i=count; i; i--)
+			CAST_encrypt(data,&sch);
+		d=Time_F(STOP);
+		} while (d < 3.0);
+	ca=count/512;
+	cb=count;
+	cc=count*8/BUFSIZE+1;
+	printf("Doing CAST_set_key %ld times\n",ca);
+#define COND(d)	(count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c)	(run)
+#define COUNT(d) (count)
+	signal(SIGALRM,sig_done);
+	printf("Doing CAST_set_key for 10 seconds\n");
+	alarm(10);
+#endif
+
+	Time_F(START);
+	for (count=0,run=1; COND(ca); count+=4)
+		{
+		CAST_set_key(&sch,16,key);
+		CAST_set_key(&sch,16,key);
+		CAST_set_key(&sch,16,key);
+		CAST_set_key(&sch,16,key);
+		}
+	d=Time_F(STOP);
+	printf("%ld cast set_key's in %.2f seconds\n",count,d);
+	a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+	printf("Doing CAST_encrypt's for 10 seconds\n");
+	alarm(10);
+#else
+	printf("Doing CAST_encrypt %ld times\n",cb);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(cb); count+=4)
+		{
+		CAST_LONG data[2];
+
+		CAST_encrypt(data,&sch);
+		CAST_encrypt(data,&sch);
+		CAST_encrypt(data,&sch);
+		CAST_encrypt(data,&sch);
+		}
+	d=Time_F(STOP);
+	printf("%ld CAST_encrypt's in %.2f second\n",count,d);
+	b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+	printf("Doing CAST_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+		BUFSIZE);
+	alarm(10);
+#else
+	printf("Doing CAST_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+		BUFSIZE);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(cc); count++)
+		CAST_cbc_encrypt(buf,buf,BUFSIZE,&sch,
+			&(key[0]),CAST_ENCRYPT);
+	d=Time_F(STOP);
+	printf("%ld CAST_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+		count,BUFSIZE,d);
+	c=((double)COUNT(cc)*BUFSIZE)/d;
+
+	printf("CAST set_key       per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+	printf("CAST raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
+	printf("CAST cbc     bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+	exit(0);
+#if defined(LINT) || defined(MSDOS)
+	return(0);
+#endif
+	}
+
diff --git a/crypto/cast/castopts.c b/crypto/cast/castopts.c
new file mode 100644
index 0000000000..68cf5a4a60
--- /dev/null
+++ b/crypto/cast/castopts.c
@@ -0,0 +1,358 @@
+/* crypto/cast/castopts.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
+ * This is for machines with 64k code segment size restrictions. */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern void exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+	time_t tms_utime;
+	time_t tms_stime;
+	time_t tms_uchild;	/* I dunno...  */
+	time_t tms_uchildsys;	/* so these names are a guess :-) */
+	}
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "cast.h"
+
+#define CAST_DEFAULT_OPTIONS
+
+#undef E_CAST
+#define CAST_encrypt  CAST_encrypt_normal
+#define CAST_decrypt  CAST_decrypt_normal
+#define CAST_cbc_encrypt  CAST_cbc_encrypt_normal
+#undef HEADER_CAST_LOCL_H
+#include "c_enc.c"
+
+#define CAST_PTR
+#undef CAST_PTR2
+#undef E_CAST
+#undef CAST_encrypt
+#undef CAST_decrypt
+#undef CAST_cbc_encrypt
+#define CAST_encrypt  CAST_encrypt_ptr
+#define CAST_decrypt  CAST_decrypt_ptr
+#define CAST_cbc_encrypt  CAST_cbc_encrypt_ptr
+#undef HEADER_CAST_LOCL_H
+#include "c_enc.c"
+
+#undef CAST_PTR
+#define CAST_PTR2
+#undef E_CAST
+#undef CAST_encrypt
+#undef CAST_decrypt
+#undef CAST_cbc_encrypt
+#define CAST_encrypt  CAST_encrypt_ptr2
+#define CAST_decrypt  CAST_decrypt_ptr2
+#define CAST_cbc_encrypt  CAST_cbc_encrypt_ptr2
+#undef HEADER_CAST_LOCL_H
+#include "c_enc.c"
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+#   ifndef VMS
+#    define HZ	100.0
+#   else /* VMS */
+#    define HZ	100.0
+#   endif
+#  else /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE	((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+	{
+	signal(SIGALRM,sig_done);
+	run=0;
+#ifdef LINT
+	sig=sig;
+#endif
+	}
+#endif
+
+#define START	0
+#define STOP	1
+
+double Time_F(s)
+int s;
+	{
+	double ret;
+#ifdef TIMES
+	static struct tms tstart,tend;
+
+	if (s == START)
+		{
+		times(&tstart);
+		return(0);
+		}
+	else
+		{
+		times(&tend);
+		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#else /* !times() */
+	static struct timeb tstart,tend;
+	long i;
+
+	if (s == START)
+		{
+		ftime(&tstart);
+		return(0);
+		}
+	else
+		{
+		ftime(&tend);
+		i=(long)tend.millitm-(long)tstart.millitm;
+		ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#endif
+	}
+
+#ifdef SIGALRM
+#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+	
+#define time_it(func,name,index) \
+	print_name(name); \
+	Time_F(START); \
+	for (count=0,run=1; COND(cb); count+=4) \
+		{ \
+		unsigned long d[2]; \
+		func(d,&sch); \
+		func(d,&sch); \
+		func(d,&sch); \
+		func(d,&sch); \
+		} \
+	tm[index]=Time_F(STOP); \
+	fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+	tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+	fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+		tm[index]*8,1.0e6/tm[index]);
+
+int main(argc,argv)
+int argc;
+char **argv;
+	{
+	long count;
+	static unsigned char buf[BUFSIZE];
+	static char key[16]={	0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+				0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+	CAST_KEY sch;
+	double d,tm[16],max=0;
+	int rank[16];
+	char *str[16];
+	int max_idx=0,i,num=0,j;
+#ifndef SIGALARM
+	long ca,cb,cc,cd,ce;
+#endif
+
+	for (i=0; i<12; i++)
+		{
+		tm[i]=0.0;
+		rank[i]=0;
+		}
+
+#ifndef TIMES
+	fprintf(stderr,"To get the most acurate results, try to run this\n");
+	fprintf(stderr,"program when this computer is idle.\n");
+#endif
+
+	CAST_set_key(&sch,16,key);
+
+#ifndef SIGALRM
+	fprintf(stderr,"First we calculate the approximate speed ...\n");
+	count=10;
+	do	{
+		long i;
+		unsigned long data[2];
+
+		count*=2;
+		Time_F(START);
+		for (i=count; i; i--)
+			CAST_encrypt(data,&sch);
+		d=Time_F(STOP);
+		} while (d < 3.0);
+	ca=count;
+	cb=count*3;
+	cc=count*3*8/BUFSIZE+1;
+	cd=count*8/BUFSIZE+1;
+
+	ce=count/20+1;
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+        signal(SIGALRM,sig_done);
+        alarm(10);
+#endif
+
+	time_it(CAST_encrypt_normal,	"CAST_encrypt_normal ", 0);
+	time_it(CAST_encrypt_ptr,	"CAST_encrypt_ptr    ", 1);
+	time_it(CAST_encrypt_ptr2,	"CAST_encrypt_ptr2   ", 2);
+	num+=3;
+
+	str[0]="<nothing>";
+	print_it("CAST_encrypt_normal ",0);
+	max=tm[0];
+	max_idx=0;
+	str[1]="ptr      ";
+	print_it("CAST_encrypt_ptr ",1);
+	if (max < tm[1]) { max=tm[1]; max_idx=1; }
+	str[2]="ptr2     ";
+	print_it("CAST_encrypt_ptr2 ",2);
+	if (max < tm[2]) { max=tm[2]; max_idx=2; }
+
+	printf("options    CAST ecb/s\n");
+	printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
+	d=tm[max_idx];
+	tm[max_idx]= -2.0;
+	max= -1.0;
+	for (;;)
+		{
+		for (i=0; i<3; i++)
+			{
+			if (max < tm[i]) { max=tm[i]; j=i; }
+			}
+		if (max < 0.0) break;
+		printf("%s %12.2f  %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
+		tm[j]= -2.0;
+		max= -1.0;
+		}
+
+	switch (max_idx)
+		{
+	case 0:
+		printf("-DCAST_DEFAULT_OPTIONS\n");
+		break;
+	case 1:
+		printf("-DCAST_PTR\n");
+		break;
+	case 2:
+		printf("-DCAST_PTR2\n");
+		break;
+		}
+	exit(0);
+#if defined(LINT) || defined(MSDOS)
+	return(0);
+#endif
+	}
+
diff --git a/crypto/cast/casts.cpp b/crypto/cast/casts.cpp
new file mode 100644
index 0000000000..bac7be2c9c
--- /dev/null
+++ b/crypto/cast/casts.cpp
@@ -0,0 +1,70 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cast.h"
+
+void main(int argc,char *argv[])
+	{
+	CAST_KEY key;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+	static unsigned char d[16]={0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF};
+
+	CAST_set_key(&key, 16,d);
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			CAST_encrypt(&data[0],&key);
+			GetTSC(s1);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			GetTSC(e1);
+			GetTSC(s2);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			GetTSC(e2);
+			CAST_encrypt(&data[0],&key);
+			}
+
+		printf("cast %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/crypto/cast/casttest.c b/crypto/cast/casttest.c
new file mode 100644
index 0000000000..8b009bc249
--- /dev/null
+++ b/crypto/cast/casttest.c
@@ -0,0 +1,223 @@
+/* crypto/cast/casttest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "cast.h"
+
+/* #define FULL_TEST */
+
+unsigned char k[16]={
+	0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78,
+	0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A
+	};
+
+unsigned char in[8]={ 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF};
+
+int k_len[3]={16,10};
+unsigned char c[3][8]={
+	{0x23,0x8B,0x4F,0xE5,0x84,0x7E,0x44,0xB2},
+	{0xEB,0x6A,0x71,0x1A,0x2C,0x02,0x27,0x1B},
+	{0x7A,0xC8,0x16,0xD1,0x6E,0x9B,0x30,0x2E},
+	};
+unsigned char out[80];
+
+unsigned char in_a[16]={
+	0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78,
+	0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A};
+unsigned char in_b[16]={
+	0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78,
+	0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A};
+
+unsigned char c_a[16]={
+	0xEE,0xA9,0xD0,0xA2,0x49,0xFD,0x3B,0xA6,
+	0xB3,0x43,0x6F,0xB8,0x9D,0x6D,0xCA,0x92};
+unsigned char c_b[16]={
+	0xB2,0xC9,0x5E,0xB0,0x0C,0x31,0xAD,0x71,
+	0x80,0xAC,0x05,0xB8,0xE8,0x3D,0x69,0x6E};
+
+#if 0
+char *text="Hello to all people out there";
+
+static unsigned char cfb_key[16]={
+	0xe1,0xf0,0xc3,0xd2,0xa5,0xb4,0x87,0x96,
+	0x69,0x78,0x4b,0x5a,0x2d,0x3c,0x0f,0x1e,
+	};
+static unsigned char cfb_iv[80]={0x34,0x12,0x78,0x56,0xab,0x90,0xef,0xcd};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+#define CFB_TEST_SIZE 24
+static unsigned char plain[CFB_TEST_SIZE]=
+        {
+        0x4e,0x6f,0x77,0x20,0x69,0x73,
+        0x20,0x74,0x68,0x65,0x20,0x74,
+        0x69,0x6d,0x65,0x20,0x66,0x6f,
+        0x72,0x20,0x61,0x6c,0x6c,0x20
+        };
+static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
+	0x59,0xD8,0xE2,0x65,0x00,0x58,0x6C,0x3F,
+	0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
+	0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
+
+/*	0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+	0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+	0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+	}; 
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+#ifdef FULL_TEST
+	long l;
+	CAST_KEY key_b;
+#endif
+	int i,z,err=0;
+	CAST_KEY key;
+
+	for (z=0; z<1; z++)
+		{
+	CAST_set_key(&key,k_len[z],k);
+
+	CAST_ecb_encrypt(in,out,&key,CAST_ENCRYPT);
+	if (memcmp(out,&(c[z][0]),8) != 0)
+		{
+		printf("ecb cast error encrypting\n");
+		printf("got     :");
+		for (i=0; i<8; i++)
+			printf("%02X ",out[i]);
+		printf("\n");
+		printf("expected:");
+		for (i=0; i<8; i++)
+			printf("%02X ",c[z][i]);
+		err=20;
+		printf("\n");
+		}
+
+	CAST_ecb_encrypt(out,out,&key,CAST_DECRYPT);
+	if (memcmp(out,in,8) != 0)
+		{
+		printf("ecb cast error decrypting\n");
+		printf("got     :");
+		for (i=0; i<8; i++)
+			printf("%02X ",out[i]);
+		printf("\n");
+		printf("expected:");
+		for (i=0; i<8; i++)
+			printf("%02X ",in[i]);
+		printf("\n");
+		err=3;
+		}
+	}
+	if (err == 0) printf("ecb cast5 ok\n");
+
+#ifdef FULL_TEST
+	{
+	unsigned char out_a[16],out_b[16];
+	static char *hex="0123456789ABCDEF";
+
+	printf("This test will take some time....");
+	fflush(stdout);
+	memcpy(out_a,in_a,sizeof(in_a));
+	memcpy(out_b,in_b,sizeof(in_b));
+	i=1;
+
+	for (l=0; l<1000000L; l++)
+		{
+		CAST_set_key(&key_b,16,out_b);
+		CAST_ecb_encrypt(&(out_a[0]),&(out_a[0]),&key_b,CAST_ENCRYPT);
+		CAST_ecb_encrypt(&(out_a[8]),&(out_a[8]),&key_b,CAST_ENCRYPT);
+		CAST_set_key(&key,16,out_a);
+		CAST_ecb_encrypt(&(out_b[0]),&(out_b[0]),&key,CAST_ENCRYPT);
+		CAST_ecb_encrypt(&(out_b[8]),&(out_b[8]),&key,CAST_ENCRYPT);
+		if ((l & 0xffff) == 0xffff)
+			{
+			printf("%c",hex[i&0x0f]);
+			fflush(stdout);
+			i++;
+			}
+		}
+
+	if (	(memcmp(out_a,c_a,sizeof(c_a)) != 0) ||
+		(memcmp(out_b,c_b,sizeof(c_b)) != 0))
+		{
+		printf("\n");
+		printf("Error\n");
+
+		printf("A out =");
+		for (i=0; i<16; i++) printf("%02X ",out_a[i]);
+		printf("\nactual=");
+		for (i=0; i<16; i++) printf("%02X ",c_a[i]);
+		printf("\n");
+
+		printf("B out =");
+		for (i=0; i<16; i++) printf("%02X ",out_b[i]);
+		printf("\nactual=");
+		for (i=0; i<16; i++) printf("%02X ",c_b[i]);
+		printf("\n");
+		}
+	else
+		printf(" ok\n");
+	}
+#endif
+
+	exit(err);
+	return(err);
+	}
+
diff --git a/crypto/conf/Makefile.ssl b/crypto/conf/Makefile.ssl
index 878ac70b14..00e917aa44 100644
--- a/crypto/conf/Makefile.ssl
+++ b/crypto/conf/Makefile.ssl
@@ -80,6 +80,6 @@ clean:
 
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/conf/cnf_save.c b/crypto/conf/cnf_save.c
index 8524802e18..c9018de10e 100644
--- a/crypto/conf/cnf_save.c
+++ b/crypto/conf/cnf_save.c
@@ -1,5 +1,5 @@
 /* crypto/conf/cnf_save.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/conf/conf.c b/crypto/conf/conf.c
index 68243e9f01..9e84300c5e 100644
--- a/crypto/conf/conf.c
+++ b/crypto/conf/conf.c
@@ -1,5 +1,5 @@
 /* crypto/conf/conf.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -95,7 +95,7 @@ static CONF_VALUE *get_section();
 
 #define scan_esc(p)	((*(++p) == '\0')?(p):(++p))
 
-char *CONF_version="CONF part of SSLeay 0.8.1b 29-Jun-1998";
+char *CONF_version="CONF part of SSLeay 0.9.0b 29-Jun-1998";
 
 LHASH *CONF_load(h,file,line)
 LHASH *h;
@@ -124,7 +124,9 @@ long *line;
 	in=fopen(file,"rb");
 	if (in == NULL)
 		{
-		SYSerr(SYS_F_FOPEN,errno);
+		SYSerr(SYS_F_FOPEN,get_last_sys_error());
+		ERR_set_error_data(BUF_strdup(file),
+			ERR_TXT_MALLOCED|ERR_TXT_STRING);
 		CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB);
 		goto err;
 		}
@@ -706,13 +708,13 @@ char *section;
 	v->value=(char *)sk;
 	
 	vv=(CONF_VALUE *)lh_insert(conf,(char *)v);
-#ifndef WIN16
 	if (vv != NULL)
 		{
+#if !defined(NO_STDIO) && !defined(WIN16)
 		fprintf(stderr,"internal fault\n");
+#endif
 		abort();
 		}
-#endif
 	ok=1;
 err:
 	if (!ok)
diff --git a/crypto/conf/conf.h b/crypto/conf/conf.h
index a23ec95427..1446226a16 100644
--- a/crypto/conf/conf.h
+++ b/crypto/conf/conf.h
@@ -1,5 +1,5 @@
 /* crypto/conf/conf.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/conf/conf_err.c b/crypto/conf/conf_err.c
index b88c5b760b..a8db8f266f 100644
--- a/crypto/conf/conf_err.c
+++ b/crypto/conf/conf_err.c
@@ -60,6 +60,7 @@
 #include "conf.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA CONF_str_functs[]=
 	{
 {ERR_PACK(0,CONF_F_CONF_LOAD,0),	"CONF_load"},
@@ -77,14 +78,19 @@ static ERR_STRING_DATA CONF_str_reasons[]=
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_CONF_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_CONF,CONF_str_functs);
 		ERR_load_strings(ERR_LIB_CONF,CONF_str_reasons);
+#endif
+
 		}
 	}
diff --git a/crypto/conf/conf_lcl.h b/crypto/conf/conf_lcl.h
index 8ae7ce0735..4e5644ed79 100644
--- a/crypto/conf/conf_lcl.h
+++ b/crypto/conf/conf_lcl.h
@@ -1,5 +1,5 @@
 /* crypto/conf/conf_lcl.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/conf/test.c b/crypto/conf/test.c
index 17185926ac..899ee2a067 100644
--- a/crypto/conf/test.c
+++ b/crypto/conf/test.c
@@ -1,5 +1,5 @@
 /* crypto/conf/test.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/cpt_err.c b/crypto/cpt_err.c
new file mode 100644
index 0000000000..ea3c135d39
--- /dev/null
+++ b/crypto/cpt_err.c
@@ -0,0 +1,86 @@
+/* lib/crypto/crypto_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "crypto.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA CRYPTO_str_functs[]=
+	{
+{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,0),	"CRYPTO_get_ex_new_index"},
+{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_LOCKID,0),	"CRYPTO_get_new_lockid"},
+{ERR_PACK(0,CRYPTO_F_CRYPTO_SET_EX_DATA,0),	"CRYPTO_set_ex_data"},
+{0,NULL},
+	};
+
+#endif
+
+void ERR_load_CRYPTO_strings()
+	{
+	static int init=1;
+
+	if (init);
+		{;
+		init=0;
+#ifndef NO_ERR
+		ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_functs);
+#endif
+
+		}
+	}
diff --git a/crypto/cryptall.h b/crypto/cryptall.h
index 8eb0855408..65a46452a8 100644
--- a/crypto/cryptall.h
+++ b/crypto/cryptall.h
@@ -1,5 +1,5 @@
 /* crypto/cryptall.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c
index 12cf0733ec..9a7e80b7f8 100644
--- a/crypto/cryptlib.c
+++ b/crypto/cryptlib.c
@@ -1,5 +1,5 @@
 /* crypto/cryptlib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -62,6 +62,10 @@
 #include "crypto.h"
 #include "date.h"
 
+#if defined(WIN32) || defined(WIN16)
+static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */
+#endif
+
 /* real #defines in crypto.h, keep these upto date */
 static char* lock_names[CRYPTO_NUM_LOCKS] =
 	{
@@ -83,10 +87,13 @@ static char* lock_names[CRYPTO_NUM_LOCKS] =
 	"ssl",
 	"rand",
 	"debug_malloc",
-	"bio_gethostbyname",
 	"BIO",
+	"bio_gethostbyname",
+	"RSA_blinding",
 	};
 
+static STACK *app_locks=NULL;
+
 #ifndef NOPROTO
 static void (MS_FAR *locking_callback)(int mode,int type,
 	char *file,int line)=NULL;
@@ -99,6 +106,34 @@ static int (MS_FAR *add_lock_callback)()=NULL;
 static unsigned long (MS_FAR *id_callback)()=NULL;
 #endif
 
+int CRYPTO_get_new_lockid(name)
+char *name;
+	{
+	char *str;
+	int i;
+
+	/* A hack to make Visual C++ 5.0 work correctly when linking as
+	 * a DLL using /MT. Without this, the application cannot use
+	 * and floating point printf's.
+	 * It also seems to be needed for Visual C 1.5 (win16) */
+#if defined(WIN32) || defined(WIN16)
+	SSLeay_MSVC5_hack=(double)name[0]*(double)name[1];
+#endif
+
+	if (app_locks == NULL)
+		if ((app_locks=sk_new_null()) == NULL)
+			CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
+			return(0);
+	if ((str=BUF_strdup(name)) == NULL)
+		return(0);
+	i=sk_push(app_locks,str);
+	if (!i)
+		Free(str);
+	else
+		i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */
+	return(i);
+	}
+
 void (*CRYPTO_get_locking_callback(P_V))(P_I_I_P_I)
 	{
 	return(locking_callback);
@@ -232,9 +267,14 @@ int line;
 char *CRYPTO_get_lock_name(type)
 int type;
 	{
-	if ((type < 0) || (type >= CRYPTO_NUM_LOCKS))
+	if (type < 0)
+		return("ERROR");
+	else if (type < CRYPTO_NUM_LOCKS)
+		return(lock_names[type]);
+	else if (type-CRYPTO_NUM_LOCKS >= sk_num(app_locks))
 		return("ERROR");
-	return(lock_names[type]);
+	else
+		return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
 	}
 
 #ifdef _DLL
diff --git a/crypto/cryptlib.h b/crypto/cryptlib.h
index cce9a999f3..7208f9e4e9 100644
--- a/crypto/cryptlib.h
+++ b/crypto/cryptlib.h
@@ -1,5 +1,5 @@
 /* crypto/cryptlib.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -66,7 +66,7 @@
 extern "C" {
 #endif
 
-#ifdef FLAT_INC
+/* #ifdef FLAT_INC */
 
 #include "e_os.h"
 #include "crypto.h"
@@ -74,6 +74,7 @@ extern "C" {
 #include "bio.h" 
 #include "err.h"
 
+/*
 #else
 
 #include "../e_os.h"
@@ -82,6 +83,7 @@ extern "C" {
 #include "bio/bio.h"
 #include "err/err.h"
 #endif
+*/
 
 #define X509_CERT_AREA		"/usr/local/ssl"
 #define X509_CERT_DIR		"/usr/local/ssl/certs"
diff --git a/crypto/crypto.c b/crypto/crypto.c
index 16c4af47de..7f89c5a608 100644
--- a/crypto/crypto.c
+++ b/crypto/crypto.c
@@ -1,5 +1,5 @@
 /* crypto/crypto.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -60,6 +60,7 @@
  * BN_ASM */
 #ifndef BN_ASM
 #undef BN_ASM
+#define X86_ASM
 #endif
 
 #ifndef DES_ASM
@@ -95,9 +96,11 @@
 #define CRYPTO_PEM_SUBSET
 #define CRYPTO_RAND_SUBSET
 #define CRYPTO_RC_SUBSET
-#define CRYPTO_BF_SUBSET
+#define CRYPTO_BLOWFISH_SUBSET
+#define CRYPTO_CAST_SUBSET
 #define CRYPTO_RSA_SUBSET
 #define CRYPTO_SHA_SUBSET
+#define CRYPTO_HMAC_SUBSET
 #define CRYPTO_SHA1_SUBSET
 #define CRYPTO_STACK_SUBSET
 #define CRYPTO_TXT_DB_SUBSET
@@ -213,6 +216,7 @@
 #include "asn1/x_val.c"
 #include "asn1/x_x509.c"
 #endif
+
 #ifdef CRYPTO_BN_SUBSET
 #include "bn/bn_add.c"
 #include "bn/bn_div.c"
@@ -234,7 +238,9 @@
 #include "bn/bn_word.c"
 #include "bn/bn_print.c"
 #include "bn/bn_err.c"
+#include "bn/bn_blind.c"
 #endif
+
 #ifdef CRYPTO_BIO_SUBSET
 #include "bio/bf_buff.c"
 #include "bio/bf_null.c"
@@ -256,14 +262,17 @@
 #include "bio/b_dump.c"
 #include "bio/bio_err.c"
 #endif
+
 #ifdef CRYPTO_BUFFER_SUBSET
 #include "buffer/buf_err.c"
 #include "buffer/buffer.c"
 #endif
+
 #ifdef CRYPTO_CONF_SUBSET
 #include "conf/conf.c"
 #include "conf/conf_err.c"
 #endif
+
 #ifdef CRYPTO_DES_SUBSET
 #include "des/read_pwd.c"
 #ifndef NO_DES
@@ -271,12 +280,9 @@
 #include "des/fcrypt_b.c"
 #include "des/des_enc.c"
 #endif
-#include "des/ncbc_enc.c"
-#include "des/cbc3_enc.c"
 #include "des/cbc_cksm.c"
 #include "des/xcbc_enc.c"
 #include "des/cbc_enc.c"
-#include "des/ede_enc.c"
 #include "des/cfb64ede.c"
 #include "des/cfb64enc.c"
 #include "des/cfb_enc.c"
@@ -298,6 +304,7 @@
 #include "des/supp.c"
 #endif
 #endif
+
 #ifdef CRYPTO_DH_SUBSET
 #ifndef NO_DH
 #include "dh/dh_check.c"
@@ -307,6 +314,7 @@
 #include "dh/dh_lib.c"
 #endif
 #endif
+
 #ifdef CRYPTO_DSA_SUBSET
 #ifndef NO_DSA
 #include "dsa/dsa_gen.c"
@@ -317,11 +325,13 @@
 #include "dsa/dsa_err.c"
 #endif
 #endif
+
 #ifdef CRYPTO_ERROR_SUBSET
 #include "err/err.c"
 #include "err/err_all.c"
 #include "err/err_prn.c"
 #endif
+
 #ifdef CRYPTO_EVP_SUBSET
 #include "evp/bio_md.c"
 #include "evp/bio_b64.c"
@@ -357,6 +367,12 @@
 #include "evp/e_ecb_bf.c"
 #include "evp/e_ofb_bf.c"
 #endif
+#ifndef NO_CAST
+#include "evp/e_cbc_c.c"
+#include "evp/e_cfb_c.c"
+#include "evp/e_ecb_c.c"
+#include "evp/e_ofb_c.c"
+#endif
 #ifndef NO_RC4
 #include "evp/e_rc4.c"
 #endif
@@ -375,6 +391,7 @@
 #include "evp/p_sign.c"
 #include "evp/p_verify.c"
 #endif
+
 #ifdef CRYPTO_IDEA_SUBSET
 #ifndef NO_IDEA
 #include "idea/i_cbc.c"
@@ -384,34 +401,49 @@
 #include "idea/i_skey.c"
 #endif
 #endif
-#ifdef CRYPTO_BF_SUBSET
+
+#ifdef CRYPTO_BLOWFISH_SUBSET
 #ifndef NO_BLOWFISH
 #include "bf/bf_cfb64.c"
 #include "bf/bf_ecb.c"
 #ifndef BF_ASM
 #include "bf/bf_enc.c"
 #endif
-#include "bf/bf_cbc.c"
 #include "bf/bf_ofb64.c"
 #include "bf/bf_skey.c"
 #endif
 #endif
+
+#ifdef CRYPTO_CAST_SUBSET
+#ifndef NO_CAST
+#include "cast/c_cfb64.c"
+#include "cast/c_ecb.c"
+#ifndef CAST_ASM
+#include "cast/c_enc.c"
+#endif
+#include "cast/c_ofb64.c"
+#include "cast/c_skey.c"
+#endif
+#endif
+
 #ifdef CRYPTO_LHASH_SUBSET
 #include "lhash/lh_stats.c"
 #include "lhash/lhash.c"
 #endif
+
 #ifdef CRYPTO_MD_SUBSET
 #ifndef NO_MD2
-#include "md/md2_dgst.c"
-#include "md/md2_one.c"
+#include "md2/md2_dgst.c"
+#include "md2/md2_one.c"
 #include "evp/m_md2.c"
 #endif
 #ifndef NO_MD5
-#include "md/md5_dgst.c"
-#include "md/md5_one.c"
+#include "md5/md5_dgst.c"
+#include "md5/md5_one.c"
 #include "evp/m_md5.c"
 #endif
 #endif
+
 #ifdef CRYPTO_MDC2_SUBSET
 #ifndef NO_MDC2
 #include "mdc2/mdc2dgst.c"
@@ -419,11 +451,13 @@
 #include "evp/m_mdc2.c"
 #endif
 #endif
+
 #ifdef CRYPTO_OBJECTS_SUBSET
 #include "objects/obj_dat.c"
 #include "objects/obj_err.c"
 #include "objects/obj_lib.c"
 #endif
+
 #ifdef CRYPTO_PEM_SUBSET
 #include "pem/pem_err.c"
 #include "pem/pem_info.c"
@@ -434,23 +468,35 @@
 #include "pem/pem_sign.c"
 #endif
 #endif
+
 #ifdef CRYPTO_RAND_SUBSET
 #include "rand/md_rand.c"
 #include "rand/randfile.c"
 #endif
+
 #ifdef CRYPTO_RC_SUBSET
-#ifndef NO_RC4
+#ifndef NO_RC2
 #include "rc2/rc2_cbc.c"
 #include "rc2/rc2_ecb.c"
 #include "rc2/rc2_skey.c"
 #include "rc2/rc2cfb64.c"
 #include "rc2/rc2ofb64.c"
+#endif
+#ifndef NO_RC4
+#include "rc4/rc4_skey.c"
+#ifndef RC4_ASM
 #include "rc4/rc4_enc.c"
 #endif
 #endif
+#endif
+
+#ifdef CRYPTO_HMAC_SUBSET
+#include "hmac/hmac.c"
+#endif
+
 #ifdef CRYPTO_RSA_SUBSET
 #ifndef NO_RSA
-#include "rsa/rsa_enc.c"
+#include "rsa/rsa_eay.c"
 #include "rsa/rsa_err.c"
 #include "rsa/rsa_gen.c"
 #include "rsa/rsa_lib.c"
@@ -458,6 +504,7 @@
 #include "rsa/rsa_saos.c"
 #endif
 #endif
+
 #ifdef CRYPTO_SHA1_SUBSET
 #ifndef NO_SHA1
 #include "sha/sha1_one.c"
@@ -466,6 +513,7 @@
 #include "evp/m_sha1.c"
 #endif
 #endif
+
 #ifdef CRYPTO_SHA_SUBSET
 #ifndef NO_SHA
 #include "evp/m_dss.c"
@@ -474,12 +522,15 @@
 #include "evp/m_sha.c"
 #endif
 #endif
+
 #ifdef CRYPTO_STACK_SUBSET
 #include "stack/stack.c"
 #endif
+
 #ifdef CRYPTO_TXT_DB_SUBSET
 #include "txt_db/txt_db.c"
 #endif
+
 #ifdef CRYPTO_X509_SUBSET
 #include "x509/x509_cmp.c"
 #include "x509/x509_d2.c"
@@ -504,9 +555,11 @@
 #include "x509/v3_net.c"
 #include "x509/v3_x509.c"
 #endif
-#endif
-#ifdef CRYPTO_PKCS7_SUBSET /* I have an excplicit removal of 7 lines */
+
+
+#ifdef CRYPTO_PKCS7_SUBSET /* I have an explicit removal of 7 lines */
 #include "pkcs7/pk7_lib.c"
 #include "pkcs7/pkcs7err.c"
-#endif
+#include "pkcs7/pk7_doit.c"
+#endif /* CRYPTO_PKCS7_SUBSET */
 
diff --git a/crypto/crypto.err b/crypto/crypto.err
new file mode 100644
index 0000000000..4ea3385e73
--- /dev/null
+++ b/crypto/crypto.err
@@ -0,0 +1,8 @@
+/* Error codes for the CRYPTO functions. */
+
+/* Function codes. */
+#define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX		 100
+#define CRYPTO_F_CRYPTO_GET_NEW_LOCKID			 101
+#define CRYPTO_F_CRYPTO_SET_EX_DATA			 102
+
+/* Reason codes. */
diff --git a/crypto/crypto.h b/crypto/crypto.h
index fd7ff6a77d..0a38b5b87c 100644
--- a/crypto/crypto.h
+++ b/crypto/crypto.h
@@ -1,5 +1,5 @@
 /* crypto/crypto.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -63,9 +63,11 @@
 extern "C" {
 #endif
 
+#include "stack.h"
+
 /* This is more to be used to check the correct DLL is being used
  * in the MS world. */
-#define SSLEAY_VERSION_NUMBER	0x0800	/* Version 0.5.1c would be 0513 */
+#define SSLEAY_VERSION_NUMBER	0x0902	/* Version 0.5.1c would be 0513 */
 
 #define SSLEAY_VERSION		0
 /* #define SSLEAY_OPTIONS	1 no longer supported */
@@ -95,15 +97,14 @@ extern "C" {
 #define	CRYPTO_LOCK_MALLOC		17
 #define	CRYPTO_LOCK_BIO			18
 #define	CRYPTO_LOCK_BIO_GETHOSTBYNAME	19
-#define	CRYPTO_NUM_LOCKS		20
+#define CRYPTO_LOCK_RSA_BLINDING	20
+#define	CRYPTO_NUM_LOCKS		21
 
 #define CRYPTO_LOCK		1
 #define CRYPTO_UNLOCK		2
 #define CRYPTO_READ		4
 #define CRYPTO_WRITE		8
 
-/* The following stuff is not being used, it was not finished for
- * SSLeay 0.6.0 */
 #ifndef CRYPTO_w_lock
 #define CRYPTO_w_lock(type)	\
 	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
@@ -133,6 +134,43 @@ typedef struct crypto_mem_st
 	} CRYPTO_MEM_FUNC;
 */
 
+/* predec of the BIO type */
+typedef struct bio_st BIO_dummy;
+
+typedef struct crypto_ex_data_st
+	{
+	STACK *sk;
+	int dummy; /* gcc is screwing up this data structure :-( */
+	} CRYPTO_EX_DATA;
+
+/* This stuff is basically class callback functions
+ * The current classes are SSL_CTX, SSL, SSL_SESION, and a few more */
+typedef struct crypto_ex_data_func_st
+	{
+	long argl;	/* Arbitary long */
+	char *argp;	/* Arbitary char * */
+	/* Called when a new object is created */
+	int (*new_func)(/*char *obj,
+			char *item,int index,long argl,char *argp*/);
+	/* Called when this object is free()ed */
+	void (*free_func)(/*char *obj,
+			char *item,int index,long argl,char *argp*/);
+
+	/* Called when we need to dup this one */
+	int (*dup_func)(/*char *obj_to,char *obj_from,
+			char **new,int index,long argl,char *argp*/);
+	} CRYPTO_EX_DATA_FUNCS;
+
+/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
+ * entry.
+ */
+
+#define CRYPTO_EX_INDEX_BIO		0
+#define CRYPTO_EX_INDEX_SSL		1
+#define CRYPTO_EX_INDEX_SSL_CTX		2
+#define CRYPTO_EX_INDEX_SSL_SESSION	3
+#define CRYPTO_EX_INDEX_X509_STORE	4
+#define CRYPTO_EX_INDEX_X509_STORE_CTX	5
 
 /* Use this for win32 DLL's */
 #define CRYPTO_malloc_init()	CRYPTO_set_mem_functions(\
@@ -163,12 +201,26 @@ typedef struct crypto_mem_st
 #endif /* WIN32 || MFUNC */
 #endif /* MDEBUG */
 
+/* Case insensiteve linking causes problems.... */
+#ifdef WIN16
+#define ERR_load_CRYPTO_strings	ERR_load_CRYPTOlib_strings
+#endif
+
 #ifndef NOPROTO
 
 char *SSLeay_version(int type);
 unsigned long SSLeay(void);
 
+int CRYPTO_get_ex_new_index(int idx,STACK **sk,long argl,char *argp,
+	int (*new_func)(),int (*dup_func)(),void (*free_func)());
+int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad,int idx,char *val);
+char *CRYPTO_get_ex_data(CRYPTO_EX_DATA *ad,int idx);
+int CRYPTO_dup_ex_data(STACK *meth,CRYPTO_EX_DATA *from,CRYPTO_EX_DATA *to);
+void CRYPTO_free_ex_data(STACK *meth,char *obj,CRYPTO_EX_DATA *ad);
+void CRYPTO_new_ex_data(STACK *meth, char *obj, CRYPTO_EX_DATA *ad);
+
 int CRYPTO_mem_ctrl(int mode);
+int CRYPTO_get_new_lockid(char *name);
 void CRYPTO_lock(int mode, int type,char *file,int line);
 void CRYPTO_set_locking_callback(void (*func)(int mode,int type,char *file,
 		int line));
@@ -196,21 +248,29 @@ char *CRYPTO_dbg_malloc(int num,char *file,int line);
 char *CRYPTO_dbg_realloc(char *addr,int num,char *file,int line);
 void CRYPTO_dbg_free(char *);
 char *CRYPTO_dbg_remalloc(char *addr,int num,char *file,int line);
-#ifndef WIN16
+#ifndef NO_FP_API
 void CRYPTO_mem_leaks_fp(FILE *);
 #endif
-#ifdef HEADER_BIO_H
-void CRYPTO_mem_leaks(BIO *);
-#endif
+void CRYPTO_mem_leaks(struct bio_st *bio);
 /* unsigned long order, char *file, int line, int num_bytes, char *addr */
 void CRYPTO_mem_leaks_cb(void (*cb)());
 
+void ERR_load_CRYPTO_strings(void );
+
 #else 
 
+int CRYPTO_get_ex_new_index();
+int CRYPTO_set_ex_data();
+char *CRYPTO_get_ex_data();
+int CRYPTO_dup_ex_data();
+void CRYPTO_free_ex_data();
+void CRYPTO_new_ex_data();
+
 int CRYPTO_mem_ctrl();
 char *SSLeay_version();
 unsigned long SSLeay();
 
+int CRYPTO_get_new_lockid();
 void CRYPTO_lock();
 void CRYPTO_set_locking_callback();
 void (*CRYPTO_get_locking_callback())();
@@ -232,16 +292,28 @@ char *CRYPTO_dbg_remalloc();
 char *CRYPTO_dbg_malloc();
 char *CRYPTO_dbg_realloc();
 void CRYPTO_dbg_free();
-#ifndef WIN16
+#ifndef NO_FP_API
 void CRYPTO_mem_leaks_fp();
 #endif
 void CRYPTO_mem_leaks();
 void CRYPTO_mem_leaks_cb();
 
+void ERR_load_CRYPTO_strings();
+
 #endif
 
+/* BEGIN ERROR CODES */
+/* Error codes for the CRYPTO functions. */
+
+/* Function codes. */
+#define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX		 100
+#define CRYPTO_F_CRYPTO_GET_NEW_LOCKID			 101
+#define CRYPTO_F_CRYPTO_SET_EX_DATA			 102
+
+/* Reason codes. */
+ 
 #ifdef  __cplusplus
 }
 #endif
-
 #endif
+
diff --git a/crypto/cversion.c b/crypto/cversion.c
index d36496dcc5..4e823be52f 100644
--- a/crypto/cversion.c
+++ b/crypto/cversion.c
@@ -1,5 +1,5 @@
 /* crypto/cversion.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -66,7 +66,7 @@ char *SSLeay_version(t)
 int t;
 	{
 	if (t == SSLEAY_VERSION)
-		return("SSLeay 0.8.1b 29-Jun-1998");
+		return("SSLeay 0.9.0b 29-Jun-1998");
 	if (t == SSLEAY_BUILT_ON)
 		{
 #ifdef DATE
diff --git a/crypto/date.h b/crypto/date.h
index ac96ada60f..1cbe8f6efb 100644
--- a/crypto/date.h
+++ b/crypto/date.h
@@ -1 +1 @@
-#define DATE	"Sat Jul 19 04:59:06 EST 1997"
+#define DATE	"Fri Apr 10 01:11:55 EST 1998"
diff --git a/crypto/des/INSTALL b/crypto/des/INSTALL
index 3b8dae6b5f..32457d775c 100644
--- a/crypto/des/INSTALL
+++ b/crypto/des/INSTALL
@@ -30,13 +30,13 @@ turn on the relevent option in the Makefile
 There are some special Makefile targets that make life easier.
 make cc		- standard cc build
 make gcc	- standard gcc build
-make x86-elf	- x86 assember (elf), linux-elf.
-make x86-out	- x86 assember (a.out), FreeBSD
-make x86-solaris- x86 assember
-make x86-bsdi	- x86 assember (a.out with primative assember).
+make x86-elf	- x86 assembler (elf), linux-elf.
+make x86-out	- x86 assembler (a.out), FreeBSD
+make x86-solaris- x86 assembler
+make x86-bsdi	- x86 assembler (a.out with primative assembler).
 
-If at all possible use the assember (for Windows NT/95, use
-asm/win32.obj to link with).  The x86 assember is very very fast.
+If at all possible use the assembler (for Windows NT/95, use
+asm/win32.obj to link with).  The x86 assembler is very very fast.
 
 A make install will by default install
 libdes.a      in /usr/local/lib/libdes.a
diff --git a/crypto/des/Makefile.lit b/crypto/des/Makefile.lit
index cfd1b40e46..c09f6969da 100644
--- a/crypto/des/Makefile.lit
+++ b/crypto/des/Makefile.lit
@@ -54,10 +54,10 @@ AS=as
 
 # Assember version of des_encrypt*().
 DES_ENC=des_enc.o fcrypt_b.o		# normal C version
-#DES_ENC=asm/dx86-elf.o	asm/cx86-elf.o	# elf format x86
-#DES_ENC=asm/dx86-out.o	asm/cx86-out.o	# a.out format x86
-#DES_ENC=asm/dx86-sol.o	asm/cx86-sol.o	# solaris format x86 
-#DES_ENC=asm/dx86bsdi.o	asm/cx86basi.o	# bsdi format x86 
+#DES_ENC=asm/dx86-elf.o	asm/yx86-elf.o	# elf format x86
+#DES_ENC=asm/dx86-out.o	asm/yx86-out.o	# a.out format x86
+#DES_ENC=asm/dx86-sol.o	asm/yx86-sol.o	# solaris format x86 
+#DES_ENC=asm/dx86bsdi.o	asm/yx86basi.o	# bsdi format x86 
 
 LIBDIR=/usr/local/lib
 BINDIR=/usr/local/bin
@@ -66,8 +66,8 @@ MANDIR=/usr/local/man
 MAN1=1
 MAN3=3
 SHELL=/bin/sh
-OBJ_LIT=ede_enc.o cbc_enc.o ncbc_enc.o ecb_enc.o $(DES_ENC) fcrypt.o set_key.o
-OBJ_FULL=cbc3_enc.o cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
+OBJ_LIT=cbc_enc.o ecb_enc.o $(DES_ENC) fcrypt.o set_key.o
+OBJ_FULL=cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
 	xcbc_enc.o qud_cksm.o \
 	cfb64ede.o cfb64enc.o cfb_enc.o ecb3_enc.o \
 	enc_read.o enc_writ.o ofb64ede.o ofb64enc.o ofb_enc.o  \
@@ -76,22 +76,21 @@ OBJ_FULL=cbc3_enc.o cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
 GENERAL_LIT=COPYRIGHT INSTALL README VERSION Makefile des_crypt.man \
 	des.doc options.txt asm
 GENERAL_FULL=$(GENERAL_LIT) FILES Imakefile times vms.com KERBEROS MODES.DES \
-	GNUmakefile des.man DES.pm DES.pod DES.xs Makefile.PL \
+	des.man DES.pm DES.pod DES.xs Makefile.PL dess.cpp des3s.cpp \
 	Makefile.uni typemap t Makefile.ssl makefile.bc Makefile.lit \
 	des.org des_locl.org
 TESTING_LIT=	destest speed des_opts
-TESTING_FULL=	destest speed des_opts $(TESTING_LIT)
+TESTING_FULL=	rpw $(TESTING_LIT)
 TESTING_SRC_LIT=destest.c speed.c des_opts.c
 TESTING_SRC_FULL=rpw.c $(TESTING_SRC_LIT)
 HEADERS_LIT=des_ver.h des.h des_locl.h podd.h sk.h spr.h
 HEADERS_FULL= $(HEADERS_LIT) rpc_des.h
-LIBDES_LIT=ede_enc.c cbc_enc.c ncbc_enc.c ecb_enc.c fcrypt.c set_key.c \
-	des_enc.c fcrypt_b.c
+LIBDES_LIT=cbc_enc.c ecb_enc.c fcrypt.c set_key.c des_enc.c fcrypt_b.c
 LIBDES_FULL= cbc_cksm.c pcbc_enc.c qud_cksm.c \
-	cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c  cbc3_enc.c  \
+	cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c \
 	enc_read.c enc_writ.c ofb64ede.c ofb64enc.c ofb_enc.c  \
 	rand_key.c rpc_enc.c  str2key.c  supp.c \
-	xcbc_enc.c $(LIBDES_LIT) read_pwd.c read2pwd.c 
+	xcbc_enc.c $(LIBDES_LIT) read_pwd.c read2pwd.c
 
 PERL=	des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
 
@@ -115,48 +114,54 @@ gcc:
 	$(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
 
 x86-elf:
-	$(MAKE) DES_ENC='asm/dx86-elf.o asm/cx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
+	$(MAKE) DES_ENC='asm/dx86-elf.o asm/yx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
 
 x86-out:
-	$(MAKE) DES_ENC='asm/dx86-out.o asm/cx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
+	$(MAKE) DES_ENC='asm/dx86-out.o asm/yx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
 
 x86-solaris:
-	$(MAKE) DES_ENC='asm/dx86-sol.o asm/cx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
+	$(MAKE) DES_ENC='asm/dx86-sol.o asm/yx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
 
 x86-bsdi:
-	$(MAKE) DES_ENC='asm/dx86bsdi.o asm/cx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
+	$(MAKE) DES_ENC='asm/dx86bsdi.o asm/yx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
 
 # elf
-asm/dx86-elf.o: asm/dx86-cpp.s asm/dx86unix.cpp
+asm/dx86-elf.o: asm/dx86unix.cpp
 	$(CPP) -DELF asm/dx86unix.cpp | $(AS) -o asm/dx86-elf.o
 
-asm/cx86-elf.o: asm/cx86-cpp.s asm/cx86unix.cpp
-	$(CPP) -DELF asm/cx86unix.cpp | $(AS) -o asm/cx86-elf.o
+asm/yx86-elf.o: asm/yx86unix.cpp
+	$(CPP) -DELF asm/yx86unix.cpp | $(AS) -o asm/yx86-elf.o
 
 # solaris
-asm/dx86-sol.o: asm/dx86-cpp.s asm/dx86unix.cpp
+asm/dx86-sol.o: asm/dx86unix.cpp
 	$(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
 	as -o asm/dx86-sol.o asm/dx86-sol.s
 	rm -f asm/dx86-sol.s
 
-asm/cx86-sol.o: asm/cx86-cpp.s asm/cx86unix.cpp
-	$(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
-	as -o asm/cx86-sol.o asm/cx86-sol.s
-	rm -f asm/cx86-sol.s
+asm/yx86-sol.o: asm/yx86unix.cpp
+	$(CC) -E -DSOL asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s
+	as -o asm/yx86-sol.o asm/yx86-sol.s
+	rm -f asm/yx86-sol.s
 
 # a.out
-asm/dx86-out.o: asm/dx86-cpp.s asm/dx86unix.cpp
+asm/dx86-out.o: asm/dx86unix.cpp
 	$(CPP) -DOUT asm/dx86unix.cpp | $(AS) -o asm/dx86-out.o
 
-asm/cx86-out.o: asm/cx86-cpp.s asm/cx86unix.cpp
-	$(CPP) -DOUT asm/cx86unix.cpp | $(AS) -o asm/cx86-out.o
+asm/yx86-out.o: asm/yx86unix.cpp
+	$(CPP) -DOUT asm/yx86unix.cpp | $(AS) -o asm/yx86-out.o
 
 # bsdi
-asm/dx86bsdi.o: asm/dx86-cpp.s asm/dx86unix.cpp
+asm/dx86bsdi.o: asm/dx86unix.cpp
 	$(CPP) -DBSDI asm/dx86unix.cpp | $(AS) -o asm/dx86bsdi.o
 
-asm/cx86bsdi.o: asm/cx86-cpp.s asm/cx86unix.cpp
-	$(CPP) -DBSDI asm/cx86unix.cpp | $(AS) -o asm/cx86bsdi.o
+asm/yx86bsdi.o: asm/yx86unix.cpp
+	$(CPP) -DBSDI asm/yx86unix.cpp | $(AS) -o asm/yx86bsdi.o
+
+asm/dx86unix.cpp:
+	(cd asm; perl des-586.pl cpp >dx86unix.cpp)
+
+asm/yx86unix.cpp:
+	(cd asm; perl crypt586.pl cpp >yx86unix.cpp)
 
 test:	all
 	./destest
@@ -211,7 +216,7 @@ dclean:
 	mv -f Makefile.new Makefile
 
 # Eric is probably going to choke when he next looks at this --tjh
-install: $(DLIB) des
+install:
 	if test $(INSTALLTOP); then \
 	    echo SSL style install; \
 	    cp $(DLIB) $(INSTALLTOP)/lib; \
@@ -224,8 +229,6 @@ install: $(DLIB) des
 	    chmod 644 $(INSTALLTOP)/lib/$(DLIB); \
 	    cp des.h $(INSTALLTOP)/include; \
 	    chmod 644 $(INSTALLTOP)/include/des.h; \
-	    cp des $(INSTALLTOP)/bin; \
-	    chmod 755 $(INSTALLTOP)/bin/des; \
 	else \
 	    echo Standalone install; \
 	    cp $(DLIB) $(LIBDIR)/$(DLIB); \
@@ -237,8 +240,6 @@ install: $(DLIB) des
 	      fi; \
 	    fi; \
 	    chmod 644 $(LIBDIR)/$(DLIB); \
-	    cp des $(BINDIR)/des; \
-	    chmod 711 $(BINDIR)/des; \
 	    cp des_crypt.man $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
 	    chmod 644 $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
 	    cp des.man $(MANDIR)/man$(MAN1)/des.$(MAN1); \
diff --git a/crypto/des/Makefile.ssl b/crypto/des/Makefile.ssl
index 51bfe7cf37..78b5189ee3 100644
--- a/crypto/des/Makefile.ssl
+++ b/crypto/des/Makefile.ssl
@@ -15,7 +15,7 @@ MAKEFILE=	Makefile.ssl
 AR=		ar r
 DES_ENC=	des_enc.o fcrypt_b.o
 # or use
-#DES_ENC=	dx86-elf.o cx86-elf.o
+#DES_ENC=	dx86-elf.o yx86-elf.o
 
 CFLAGS= $(INCLUDES) $(CFLAG)
 
@@ -24,17 +24,17 @@ TEST=destest.c
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC=	cbc3_enc.c cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
-	ecb3_enc.c ecb_enc.c  ede_enc.c  enc_read.c enc_writ.c \
-	fcrypt.c   ncbc_enc.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
+LIBSRC=	cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
+	ecb3_enc.c ecb_enc.c  enc_read.c enc_writ.c \
+	fcrypt.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
 	qud_cksm.c rand_key.c read_pwd.c rpc_enc.c  set_key.c  \
 	des_enc.c fcrypt_b.c read2pwd.c \
 	fcrypt.c xcbc_enc.c \
 	str2key.c  cfb64ede.c ofb64ede.c supp.c
 
-LIBOBJ= set_key.o  ecb_enc.o  ede_enc.o  cbc_enc.o  cbc3_enc.o \
+LIBOBJ= set_key.o  ecb_enc.o  cbc_enc.o \
 	ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
-	enc_read.o enc_writ.o ncbc_enc.o ofb64enc.o \
+	enc_read.o enc_writ.o ofb64enc.o \
 	ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
 	${DES_ENC} read2pwd.o \
 	fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o  cbc_cksm.o supp.o
@@ -57,36 +57,42 @@ lib:	$(LIBOBJ)
 	@touch lib
 
 # elf
-asm/dx86-elf.o: asm/dx86-cpp.s asm/dx86unix.cpp
+asm/dx86-elf.o: asm/dx86unix.cpp
 	$(CPP) -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
 
-asm/cx86-elf.o: asm/cx86-cpp.s asm/cx86unix.cpp
-	$(CPP) -DELF asm/cx86unix.cpp | as -o asm/cx86-elf.o
+asm/yx86-elf.o: asm/yx86unix.cpp
+	$(CPP) -DELF asm/yx86unix.cpp | as -o asm/yx86-elf.o
 
 # solaris
-asm/dx86-sol.o: asm/dx86-cpp.s asm/dx86unix.cpp
+asm/dx86-sol.o: asm/dx86unix.cpp
 	$(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
 	as -o asm/dx86-sol.o asm/dx86-sol.s
 	rm -f asm/dx86-sol.s
 
-asm/cx86-sol.o: asm/cx86-cpp.s asm/cx86unix.cpp
-	$(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
-	as -o asm/cx86-sol.o asm/cx86-sol.s
-	rm -f asm/cx86-sol.s
+asm/yx86-sol.o: asm/yx86unix.cpp
+	$(CC) -E -DSOL asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s
+	as -o asm/yx86-sol.o asm/yx86-sol.s
+	rm -f asm/yx86-sol.s
 
 # a.out
-asm/dx86-out.o: asm/dx86-cpp.s asm/dx86unix.cpp
+asm/dx86-out.o: asm/dx86unix.cpp
 	$(CPP) -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
 
-asm/cx86-out.o: asm/cx86-cpp.s asm/cx86unix.cpp
-	$(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o
+asm/yx86-out.o: asm/yx86unix.cpp
+	$(CPP) -DOUT asm/yx86unix.cpp | as -o asm/yx86-out.o
 
 # bsdi
-asm/dx86bsdi.o: asm/dx86-cpp.s asm/dx86unix.cpp
+asm/dx86bsdi.o: asm/dx86unix.cpp
 	$(CPP) -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
 
-asm/cx86bsdi.o: asm/cx86-cpp.s asm/cx86unix.cpp
-	$(CPP) -DBSDI asm/cx86unix.cpp | as -o asm/cx86bsdi.o
+asm/yx86bsdi.o: asm/yx86unix.cpp
+	$(CPP) -DBSDI asm/yx86unix.cpp | as -o asm/yx86bsdi.o
+
+asm/dx86unix.cpp:
+	(cd asm; perl des-586.pl cpp >dx86unix.cpp)
+
+asm/yx86unix.cpp:
+	(cd asm; perl crypt586.pl cpp >yx86unix.cpp)
 
 files:
 	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
@@ -95,13 +101,12 @@ links:
 	/bin/rm -f Makefile
 	$(TOP)/util/point.sh Makefile.ssl Makefile
 	/bin/rm -f des.doc
+	/bin/rm -fr asm/perlasm
+	$(TOP)/util/point.sh ../../perlasm asm/perlasm
 	$(TOP)/util/point.sh ../../doc/des.doc des.doc
 	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
 	$(TOP)/util/mklink.sh ../../test $(TEST)
 	$(TOP)/util/mklink.sh ../../apps $(APPS)
-	/bin/rm -f asm/x86ms.pl asm/x86unix.pl
-	$(TOP)/util/point.sh ../../perlasm/x86ms.pl asm/x86ms.pl
-	$(TOP)/util/point.sh ../../perlasm/x86unix.pl asm/x86unix.pl
 
 install: installs
 
diff --git a/crypto/des/Makefile.uni b/crypto/des/Makefile.uni
index 4e29805cf2..8f1759748a 100644
--- a/crypto/des/Makefile.uni
+++ b/crypto/des/Makefile.uni
@@ -54,10 +54,10 @@ AS=as
 
 # Assember version of des_encrypt*().
 DES_ENC=des_enc.o fcrypt_b.o		# normal C version
-#DES_ENC=asm/dx86-elf.o	asm/cx86-elf.o	# elf format x86
-#DES_ENC=asm/dx86-out.o	asm/cx86-out.o	# a.out format x86
-#DES_ENC=asm/dx86-sol.o	asm/cx86-sol.o	# solaris format x86 
-#DES_ENC=asm/dx86bsdi.o	asm/cx86basi.o	# bsdi format x86 
+#DES_ENC=asm/dx86-elf.o	asm/yx86-elf.o	# elf format x86
+#DES_ENC=asm/dx86-out.o	asm/yx86-out.o	# a.out format x86
+#DES_ENC=asm/dx86-sol.o	asm/yx86-sol.o	# solaris format x86 
+#DES_ENC=asm/dx86bsdi.o	asm/yx86basi.o	# bsdi format x86 
 
 LIBDIR=/usr/local/lib
 BINDIR=/usr/local/bin
@@ -66,9 +66,9 @@ MANDIR=/usr/local/man
 MAN1=1
 MAN3=3
 SHELL=/bin/sh
-OBJ_LIT=ede_enc.o cbc_enc.o ncbc_enc.o ecb_enc.o $(DES_ENC) fcrypt.o set_key.o
-OBJ_FULL=cbc3_enc.o cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
-	xcbc_enc.o qud_cksm.o \
+OBJ_LIT=cbc_enc.o ecb_enc.o $(DES_ENC) fcrypt.o set_key.o
+OBJ_FULL=cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
+	xcbc_enc.o qud_cksm.o cbc3_enc.o \
 	cfb64ede.o cfb64enc.o cfb_enc.o ecb3_enc.o \
 	enc_read.o enc_writ.o ofb64ede.o ofb64enc.o ofb_enc.o  \
 	rand_key.o read_pwd.o read2pwd.o rpc_enc.o  str2key.o supp.o
@@ -76,19 +76,18 @@ OBJ_FULL=cbc3_enc.o cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
 GENERAL_LIT=COPYRIGHT INSTALL README VERSION Makefile des_crypt.man \
 	des.doc options.txt asm
 GENERAL_FULL=$(GENERAL_LIT) FILES Imakefile times vms.com KERBEROS MODES.DES \
-	GNUmakefile des.man DES.pm DES.pod DES.xs Makefile.PL \
+	des.man DES.pm DES.pod DES.xs Makefile.PL dess.cpp des3s.cpp \
 	Makefile.uni typemap t Makefile.ssl makefile.bc Makefile.lit \
 	des.org des_locl.org
 TESTING_LIT=	destest speed des_opts
-TESTING_FULL=	destest speed des_opts $(TESTING_LIT)
+TESTING_FULL=	rpw des $(TESTING_LIT)
 TESTING_SRC_LIT=destest.c speed.c des_opts.c
-TESTING_SRC_FULL=rpw.c $(TESTING_SRC_LIT)
+TESTING_SRC_FULL=rpw.c des.c $(TESTING_SRC_LIT)
 HEADERS_LIT=des_ver.h des.h des_locl.h podd.h sk.h spr.h
 HEADERS_FULL= $(HEADERS_LIT) rpc_des.h
-LIBDES_LIT=ede_enc.c cbc_enc.c ncbc_enc.c ecb_enc.c fcrypt.c set_key.c \
-	des_enc.c fcrypt_b.c
-LIBDES_FULL= cbc_cksm.c pcbc_enc.c qud_cksm.c \
-	cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c  cbc3_enc.c  \
+LIBDES_LIT=cbc_enc.c ecb_enc.c fcrypt.c set_key.c des_enc.c fcrypt_b.c
+LIBDES_FULL= cbc_cksm.c pcbc_enc.c qud_cksm.c cbc3_enc.c \
+	cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c \
 	enc_read.c enc_writ.c ofb64ede.c ofb64enc.c ofb_enc.c  \
 	rand_key.c rpc_enc.c  str2key.c  supp.c \
 	xcbc_enc.c $(LIBDES_LIT) read_pwd.c read2pwd.c
@@ -115,48 +114,54 @@ gcc:
 	$(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
 
 x86-elf:
-	$(MAKE) DES_ENC='asm/dx86-elf.o asm/cx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
+	$(MAKE) DES_ENC='asm/dx86-elf.o asm/yx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
 
 x86-out:
-	$(MAKE) DES_ENC='asm/dx86-out.o asm/cx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
+	$(MAKE) DES_ENC='asm/dx86-out.o asm/yx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
 
 x86-solaris:
-	$(MAKE) DES_ENC='asm/dx86-sol.o asm/cx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
+	$(MAKE) DES_ENC='asm/dx86-sol.o asm/yx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
 
 x86-bsdi:
-	$(MAKE) DES_ENC='asm/dx86bsdi.o asm/cx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
+	$(MAKE) DES_ENC='asm/dx86bsdi.o asm/yx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
 
 # elf
-asm/dx86-elf.o: asm/dx86-cpp.s asm/dx86unix.cpp
+asm/dx86-elf.o: asm/dx86unix.cpp
 	$(CPP) -DELF asm/dx86unix.cpp | $(AS) -o asm/dx86-elf.o
 
-asm/cx86-elf.o: asm/cx86-cpp.s asm/cx86unix.cpp
-	$(CPP) -DELF asm/cx86unix.cpp | $(AS) -o asm/cx86-elf.o
+asm/yx86-elf.o: asm/yx86unix.cpp
+	$(CPP) -DELF asm/yx86unix.cpp | $(AS) -o asm/yx86-elf.o
 
 # solaris
-asm/dx86-sol.o: asm/dx86-cpp.s asm/dx86unix.cpp
+asm/dx86-sol.o: asm/dx86unix.cpp
 	$(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
 	as -o asm/dx86-sol.o asm/dx86-sol.s
 	rm -f asm/dx86-sol.s
 
-asm/cx86-sol.o: asm/cx86-cpp.s asm/cx86unix.cpp
-	$(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
-	as -o asm/cx86-sol.o asm/cx86-sol.s
-	rm -f asm/cx86-sol.s
+asm/yx86-sol.o: asm/yx86unix.cpp
+	$(CC) -E -DSOL asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s
+	as -o asm/yx86-sol.o asm/yx86-sol.s
+	rm -f asm/yx86-sol.s
 
 # a.out
-asm/dx86-out.o: asm/dx86-cpp.s asm/dx86unix.cpp
+asm/dx86-out.o: asm/dx86unix.cpp
 	$(CPP) -DOUT asm/dx86unix.cpp | $(AS) -o asm/dx86-out.o
 
-asm/cx86-out.o: asm/cx86-cpp.s asm/cx86unix.cpp
-	$(CPP) -DOUT asm/cx86unix.cpp | $(AS) -o asm/cx86-out.o
+asm/yx86-out.o: asm/yx86unix.cpp
+	$(CPP) -DOUT asm/yx86unix.cpp | $(AS) -o asm/yx86-out.o
 
 # bsdi
-asm/dx86bsdi.o: asm/dx86-cpp.s asm/dx86unix.cpp
+asm/dx86bsdi.o: asm/dx86unix.cpp
 	$(CPP) -DBSDI asm/dx86unix.cpp | $(AS) -o asm/dx86bsdi.o
 
-asm/cx86bsdi.o: asm/cx86-cpp.s asm/cx86unix.cpp
-	$(CPP) -DBSDI asm/cx86unix.cpp | $(AS) -o asm/cx86bsdi.o
+asm/yx86bsdi.o: asm/yx86unix.cpp
+	$(CPP) -DBSDI asm/yx86unix.cpp | $(AS) -o asm/yx86bsdi.o
+
+asm/dx86unix.cpp:
+	(cd asm; perl des-586.pl cpp >dx86unix.cpp)
+
+asm/yx86unix.cpp:
+	(cd asm; perl crypt586.pl cpp >yx86unix.cpp)
 
 test:	all
 	./destest
@@ -189,13 +194,24 @@ tags:
 tar_lit:
 	/bin/mv Makefile Makefile.tmp
 	/bin/cp Makefile.lit Makefile
-	tar chf libdes-l.tar $(LIBDES_LIT) $(HEADERS_LIT) \
-		$(GENERAL_LIT) $(TESTING_SRC_LIT)
+	for i in $(HEADERS_LIT) $(LIBDES_LIT) $(GENERAL_LIT) $(TESTING_SRC_LIT) ;\
+	do \
+		n="$$n des/$$i"; \
+	done; \
+	( cd .. ; tar chf - $$n )| gzip > libdes-l.tgz
 	/bin/rm -f Makefile
 	/bin/mv Makefile.tmp Makefile
 
 tar:
-	tar chf libdes.tar $(ALL)
+	mv Makefile Makefile.tmp
+	/bin/cp Makefile.uni Makefile
+	for i in $(ALL) ;\
+	do \
+		n="$$n des/$$i"; \
+	done; \
+	( cd .. ; tar chf - $$n )| gzip > libdes.tgz
+	/bin/rm -f Makefile
+	/bin/mv Makefile.tmp Makefile
 
 shar:
 	shar $(ALL) >libdes.shar
@@ -211,7 +227,7 @@ dclean:
 	mv -f Makefile.new Makefile
 
 # Eric is probably going to choke when he next looks at this --tjh
-install: $(DLIB) des
+install: des
 	if test $(INSTALLTOP); then \
 	    echo SSL style install; \
 	    cp $(DLIB) $(INSTALLTOP)/lib; \
@@ -224,8 +240,6 @@ install: $(DLIB) des
 	    chmod 644 $(INSTALLTOP)/lib/$(DLIB); \
 	    cp des.h $(INSTALLTOP)/include; \
 	    chmod 644 $(INSTALLTOP)/include/des.h; \
-	    cp des $(INSTALLTOP)/bin; \
-	    chmod 755 $(INSTALLTOP)/bin/des; \
 	else \
 	    echo Standalone install; \
 	    cp $(DLIB) $(LIBDIR)/$(DLIB); \
diff --git a/crypto/des/VERSION b/crypto/des/VERSION
index b5a2fb7ed9..f62d8bdac0 100644
--- a/crypto/des/VERSION
+++ b/crypto/des/VERSION
@@ -1,13 +1,37 @@
+	Defining SIGACTION causes sigaction() to be used instead of signal().
+	SIGUSR1/SIGUSR2 are no longer mapped in the read tty stuff because it
+	can cause problems.  This should hopefully not affect normal
+	applications.
+
+Version 4.04
+	Fixed a few tests in destest.  Also added x86 assember for
+	des_ncbc_encrypt() which is the standard cbc mode function.
+	This makes a very very large performace difference.
+	Ariel Glenn ariel@columbia.edu reports that the terminal
+	'turn echo off' can return (errno == EINVAL) under solaris
+	when redirection is used.  So I now catch that as well as ENOTTY.
+
+
+Version 4.03
+	Left a static out of enc_write.c, which caused to buffer to be
+	continiously malloc()ed.  Does anyone use these functions?  I keep
+	on feeling like removing them since I only had these in there
+	for a version of kerberised login.  Anyway, this was pointed out
+	by Theo de Raadt <deraadt@cvs.openbsd.org>
+	The 'n' bit ofb code was wrong, it was not shifting the shift
+	register. It worked correctly for n == 64.  Thanks to
+	Gigi Ankeny <Gigi.Ankeny@Eng.Sun.COM> for pointing this one out.
+
 Version 4.02
-	I was doing if (memcmp(weak_keys[i],key,sizeof(key)) == 0)
+	I was doing 'if (memcmp(weak_keys[i],key,sizeof(key)) == 0)'
 	when checking for weak keys which is wrong :-(, pointed out by
-	rkus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>.
+	Markus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>.
 
 Version 4.01
-	Even faster inner loop in the DES assember for x86 and a modification
+	Even faster inner loop in the DES assembler for x86 and a modification
 	for IP/FP which is faster on x86.  Both of these changes are
 	from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>.  His
-	changes make the assember run %40 faster on a pentium.  This is just
+	changes make the assembler run %40 faster on a pentium.  This is just
 	a case of getting the instruction sequence 'just right'.
 	All credit to 'Svend' :-)
 	Quite a few special x86 'make' targets.
@@ -15,9 +39,9 @@ Version 4.01
 
 Version 4.00
 	After a bit of a pause, I'll up the major version number since this
-	is mostly a performace release.  I've added x86 assember and
+	is mostly a performace release.  I've added x86 assembler and
 	added more options for performance.  A %28 speedup for gcc 
-	on a pentium and the assember is a %50 speedup.
+	on a pentium and the assembler is a %50 speedup.
 	MIPS CPU's, sparc and Alpha are the main CPU's with speedups.
 	Run des_opts to work out which options should be used.
 	DES_RISC1/DES_RISC2 use alternative inner loops which use
@@ -35,7 +59,7 @@ Version 3.26
 	instead of L^=((..)|(..)|(..)..  This should save a register at
 	least.
 	Assember for x86.  The file to replace is des_enc.c, which is replaced
-	by one of the assember files found in asm.  Look at des/asm/readme
+	by one of the assembler files found in asm.  Look at des/asm/readme
 	for more info.
 
 	/* Modification to fcrypt so it can be compiled to support
diff --git a/crypto/des/asm/crypt586.pl b/crypto/des/asm/crypt586.pl
new file mode 100644
index 0000000000..b310d922a1
--- /dev/null
+++ b/crypto/des/asm/crypt586.pl
@@ -0,0 +1,204 @@
+#!/usr/local/bin/perl
+#
+# The inner loop instruction sequence and the IP/FP modifications are from
+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+# I've added the stuff needed for crypt() but I've not worried about making
+# things perfect.
+#
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"crypt586.pl");
+
+$L="edi";
+$R="esi";
+
+&external_label("des_SPtrans");
+&fcrypt_body("fcrypt_body");
+&asm_finish();
+
+sub fcrypt_body
+	{
+	local($name,$do_ip)=@_;
+
+	&function_begin($name,"EXTRN   _des_SPtrans:DWORD");
+
+	&comment("");
+	&comment("Load the 2 words");
+	$ks="ebp";
+
+	&xor(	$L,	$L);
+	&xor(	$R,	$R);
+	&mov($ks,&wparam(1));
+
+	&push(25); # add a variable
+
+	&set_label("start");
+	for ($i=0; $i<16; $i+=2)
+		{
+		&comment("");
+		&comment("Round $i");
+		&D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+
+		&comment("");
+		&comment("Round ".sprintf("%d",$i+1));
+		&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+		}
+	 &mov("ebx",	&swtmp(0));
+	&mov("eax",	$L);
+	 &dec("ebx");
+	&mov($L,	$R);
+	 &mov($R,	"eax");
+	&mov(&swtmp(0),	"ebx");
+	 &jnz(&label("start"));
+
+	&comment("");
+	&comment("FP");
+	&mov("edx",&wparam(0));
+
+	&FP_new($R,$L,"eax",3);
+	&mov(&DWP(0,"edx","",0),"eax");
+	&mov(&DWP(4,"edx","",0),$L);
+
+	&pop("ecx");	# remove variable
+
+	&function_end($name);
+	}
+
+sub D_ENCRYPT
+	{
+	local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;
+
+	&mov(	$u,		&wparam(2));			# 2
+	&mov(	$t,		$R);
+	&shr(	$t,		16);				# 1
+	&mov(	$tmp2,		&wparam(3));			# 2
+	&xor(	$t,		$R);				# 1
+
+	&and(	$u,		$t);				# 2
+	&and(	$t,		$tmp2);				# 2
+
+	&mov(	$tmp1,		$u);
+	&shl(	$tmp1,		16); 				# 1
+	&mov(	$tmp2,		$t);
+	&shl(	$tmp2,		16); 				# 1
+	&xor(	$u,		$tmp1);				# 2
+	&xor(	$t,		$tmp2);				# 2
+	&mov(	$tmp1,		&DWP(&n2a($S*4),$ks,"",0));	# 2
+	&xor(	$u,		$tmp1);
+	&mov(	$tmp2,		&DWP(&n2a(($S+1)*4),$ks,"",0));	# 2
+	&xor(	$u,		$R);
+	&xor(	$t,		$R);
+	&xor(	$t,		$tmp2);
+
+	&and(	$u,		"0xfcfcfcfc"	);		# 2
+	&xor(	$tmp1,		$tmp1);				# 1
+	&and(	$t,		"0xcfcfcfcf"	);		# 2
+	&xor(	$tmp2,		$tmp2);	
+	&movb(	&LB($tmp1),	&LB($u)	);
+	&movb(	&LB($tmp2),	&HB($u)	);
+	&rotr(	$t,		4		);
+	&mov(	$ks,		&DWP("      $desSP",$tmp1,"",0));
+	&movb(	&LB($tmp1),	&LB($t)	);
+	&xor(	$L,		$ks);
+	&mov(	$ks,		&DWP("0x200+$desSP",$tmp2,"",0));
+	&xor(	$L,		$ks);
+	&movb(	&LB($tmp2),	&HB($t)	);
+	&shr(	$u,		16);
+	&mov(	$ks,		&DWP("0x100+$desSP",$tmp1,"",0));
+	&xor(	$L,		$ks); 
+	&movb(	&LB($tmp1),	&HB($u)	);
+	&shr(	$t,		16);
+	&mov(	$ks,		&DWP("0x300+$desSP",$tmp2,"",0));
+	&xor(	$L,		$ks);
+	&mov(	$ks,		&wparam(1));
+	&movb(	&LB($tmp2),	&HB($t)	);
+	&and(	$u,		"0xff"	);
+	&and(	$t,		"0xff"	);
+	&mov(	$tmp1,		&DWP("0x600+$desSP",$tmp1,"",0));
+	&xor(	$L,		$tmp1);
+	&mov(	$tmp1,		&DWP("0x700+$desSP",$tmp2,"",0));
+	&xor(	$L,		$tmp1);
+	&mov(	$tmp1,		&DWP("0x400+$desSP",$u,"",0));
+	&xor(	$L,		$tmp1);
+	&mov(	$tmp1,		&DWP("0x500+$desSP",$t,"",0));
+	&xor(	$L,		$tmp1);
+	}
+
+sub n2a
+	{
+	sprintf("%d",$_[0]);
+	}
+
+# now has a side affect of rotating $a by $shift
+sub R_PERM_OP
+	{
+	local($a,$b,$tt,$shift,$mask,$last)=@_;
+
+	&rotl(	$a,		$shift		) if ($shift != 0);
+	&mov(	$tt,		$a		);
+	&xor(	$a,		$b		);
+	&and(	$a,		$mask		);
+	if ($notlast eq $b)
+		{
+		&xor(	$b,		$a		);
+		&xor(	$tt,		$a		);
+		}
+	else
+		{
+		&xor(	$tt,		$a		);
+		&xor(	$b,		$a		);
+		}
+	&comment("");
+	}
+
+sub IP_new
+	{
+	local($l,$r,$tt,$lr)=@_;
+
+	&R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
+	&R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
+	&R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
+	&R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
+	&R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
+	
+	if ($lr != 3)
+		{
+		if (($lr-3) < 0)
+			{ &rotr($tt,	3-$lr); }
+		else	{ &rotl($tt,	$lr-3); }
+		}
+	if ($lr != 2)
+		{
+		if (($lr-2) < 0)
+			{ &rotr($r,	2-$lr); }
+		else	{ &rotl($r,	$lr-2); }
+		}
+	}
+
+sub FP_new
+	{
+	local($l,$r,$tt,$lr)=@_;
+
+	if ($lr != 2)
+		{
+		if (($lr-2) < 0)
+			{ &rotl($r,	2-$lr); }
+		else	{ &rotr($r,	$lr-2); }
+		}
+	if ($lr != 3)
+		{
+		if (($lr-3) < 0)
+			{ &rotl($l,	3-$lr); }
+		else	{ &rotr($l,	$lr-3); }
+		}
+
+	&R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
+	&R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
+	&R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
+	&R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
+	&R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
+	&rotr($tt	, 4);
+	}
+
diff --git a/crypto/des/asm/d-win32.asm b/crypto/des/asm/d-win32.asm
index fc62e3b785..9e3dc9cd87 100644
--- a/crypto/des/asm/d-win32.asm
+++ b/crypto/des/asm/d-win32.asm
@@ -1,27 +1,24 @@
 	; Don't even think of reading this code
-	; It was automatically generated by des-som3.pl
+	; It was automatically generated by des-586.pl
 	; Which is a perl program used to generate the x86 assember for
-	; any of elf, a.out, Win32, or Solaris
-	; It can be found in SSLeay 0.6.5+ or in libdes 3.26+
+	; any of elf, a.out, BSDI,Win32, or Solaris
 	; eric <eay@cryptsoft.com>
-	; The inner loop instruction sequence and the IP/FP modifications
-	; are from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
 	; 
-	TITLE	dx86xxxx.asm
+	TITLE	des-586.asm
         .386
 .model FLAT
 _TEXT	SEGMENT
 PUBLIC	_des_encrypt
-EXTRN	_des_SPtrans:DWORD
+EXTRN   _des_SPtrans:DWORD
 _des_encrypt PROC NEAR
-	push	ebp
-	push	ebx
 	push	esi
 	push	edi
 	; 
 	; Load the 2 words
-	mov	esi,		DWORD PTR 20[esp]
+	mov	esi,		DWORD PTR 12[esp]
 	xor	ecx,		ecx
+	push	ebx
+	push	ebp
 	mov	eax,		DWORD PTR [esi]
 	mov	ebx,		DWORD PTR 28[esp]
 	mov	edi,		DWORD PTR 4[esi]
@@ -63,8 +60,8 @@ _des_encrypt PROC NEAR
 	xor	edi,		eax
 	; 
 	rol	edi,		1
-	cmp	ebx,		0
 	mov	ebp,		DWORD PTR 24[esp]
+	cmp	ebx,		0
 	je	$L000start_decrypt
 	; 
 	; Round 0
@@ -1294,32 +1291,32 @@ $L001end:
 	ror	eax,		4
 	mov	DWORD PTR [edx],eax
 	mov	DWORD PTR 4[edx],esi
+	pop	ebp
+	pop	ebx
 	pop	edi
 	pop	esi
-	pop	ebx
-	pop	ebp
 	ret
 _des_encrypt ENDP
 _TEXT	ENDS
 _TEXT	SEGMENT
 PUBLIC	_des_encrypt2
-EXTRN	_des_SPtrans:DWORD
+EXTRN   _des_SPtrans:DWORD
 _des_encrypt2 PROC NEAR
-	push	ebp
-	push	ebx
 	push	esi
 	push	edi
 	; 
 	; Load the 2 words
-	mov	eax,		DWORD PTR 20[esp]
+	mov	eax,		DWORD PTR 12[esp]
 	xor	ecx,		ecx
+	push	ebx
+	push	ebp
 	mov	esi,		DWORD PTR [eax]
 	mov	ebx,		DWORD PTR 28[esp]
 	rol	esi,		3
 	mov	edi,		DWORD PTR 4[eax]
 	rol	edi,		3
-	cmp	ebx,		0
 	mov	ebp,		DWORD PTR 24[esp]
+	cmp	ebx,		0
 	je	$L002start_decrypt
 	; 
 	; Round 0
@@ -2515,26 +2512,27 @@ $L003end:
 	ror	esi,		3
 	mov	DWORD PTR [eax],edi
 	mov	DWORD PTR 4[eax],esi
+	pop	ebp
+	pop	ebx
 	pop	edi
 	pop	esi
-	pop	ebx
-	pop	ebp
 	ret
 _des_encrypt2 ENDP
 _TEXT	ENDS
 _TEXT	SEGMENT
 PUBLIC	_des_encrypt3
-EXTRN	_des_SPtrans:DWORD
+
 _des_encrypt3 PROC NEAR
-	push	ebp
 	push	ebx
+	mov	ebx,		DWORD PTR 8[esp]
+	push	ebp
 	push	esi
 	push	edi
 	; 
 	; Load the data words
-	mov	ebx,		DWORD PTR 20[esp]
 	mov	edi,		DWORD PTR [ebx]
 	mov	esi,		DWORD PTR 4[ebx]
+	sub	esp,		12
 	; 
 	; IP
 	rol	edi,		4
@@ -2575,24 +2573,24 @@ _des_encrypt3 PROC NEAR
 	ror	edx,		3
 	ror	esi,		2
 	mov	DWORD PTR 4[ebx],esi
-	mov	eax,		DWORD PTR 24[esp]
+	mov	eax,		DWORD PTR 36[esp]
 	mov	DWORD PTR [ebx],edx
-	mov	edi,		DWORD PTR 28[esp]
-	mov	esi,		DWORD PTR 32[esp]
-	push	1
-	push	eax
-	push	ebx
+	mov	edi,		DWORD PTR 40[esp]
+	mov	esi,		DWORD PTR 44[esp]
+	mov	DWORD PTR 8[esp],1
+	mov	DWORD PTR 4[esp],eax
+	mov	DWORD PTR [esp],ebx
 	call	_des_encrypt2
-	push	0
-	push	edi
-	push	ebx
+	mov	DWORD PTR 8[esp],0
+	mov	DWORD PTR 4[esp],edi
+	mov	DWORD PTR [esp],ebx
 	call	_des_encrypt2
-	push	1
-	push	esi
-	push	ebx
+	mov	DWORD PTR 8[esp],1
+	mov	DWORD PTR 4[esp],esi
+	mov	DWORD PTR [esp],ebx
 	call	_des_encrypt2
+	add	esp,		12
 	mov	edi,		DWORD PTR [ebx]
-	add	esp,		36
 	mov	esi,		DWORD PTR 4[ebx]
 	; 
 	; FP
@@ -2637,24 +2635,25 @@ _des_encrypt3 PROC NEAR
 	mov	DWORD PTR 4[ebx],esi
 	pop	edi
 	pop	esi
-	pop	ebx
 	pop	ebp
+	pop	ebx
 	ret
 _des_encrypt3 ENDP
 _TEXT	ENDS
 _TEXT	SEGMENT
 PUBLIC	_des_decrypt3
-EXTRN	_des_SPtrans:DWORD
+
 _des_decrypt3 PROC NEAR
-	push	ebp
 	push	ebx
+	mov	ebx,		DWORD PTR 8[esp]
+	push	ebp
 	push	esi
 	push	edi
 	; 
 	; Load the data words
-	mov	ebx,		DWORD PTR 20[esp]
 	mov	edi,		DWORD PTR [ebx]
 	mov	esi,		DWORD PTR 4[ebx]
+	sub	esp,		12
 	; 
 	; IP
 	rol	edi,		4
@@ -2695,24 +2694,24 @@ _des_decrypt3 PROC NEAR
 	ror	edx,		3
 	ror	esi,		2
 	mov	DWORD PTR 4[ebx],esi
-	mov	esi,		DWORD PTR 24[esp]
+	mov	esi,		DWORD PTR 36[esp]
 	mov	DWORD PTR [ebx],edx
-	mov	edi,		DWORD PTR 28[esp]
-	mov	eax,		DWORD PTR 32[esp]
-	push	0
-	push	eax
-	push	ebx
+	mov	edi,		DWORD PTR 40[esp]
+	mov	eax,		DWORD PTR 44[esp]
+	mov	DWORD PTR 8[esp],0
+	mov	DWORD PTR 4[esp],eax
+	mov	DWORD PTR [esp],ebx
 	call	_des_encrypt2
-	push	1
-	push	edi
-	push	ebx
+	mov	DWORD PTR 8[esp],1
+	mov	DWORD PTR 4[esp],edi
+	mov	DWORD PTR [esp],ebx
 	call	_des_encrypt2
-	push	0
-	push	esi
-	push	ebx
+	mov	DWORD PTR 8[esp],0
+	mov	DWORD PTR 4[esp],esi
+	mov	DWORD PTR [esp],ebx
 	call	_des_encrypt2
+	add	esp,		12
 	mov	edi,		DWORD PTR [ebx]
-	add	esp,		36
 	mov	esi,		DWORD PTR 4[ebx]
 	; 
 	; FP
@@ -2757,9 +2756,377 @@ _des_decrypt3 PROC NEAR
 	mov	DWORD PTR 4[ebx],esi
 	pop	edi
 	pop	esi
-	pop	ebx
 	pop	ebp
+	pop	ebx
 	ret
 _des_decrypt3 ENDP
 _TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_des_ncbc_encrypt
+
+_des_ncbc_encrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	mov	ebp,		DWORD PTR 28[esp]
+	; getting iv ptr from parameter 4
+	mov	ebx,		DWORD PTR 36[esp]
+	mov	esi,		DWORD PTR [ebx]
+	mov	edi,		DWORD PTR 4[ebx]
+	push	edi
+	push	esi
+	push	edi
+	push	esi
+	mov	ebx,		esp
+	mov	esi,		DWORD PTR 36[esp]
+	mov	edi,		DWORD PTR 40[esp]
+	; getting encrypt flag from parameter 5
+	mov	ecx,		DWORD PTR 56[esp]
+	; get and push parameter 5
+	push	ecx
+	; get and push parameter 3
+	mov	eax,		DWORD PTR 52[esp]
+	push	eax
+	push	ebx
+	cmp	ecx,		0
+	jz	$L004decrypt
+	and	ebp,		4294967288
+	mov	eax,		DWORD PTR 12[esp]
+	mov	ebx,		DWORD PTR 16[esp]
+	jz	$L005encrypt_finish
+L006encrypt_loop:
+	mov	ecx,		DWORD PTR [esi]
+	mov	edx,		DWORD PTR 4[esi]
+	xor	eax,		ecx
+	xor	ebx,		edx
+	mov	DWORD PTR 12[esp],eax
+	mov	DWORD PTR 16[esp],ebx
+	call	_des_encrypt
+	mov	eax,		DWORD PTR 12[esp]
+	mov	ebx,		DWORD PTR 16[esp]
+	mov	DWORD PTR [edi],eax
+	mov	DWORD PTR 4[edi],ebx
+	add	esi,		8
+	add	edi,		8
+	sub	ebp,		8
+	jnz	L006encrypt_loop
+$L005encrypt_finish:
+	mov	ebp,		DWORD PTR 56[esp]
+	and	ebp,		7
+	jz	$L007finish
+	xor	ecx,		ecx
+	xor	edx,		edx
+	mov	ebp,		DWORD PTR $L008cbc_enc_jmp_table[ebp*4]
+	jmp	 ebp
+L009ej7:
+	mov	dh,		BYTE PTR 6[esi]
+	shl	edx,		8
+L010ej6:
+	mov	dh,		BYTE PTR 5[esi]
+L011ej5:
+	mov	dl,		BYTE PTR 4[esi]
+L012ej4:
+	mov	ecx,		DWORD PTR [esi]
+	jmp	$L013ejend
+L014ej3:
+	mov	ch,		BYTE PTR 2[esi]
+	shl	ecx,		8
+L015ej2:
+	mov	ch,		BYTE PTR 1[esi]
+L016ej1:
+	mov	cl,		BYTE PTR [esi]
+$L013ejend:
+	xor	eax,		ecx
+	xor	ebx,		edx
+	mov	DWORD PTR 12[esp],eax
+	mov	DWORD PTR 16[esp],ebx
+	call	_des_encrypt
+	mov	eax,		DWORD PTR 12[esp]
+	mov	ebx,		DWORD PTR 16[esp]
+	mov	DWORD PTR [edi],eax
+	mov	DWORD PTR 4[edi],ebx
+	jmp	$L007finish
+$L004decrypt:
+	and	ebp,		4294967288
+	mov	eax,		DWORD PTR 20[esp]
+	mov	ebx,		DWORD PTR 24[esp]
+	jz	$L017decrypt_finish
+L018decrypt_loop:
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	mov	DWORD PTR 12[esp],eax
+	mov	DWORD PTR 16[esp],ebx
+	call	_des_encrypt
+	mov	eax,		DWORD PTR 12[esp]
+	mov	ebx,		DWORD PTR 16[esp]
+	mov	ecx,		DWORD PTR 20[esp]
+	mov	edx,		DWORD PTR 24[esp]
+	xor	ecx,		eax
+	xor	edx,		ebx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	mov	DWORD PTR [edi],ecx
+	mov	DWORD PTR 4[edi],edx
+	mov	DWORD PTR 20[esp],eax
+	mov	DWORD PTR 24[esp],ebx
+	add	esi,		8
+	add	edi,		8
+	sub	ebp,		8
+	jnz	L018decrypt_loop
+$L017decrypt_finish:
+	mov	ebp,		DWORD PTR 56[esp]
+	and	ebp,		7
+	jz	$L007finish
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	mov	DWORD PTR 12[esp],eax
+	mov	DWORD PTR 16[esp],ebx
+	call	_des_encrypt
+	mov	eax,		DWORD PTR 12[esp]
+	mov	ebx,		DWORD PTR 16[esp]
+	mov	ecx,		DWORD PTR 20[esp]
+	mov	edx,		DWORD PTR 24[esp]
+	xor	ecx,		eax
+	xor	edx,		ebx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+L019dj7:
+	ror	edx,		16
+	mov	BYTE PTR 6[edi],dl
+	shr	edx,		16
+L020dj6:
+	mov	BYTE PTR 5[edi],dh
+L021dj5:
+	mov	BYTE PTR 4[edi],dl
+L022dj4:
+	mov	DWORD PTR [edi],ecx
+	jmp	$L023djend
+L024dj3:
+	ror	ecx,		16
+	mov	BYTE PTR 2[edi],cl
+	shl	ecx,		16
+L025dj2:
+	mov	BYTE PTR 1[esi],ch
+L026dj1:
+	mov	BYTE PTR [esi],	cl
+$L023djend:
+	jmp	$L007finish
+$L007finish:
+	mov	ecx,		DWORD PTR 64[esp]
+	add	esp,		28
+	mov	DWORD PTR [ecx],eax
+	mov	DWORD PTR 4[ecx],ebx
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+$L008cbc_enc_jmp_table:
+	DD	0
+	DD	L016ej1
+	DD	L015ej2
+	DD	L014ej3
+	DD	L012ej4
+	DD	L011ej5
+	DD	L010ej6
+	DD	L009ej7
+L027cbc_dec_jmp_table:
+	DD	0
+	DD	L026dj1
+	DD	L025dj2
+	DD	L024dj3
+	DD	L022dj4
+	DD	L021dj5
+	DD	L020dj6
+	DD	L019dj7
+_des_ncbc_encrypt ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_des_ede3_cbc_encrypt
+
+_des_ede3_cbc_encrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	mov	ebp,		DWORD PTR 28[esp]
+	; getting iv ptr from parameter 6
+	mov	ebx,		DWORD PTR 44[esp]
+	mov	esi,		DWORD PTR [ebx]
+	mov	edi,		DWORD PTR 4[ebx]
+	push	edi
+	push	esi
+	push	edi
+	push	esi
+	mov	ebx,		esp
+	mov	esi,		DWORD PTR 36[esp]
+	mov	edi,		DWORD PTR 40[esp]
+	; getting encrypt flag from parameter 7
+	mov	ecx,		DWORD PTR 64[esp]
+	; get and push parameter 5
+	mov	eax,		DWORD PTR 56[esp]
+	push	eax
+	; get and push parameter 4
+	mov	eax,		DWORD PTR 56[esp]
+	push	eax
+	; get and push parameter 3
+	mov	eax,		DWORD PTR 56[esp]
+	push	eax
+	push	ebx
+	cmp	ecx,		0
+	jz	$L028decrypt
+	and	ebp,		4294967288
+	mov	eax,		DWORD PTR 16[esp]
+	mov	ebx,		DWORD PTR 20[esp]
+	jz	$L029encrypt_finish
+L030encrypt_loop:
+	mov	ecx,		DWORD PTR [esi]
+	mov	edx,		DWORD PTR 4[esi]
+	xor	eax,		ecx
+	xor	ebx,		edx
+	mov	DWORD PTR 16[esp],eax
+	mov	DWORD PTR 20[esp],ebx
+	call	_des_encrypt3
+	mov	eax,		DWORD PTR 16[esp]
+	mov	ebx,		DWORD PTR 20[esp]
+	mov	DWORD PTR [edi],eax
+	mov	DWORD PTR 4[edi],ebx
+	add	esi,		8
+	add	edi,		8
+	sub	ebp,		8
+	jnz	L030encrypt_loop
+$L029encrypt_finish:
+	mov	ebp,		DWORD PTR 60[esp]
+	and	ebp,		7
+	jz	$L031finish
+	xor	ecx,		ecx
+	xor	edx,		edx
+	mov	ebp,		DWORD PTR $L032cbc_enc_jmp_table[ebp*4]
+	jmp	 ebp
+L033ej7:
+	mov	dh,		BYTE PTR 6[esi]
+	shl	edx,		8
+L034ej6:
+	mov	dh,		BYTE PTR 5[esi]
+L035ej5:
+	mov	dl,		BYTE PTR 4[esi]
+L036ej4:
+	mov	ecx,		DWORD PTR [esi]
+	jmp	$L037ejend
+L038ej3:
+	mov	ch,		BYTE PTR 2[esi]
+	shl	ecx,		8
+L039ej2:
+	mov	ch,		BYTE PTR 1[esi]
+L040ej1:
+	mov	cl,		BYTE PTR [esi]
+$L037ejend:
+	xor	eax,		ecx
+	xor	ebx,		edx
+	mov	DWORD PTR 16[esp],eax
+	mov	DWORD PTR 20[esp],ebx
+	call	_des_encrypt3
+	mov	eax,		DWORD PTR 16[esp]
+	mov	ebx,		DWORD PTR 20[esp]
+	mov	DWORD PTR [edi],eax
+	mov	DWORD PTR 4[edi],ebx
+	jmp	$L031finish
+$L028decrypt:
+	and	ebp,		4294967288
+	mov	eax,		DWORD PTR 24[esp]
+	mov	ebx,		DWORD PTR 28[esp]
+	jz	$L041decrypt_finish
+L042decrypt_loop:
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	mov	DWORD PTR 16[esp],eax
+	mov	DWORD PTR 20[esp],ebx
+	call	_des_decrypt3
+	mov	eax,		DWORD PTR 16[esp]
+	mov	ebx,		DWORD PTR 20[esp]
+	mov	ecx,		DWORD PTR 24[esp]
+	mov	edx,		DWORD PTR 28[esp]
+	xor	ecx,		eax
+	xor	edx,		ebx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	mov	DWORD PTR [edi],ecx
+	mov	DWORD PTR 4[edi],edx
+	mov	DWORD PTR 24[esp],eax
+	mov	DWORD PTR 28[esp],ebx
+	add	esi,		8
+	add	edi,		8
+	sub	ebp,		8
+	jnz	L042decrypt_loop
+$L041decrypt_finish:
+	mov	ebp,		DWORD PTR 60[esp]
+	and	ebp,		7
+	jz	$L031finish
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	mov	DWORD PTR 16[esp],eax
+	mov	DWORD PTR 20[esp],ebx
+	call	_des_decrypt3
+	mov	eax,		DWORD PTR 16[esp]
+	mov	ebx,		DWORD PTR 20[esp]
+	mov	ecx,		DWORD PTR 24[esp]
+	mov	edx,		DWORD PTR 28[esp]
+	xor	ecx,		eax
+	xor	edx,		ebx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+L043dj7:
+	ror	edx,		16
+	mov	BYTE PTR 6[edi],dl
+	shr	edx,		16
+L044dj6:
+	mov	BYTE PTR 5[edi],dh
+L045dj5:
+	mov	BYTE PTR 4[edi],dl
+L046dj4:
+	mov	DWORD PTR [edi],ecx
+	jmp	$L047djend
+L048dj3:
+	ror	ecx,		16
+	mov	BYTE PTR 2[edi],cl
+	shl	ecx,		16
+L049dj2:
+	mov	BYTE PTR 1[esi],ch
+L050dj1:
+	mov	BYTE PTR [esi],	cl
+$L047djend:
+	jmp	$L031finish
+$L031finish:
+	mov	ecx,		DWORD PTR 76[esp]
+	add	esp,		32
+	mov	DWORD PTR [ecx],eax
+	mov	DWORD PTR 4[ecx],ebx
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+$L032cbc_enc_jmp_table:
+	DD	0
+	DD	L040ej1
+	DD	L039ej2
+	DD	L038ej3
+	DD	L036ej4
+	DD	L035ej5
+	DD	L034ej6
+	DD	L033ej7
+L051cbc_dec_jmp_table:
+	DD	0
+	DD	L050dj1
+	DD	L049dj2
+	DD	L048dj3
+	DD	L046dj4
+	DD	L045dj5
+	DD	L044dj6
+	DD	L043dj7
+_des_ede3_cbc_encrypt ENDP
+_TEXT	ENDS
 END
diff --git a/crypto/des/asm/des-586.pl b/crypto/des/asm/des-586.pl
new file mode 100644
index 0000000000..642e464adf
--- /dev/null
+++ b/crypto/des/asm/des-586.pl
@@ -0,0 +1,251 @@
+#!/usr/local/bin/perl
+#
+# The inner loop instruction sequence and the IP/FP modifications are from
+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+#
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+require "desboth.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+&asm_init($ARGV[0],"des-586.pl");
+
+$L="edi";
+$R="esi";
+
+&external_label("des_SPtrans");
+&des_encrypt("des_encrypt",1);
+&des_encrypt("des_encrypt2",0);
+&des_encrypt3("des_encrypt3",1);
+&des_encrypt3("des_decrypt3",0);
+&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1);
+&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
+
+&asm_finish();
+
+sub des_encrypt
+	{
+	local($name,$do_ip)=@_;
+
+	&function_begin_B($name,"EXTRN   _des_SPtrans:DWORD");
+
+	&push("esi");
+	&push("edi");
+
+	&comment("");
+	&comment("Load the 2 words");
+	$ks="ebp";
+
+	if ($do_ip)
+		{
+		&mov($R,&wparam(0));
+		 &xor(	"ecx",		"ecx"		);
+
+		&push("ebx");
+		&push("ebp");
+
+		&mov("eax",&DWP(0,$R,"",0));
+		 &mov("ebx",&wparam(2));	# get encrypt flag
+		&mov($L,&DWP(4,$R,"",0));
+		&comment("");
+		&comment("IP");
+		&IP_new("eax",$L,$R,3);
+		}
+	else
+		{
+		&mov("eax",&wparam(0));
+		 &xor(	"ecx",		"ecx"		);
+
+		&push("ebx");
+		&push("ebp");
+
+		&mov($R,&DWP(0,"eax","",0));
+		 &mov("ebx",&wparam(2));	# get encrypt flag
+		&rotl($R,3);
+		&mov($L,&DWP(4,"eax","",0));
+		&rotl($L,3);
+		}
+
+	&mov(	$ks,		&wparam(1)	);
+	&cmp("ebx","0");
+	&je(&label("start_decrypt"));
+
+	for ($i=0; $i<16; $i+=2)
+		{
+		&comment("");
+		&comment("Round $i");
+		&D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+
+		&comment("");
+		&comment("Round ".sprintf("%d",$i+1));
+		&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+		}
+	&jmp(&label("end"));
+
+	&set_label("start_decrypt");
+
+	for ($i=15; $i>0; $i-=2)
+		{
+		&comment("");
+		&comment("Round $i");
+		&D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+		&comment("");
+		&comment("Round ".sprintf("%d",$i-1));
+		&D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+		}
+
+	&set_label("end");
+
+	if ($do_ip)
+		{
+		&comment("");
+		&comment("FP");
+		&mov("edx",&wparam(0));
+		&FP_new($L,$R,"eax",3);
+
+		&mov(&DWP(0,"edx","",0),"eax");
+		&mov(&DWP(4,"edx","",0),$R);
+		}
+	else
+		{
+		&comment("");
+		&comment("Fixup");
+		&rotr($L,3);		# r
+		 &mov("eax",&wparam(0));
+		&rotr($R,3);		# l
+		 &mov(&DWP(0,"eax","",0),$L);
+		 &mov(&DWP(4,"eax","",0),$R);
+		}
+
+	&pop("ebp");
+	&pop("ebx");
+	&pop("edi");
+	&pop("esi");
+	&ret();
+
+	&function_end_B($name);
+	}
+
+sub D_ENCRYPT
+	{
+	local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;
+
+	 &mov(	$u,		&DWP(&n2a($S*4),$ks,"",0));
+	&xor(	$tmp1,		$tmp1);
+	 &mov(	$t,		&DWP(&n2a(($S+1)*4),$ks,"",0));
+	&xor(	$u,		$R);
+	 &xor(	$t,		$R);
+	&and(	$u,		"0xfcfcfcfc"	);
+	 &and(	$t,		"0xcfcfcfcf"	);
+	&movb(	&LB($tmp1),	&LB($u)	);
+	 &movb(	&LB($tmp2),	&HB($u)	);
+	&rotr(	$t,		4		);
+	&mov(	$ks,		&DWP("      $desSP",$tmp1,"",0));
+	 &movb(	&LB($tmp1),	&LB($t)	);
+	&xor(	$L,		$ks);
+	 &mov(	$ks,		&DWP("0x200+$desSP",$tmp2,"",0));
+	&xor(	$L,		$ks); ######
+	 &movb(	&LB($tmp2),	&HB($t)	);
+	&shr(	$u,		16);
+	 &mov(	$ks,		&DWP("0x100+$desSP",$tmp1,"",0));
+	&xor(	$L,		$ks); ######
+	 &movb(	&LB($tmp1),	&HB($u)	);
+	&shr(	$t,		16);
+	 &mov(	$ks,		&DWP("0x300+$desSP",$tmp2,"",0));
+	&xor(	$L,		$ks);
+	 &mov(	$ks,		&wparam(1)	);
+	&movb(	&LB($tmp2),	&HB($t)	);
+	 &and(	$u,		"0xff"	);
+	&and(	$t,		"0xff"	);
+	 &mov(	$tmp1,		&DWP("0x600+$desSP",$tmp1,"",0));
+	&xor(	$L,		$tmp1);
+	 &mov(	$tmp1,		&DWP("0x700+$desSP",$tmp2,"",0));
+	&xor(	$L,		$tmp1);
+	 &mov(	$tmp1,		&DWP("0x400+$desSP",$u,"",0));
+	&xor(	$L,		$tmp1);
+	 &mov(	$tmp1,		&DWP("0x500+$desSP",$t,"",0));
+	&xor(	$L,		$tmp1);
+	}
+
+sub n2a
+	{
+	sprintf("%d",$_[0]);
+	}
+
+# now has a side affect of rotating $a by $shift
+sub R_PERM_OP
+	{
+	local($a,$b,$tt,$shift,$mask,$last)=@_;
+
+	&rotl(	$a,		$shift		) if ($shift != 0);
+	&mov(	$tt,		$a		);
+	&xor(	$a,		$b		);
+	&and(	$a,		$mask		);
+	if (!$last eq $b)
+		{
+		&xor(	$b,		$a		);
+		&xor(	$tt,		$a		);
+		}
+	else
+		{
+		&xor(	$tt,		$a		);
+		&xor(	$b,		$a		);
+		}
+	&comment("");
+	}
+
+sub IP_new
+	{
+	local($l,$r,$tt,$lr)=@_;
+
+	&R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
+	&R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
+	&R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
+	&R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
+	&R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
+	
+	if ($lr != 3)
+		{
+		if (($lr-3) < 0)
+			{ &rotr($tt,	3-$lr); }
+		else	{ &rotl($tt,	$lr-3); }
+		}
+	if ($lr != 2)
+		{
+		if (($lr-2) < 0)
+			{ &rotr($r,	2-$lr); }
+		else	{ &rotl($r,	$lr-2); }
+		}
+	}
+
+sub FP_new
+	{
+	local($l,$r,$tt,$lr)=@_;
+
+	if ($lr != 2)
+		{
+		if (($lr-2) < 0)
+			{ &rotl($r,	2-$lr); }
+		else	{ &rotr($r,	$lr-2); }
+		}
+	if ($lr != 3)
+		{
+		if (($lr-3) < 0)
+			{ &rotl($l,	3-$lr); }
+		else	{ &rotr($l,	$lr-3); }
+		}
+
+	&R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
+	&R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
+	&R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
+	&R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
+	&R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
+	&rotr($tt	, 4);
+	}
+
diff --git a/crypto/des/asm/des686.pl b/crypto/des/asm/des686.pl
index efd9f592e9..77dc5b51cd 100644
--- a/crypto/des/asm/des686.pl
+++ b/crypto/des/asm/des686.pl
@@ -1,230 +1,230 @@
 #!/usr/local/bin/perl
-
-$prog="des686.pl";
-
-# base code is in microsft
-# op dest, source
-# format.
-#
-
-# WILL NOT WORK ANYMORE WITH desboth.pl
-require "desboth.pl";
-
-if (	($ARGV[0] eq "elf"))
-	{ require "x86unix.pl"; }
-elsif (	($ARGV[0] eq "a.out"))
-	{ $aout=1; require "x86unix.pl"; }
-elsif (	($ARGV[0] eq "sol"))
-	{ $sol=1; require "x86unix.pl"; }
-elsif ( ($ARGV[0] eq "cpp"))
-	{ $cpp=1; require "x86unix.pl"; }
-elsif (	($ARGV[0] eq "win32"))
-	{ require "x86ms.pl"; }
-else
-	{
-	print STDERR <<"EOF";
-Pick one target type from
-	elf	- linux, FreeBSD etc
-	a.out	- old linux
-	sol	- x86 solaris
-	cpp	- format so x86unix.cpp can be used
-	win32	- Windows 95/Windows NT
-EOF
-	exit(1);
-	}
-
-&comment("Don't even think of reading this code");
-&comment("It was automatically generated by $prog");
-&comment("Which is a perl program used to generate the x86 assember for");
-&comment("any of elf, a.out, Win32, or Solaris");
-&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
-&comment("eric <eay\@cryptsoft.com>");
-&comment("");
-
-&file("dx86xxxx");
-
-$L="edi";
-$R="esi";
-
-&des_encrypt("des_encrypt",1);
-&des_encrypt("des_encrypt2",0);
-
-&des_encrypt3("des_encrypt3",1);
-&des_encrypt3("des_decrypt3",0);
-
-&file_end();
-
-sub des_encrypt
-	{
-	local($name,$do_ip)=@_;
-
-	&function_begin($name,3,"EXTRN   _des_SPtrans:DWORD");
-
-	&comment("");
-	&comment("Load the 2 words");
-	&mov("eax",&wparam(0));
-	&mov($L,&DWP(0,"eax","",0));
-	&mov($R,&DWP(4,"eax","",0));
-
-	$ksp=&wparam(1);
-
-	if ($do_ip)
-		{
-		&comment("");
-		&comment("IP");
-		&IP($L,$R,"eax");
-		}
-
-	&comment("");
-	&comment("fixup rotate");
-	&rotl($R,3);
-	&rotl($L,3);
-	&exch($L,$R);
-
-	&comment("");
-	&comment("load counter, key_schedule and enc flag");
-	&mov("eax",&wparam(2));	# get encrypt flag
-	&mov("ebp",&wparam(1));	# get ks
-	&cmp("eax","0");
-	&je(&label("start_decrypt"));
-
-	# encrypting part
-
-	for ($i=0; $i<16; $i+=2)
-		{
-		&comment("");
-		&comment("Round $i");
-		&D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
-
-		&comment("");
-		&comment("Round ".sprintf("%d",$i+1));
-		&D_ENCRYPT($R,$L,($i+1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
-		}
-	&jmp(&label("end"));
-
-	&set_label("start_decrypt");
-
-	for ($i=15; $i>0; $i-=2)
-		{
-		&comment("");
-		&comment("Round $i");
-		&D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
-		&comment("");
-		&comment("Round ".sprintf("%d",$i-1));
-		&D_ENCRYPT($R,$L,($i-1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
-		}
-
-	&set_label("end");
-
-	&comment("");
-	&comment("Fixup");
-	&rotr($L,3);		# r
-	&rotr($R,3);		# l
-
-	if ($do_ip)
-		{
-		&comment("");
-		&comment("FP");
-		&FP($R,$L,"eax");
-		}
-
-	&mov("eax",&wparam(0));
-	&mov(&DWP(0,"eax","",0),$L);
-	&mov(&DWP(4,"eax","",0),$R);
-
-	&function_end($name);
-	}
-
-
-# The logic is to load R into 2 registers and operate on both at the same time.
-# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte'
-# while also masking the other copy and doing a lookup.  We then also accumulate the
-# L value in 2 registers then combine them at the end.
-sub D_ENCRYPT
-	{
-	local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_;
-
-	&mov(	$u,		&DWP(&n2a($S*4),$ks,"",0));
-	&mov(	$t,		&DWP(&n2a(($S+1)*4),$ks,"",0));
-	&xor(	$u,		$R		);
-	&xor(	$t,		$R		);
-	&rotr(	$t,		4		);
-
-	# the numbers at the end of the line are origional instruction order
-	&mov(	$tmp2,		$u		);			# 1 2
-	&mov(	$tmp1,		$t		);			# 1 1
-	&and(	$tmp2,		"0xfc"		);			# 1 4
-	&and(	$tmp1,		"0xfc"		);			# 1 3
-	&shr(	$t,		8		);			# 1 5
-	&xor(	$L,		&DWP("0x100+$desSP",$tmp1,"",0));	# 1 7
-	&shr(	$u,		8		);			# 1 6
-	&mov(	$tmp1,		&DWP("      $desSP",$tmp2,"",0));	# 1 8
-
-	&mov(	$tmp2,		$u		);			# 2 2
-	&xor(	$L,		$tmp1		);			# 1 9
-	&and(	$tmp2,		"0xfc"		);			# 2 4
-	&mov(	$tmp1,		$t		);			# 2 1
-	&and(	$tmp1,		"0xfc"		);			# 2 3
-	&shr(	$t,		8		);			# 2 5
-	&xor(	$L,		&DWP("0x300+$desSP",$tmp1,"",0));	# 2 7
-	&shr(	$u,		8		);			# 2 6
-	&mov(	$tmp1,		&DWP("0x200+$desSP",$tmp2,"",0));	# 2 8
-	&mov(	$tmp2,		$u		);			# 3 2
-
-	&xor(	$L,		$tmp1		);			# 2 9
-	&and(	$tmp2,		"0xfc"		);			# 3 4
-
-	&mov(	$tmp1,		$t		);			# 3 1 
-	&shr(	$u,		8		);			# 3 6
-	&and(	$tmp1,		"0xfc"		);			# 3 3
-	&shr(	$t,		8		);			# 3 5
-	&xor(	$L,		&DWP("0x500+$desSP",$tmp1,"",0));	# 3 7
-	&mov(	$tmp1,		&DWP("0x400+$desSP",$tmp2,"",0));	# 3 8
-
-	&and(	$t,		"0xfc"		);			# 4 1
-	&xor(	$L,		$tmp1		);			# 3 9
-
-	&and(	$u,		"0xfc"		);			# 4 2
-	&xor(	$L,		&DWP("0x700+$desSP",$t,"",0));		# 4 3
-	&xor(	$L,		&DWP("0x600+$desSP",$u,"",0));		# 4 4
-	}
-
-sub PERM_OP
-	{
-	local($a,$b,$tt,$shift,$mask)=@_;
-
-	&mov(	$tt,		$a		);
-	&shr(	$tt,		$shift		);
-	&xor(	$tt,		$b		);
-	&and(	$tt,		$mask		);
-	&xor(	$b,		$tt		);
-	&shl(	$tt,		$shift		);
-	&xor(	$a,		$tt		);
-	}
-
-sub IP
-	{
-	local($l,$r,$tt)=@_;
-
-	&PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");
-	&PERM_OP($l,$r,$tt,16,"0x0000ffff");
-	&PERM_OP($r,$l,$tt, 2,"0x33333333");
-	&PERM_OP($l,$r,$tt, 8,"0x00ff00ff");
-	&PERM_OP($r,$l,$tt, 1,"0x55555555");
-	}
-
-sub FP
-	{
-	local($l,$r,$tt)=@_;
-
-	&PERM_OP($l,$r,$tt, 1,"0x55555555");
-        &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");
-        &PERM_OP($l,$r,$tt, 2,"0x33333333");
-        &PERM_OP($r,$l,$tt,16,"0x0000ffff");
-        &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");
-	}
-
-sub n2a
-	{
-	sprintf("%d",$_[0]);
-	}
+
+$prog="des686.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+# WILL NOT WORK ANYMORE WITH desboth.pl
+require "desboth.pl";
+
+if (	($ARGV[0] eq "elf"))
+	{ require "x86unix.pl"; }
+elsif (	($ARGV[0] eq "a.out"))
+	{ $aout=1; require "x86unix.pl"; }
+elsif (	($ARGV[0] eq "sol"))
+	{ $sol=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "cpp"))
+	{ $cpp=1; require "x86unix.pl"; }
+elsif (	($ARGV[0] eq "win32"))
+	{ require "x86ms.pl"; }
+else
+	{
+	print STDERR <<"EOF";
+Pick one target type from
+	elf	- linux, FreeBSD etc
+	a.out	- old linux
+	sol	- x86 solaris
+	cpp	- format so x86unix.cpp can be used
+	win32	- Windows 95/Windows NT
+EOF
+	exit(1);
+	}
+
+&comment("Don't even think of reading this code");
+&comment("It was automatically generated by $prog");
+&comment("Which is a perl program used to generate the x86 assember for");
+&comment("any of elf, a.out, Win32, or Solaris");
+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
+&comment("eric <eay\@cryptsoft.com>");
+&comment("");
+
+&file("dx86xxxx");
+
+$L="edi";
+$R="esi";
+
+&des_encrypt("des_encrypt",1);
+&des_encrypt("des_encrypt2",0);
+
+&des_encrypt3("des_encrypt3",1);
+&des_encrypt3("des_decrypt3",0);
+
+&file_end();
+
+sub des_encrypt
+	{
+	local($name,$do_ip)=@_;
+
+	&function_begin($name,"EXTRN   _des_SPtrans:DWORD");
+
+	&comment("");
+	&comment("Load the 2 words");
+	&mov("eax",&wparam(0));
+	&mov($L,&DWP(0,"eax","",0));
+	&mov($R,&DWP(4,"eax","",0));
+
+	$ksp=&wparam(1);
+
+	if ($do_ip)
+		{
+		&comment("");
+		&comment("IP");
+		&IP_new($L,$R,"eax");
+		}
+
+	&comment("");
+	&comment("fixup rotate");
+	&rotl($R,3);
+	&rotl($L,3);
+	&exch($L,$R);
+
+	&comment("");
+	&comment("load counter, key_schedule and enc flag");
+	&mov("eax",&wparam(2));	# get encrypt flag
+	&mov("ebp",&wparam(1));	# get ks
+	&cmp("eax","0");
+	&je(&label("start_decrypt"));
+
+	# encrypting part
+
+	for ($i=0; $i<16; $i+=2)
+		{
+		&comment("");
+		&comment("Round $i");
+		&D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+
+		&comment("");
+		&comment("Round ".sprintf("%d",$i+1));
+		&D_ENCRYPT($R,$L,($i+1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+		}
+	&jmp(&label("end"));
+
+	&set_label("start_decrypt");
+
+	for ($i=15; $i>0; $i-=2)
+		{
+		&comment("");
+		&comment("Round $i");
+		&D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+		&comment("");
+		&comment("Round ".sprintf("%d",$i-1));
+		&D_ENCRYPT($R,$L,($i-1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+		}
+
+	&set_label("end");
+
+	&comment("");
+	&comment("Fixup");
+	&rotr($L,3);		# r
+	&rotr($R,3);		# l
+
+	if ($do_ip)
+		{
+		&comment("");
+		&comment("FP");
+		&FP_new($R,$L,"eax");
+		}
+
+	&mov("eax",&wparam(0));
+	&mov(&DWP(0,"eax","",0),$L);
+	&mov(&DWP(4,"eax","",0),$R);
+
+	&function_end($name);
+	}
+
+
+# The logic is to load R into 2 registers and operate on both at the same time.
+# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte'
+# while also masking the other copy and doing a lookup.  We then also accumulate the
+# L value in 2 registers then combine them at the end.
+sub D_ENCRYPT
+	{
+	local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_;
+
+	&mov(	$u,		&DWP(&n2a($S*4),$ks,"",0));
+	&mov(	$t,		&DWP(&n2a(($S+1)*4),$ks,"",0));
+	&xor(	$u,		$R		);
+	&xor(	$t,		$R		);
+	&rotr(	$t,		4		);
+
+	# the numbers at the end of the line are origional instruction order
+	&mov(	$tmp2,		$u		);			# 1 2
+	&mov(	$tmp1,		$t		);			# 1 1
+	&and(	$tmp2,		"0xfc"		);			# 1 4
+	&and(	$tmp1,		"0xfc"		);			# 1 3
+	&shr(	$t,		8		);			# 1 5
+	&xor(	$L,		&DWP("0x100+$desSP",$tmp1,"",0));	# 1 7
+	&shr(	$u,		8		);			# 1 6
+	&mov(	$tmp1,		&DWP("      $desSP",$tmp2,"",0));	# 1 8
+
+	&mov(	$tmp2,		$u		);			# 2 2
+	&xor(	$L,		$tmp1		);			# 1 9
+	&and(	$tmp2,		"0xfc"		);			# 2 4
+	&mov(	$tmp1,		$t		);			# 2 1
+	&and(	$tmp1,		"0xfc"		);			# 2 3
+	&shr(	$t,		8		);			# 2 5
+	&xor(	$L,		&DWP("0x300+$desSP",$tmp1,"",0));	# 2 7
+	&shr(	$u,		8		);			# 2 6
+	&mov(	$tmp1,		&DWP("0x200+$desSP",$tmp2,"",0));	# 2 8
+	&mov(	$tmp2,		$u		);			# 3 2
+
+	&xor(	$L,		$tmp1		);			# 2 9
+	&and(	$tmp2,		"0xfc"		);			# 3 4
+
+	&mov(	$tmp1,		$t		);			# 3 1 
+	&shr(	$u,		8		);			# 3 6
+	&and(	$tmp1,		"0xfc"		);			# 3 3
+	&shr(	$t,		8		);			# 3 5
+	&xor(	$L,		&DWP("0x500+$desSP",$tmp1,"",0));	# 3 7
+	&mov(	$tmp1,		&DWP("0x400+$desSP",$tmp2,"",0));	# 3 8
+
+	&and(	$t,		"0xfc"		);			# 4 1
+	&xor(	$L,		$tmp1		);			# 3 9
+
+	&and(	$u,		"0xfc"		);			# 4 2
+	&xor(	$L,		&DWP("0x700+$desSP",$t,"",0));		# 4 3
+	&xor(	$L,		&DWP("0x600+$desSP",$u,"",0));		# 4 4
+	}
+
+sub PERM_OP
+	{
+	local($a,$b,$tt,$shift,$mask)=@_;
+
+	&mov(	$tt,		$a		);
+	&shr(	$tt,		$shift		);
+	&xor(	$tt,		$b		);
+	&and(	$tt,		$mask		);
+	&xor(	$b,		$tt		);
+	&shl(	$tt,		$shift		);
+	&xor(	$a,		$tt		);
+	}
+
+sub IP_new
+	{
+	local($l,$r,$tt)=@_;
+
+	&PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");
+	&PERM_OP($l,$r,$tt,16,"0x0000ffff");
+	&PERM_OP($r,$l,$tt, 2,"0x33333333");
+	&PERM_OP($l,$r,$tt, 8,"0x00ff00ff");
+	&PERM_OP($r,$l,$tt, 1,"0x55555555");
+	}
+
+sub FP_new
+	{
+	local($l,$r,$tt)=@_;
+
+	&PERM_OP($l,$r,$tt, 1,"0x55555555");
+        &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");
+        &PERM_OP($l,$r,$tt, 2,"0x33333333");
+        &PERM_OP($r,$l,$tt,16,"0x0000ffff");
+        &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");
+	}
+
+sub n2a
+	{
+	sprintf("%d",$_[0]);
+	}
diff --git a/crypto/des/asm/desboth.pl b/crypto/des/asm/desboth.pl
index b94138ce63..288984d135 100644
--- a/crypto/des/asm/desboth.pl
+++ b/crypto/des/asm/desboth.pl
@@ -1,67 +1,79 @@
 #!/usr/local/bin/perl
-
-$L="edi";
-$R="esi";
-
-sub des_encrypt3
-	{
-	local($name,$enc)=@_;
-
-	&function_begin($name,4,"");
-
-	&comment("");
-	&comment("Load the data words");
-	&mov("ebx",&wparam(0));
-	&mov($L,&DWP(0,"ebx","",0));
-	&mov($R,&DWP(4,"ebx","",0));
-
-	&comment("");
-	&comment("IP");
-	&IP_new($L,$R,"edx",0);
-
-	# put them back
-	
-	if ($enc)
-		{
-		&mov(&DWP(4,"ebx","",0),$R);
-		 &mov("eax",&wparam(1));
-		&mov(&DWP(0,"ebx","",0),"edx");
-		 &mov("edi",&wparam(2));
-		 &mov("esi",&wparam(3));
-		}
-	else
-		{
-		&mov(&DWP(4,"ebx","",0),$R);
-		 &mov("esi",&wparam(1));
-		&mov(&DWP(0,"ebx","",0),"edx");
-		 &mov("edi",&wparam(2));
-		 &mov("eax",&wparam(3));
-		}
-	&push(($enc)?"1":"0");
-	&push("eax");
-	&push("ebx");
-	&call("des_encrypt2");
-	&push(($enc)?"0":"1");
-	&push("edi");
-	&push("ebx");
-	&call("des_encrypt2");
-	&push(($enc)?"1":"0");
-	&push("esi");
-	&push("ebx");
-	&call("des_encrypt2");
-
-	&mov($L,&DWP(0,"ebx","",0));
-	&add("esp",36);
-	&mov($R,&DWP(4,"ebx","",0));
-
-	&comment("");
-	&comment("FP");
-	&FP_new($L,$R,"eax",0);
-
-	&mov(&DWP(0,"ebx","",0),"eax");
-	&mov(&DWP(4,"ebx","",0),$R);
-
-	&function_end($name);
-	}
-
-
+
+$L="edi";
+$R="esi";
+
+sub des_encrypt3
+	{
+	local($name,$enc)=@_;
+
+	&function_begin_B($name,"");
+	&push("ebx");
+	&mov("ebx",&wparam(0));
+
+	&push("ebp");
+	&push("esi");
+
+	&push("edi");
+
+	&comment("");
+	&comment("Load the data words");
+	&mov($L,&DWP(0,"ebx","",0));
+	&mov($R,&DWP(4,"ebx","",0));
+	&stack_push(3);
+
+	&comment("");
+	&comment("IP");
+	&IP_new($L,$R,"edx",0);
+
+	# put them back
+	
+	if ($enc)
+		{
+		&mov(&DWP(4,"ebx","",0),$R);
+		 &mov("eax",&wparam(1));
+		&mov(&DWP(0,"ebx","",0),"edx");
+		 &mov("edi",&wparam(2));
+		 &mov("esi",&wparam(3));
+		}
+	else
+		{
+		&mov(&DWP(4,"ebx","",0),$R);
+		 &mov("esi",&wparam(1));
+		&mov(&DWP(0,"ebx","",0),"edx");
+		 &mov("edi",&wparam(2));
+		 &mov("eax",&wparam(3));
+		}
+	&mov(&swtmp(2),	(($enc)?"1":"0"));
+	&mov(&swtmp(1),	"eax");
+	&mov(&swtmp(0),	"ebx");
+	&call("des_encrypt2");
+	&mov(&swtmp(2),	(($enc)?"0":"1"));
+	&mov(&swtmp(1),	"edi");
+	&mov(&swtmp(0),	"ebx");
+	&call("des_encrypt2");
+	&mov(&swtmp(2),	(($enc)?"1":"0"));
+	&mov(&swtmp(1),	"esi");
+	&mov(&swtmp(0),	"ebx");
+	&call("des_encrypt2");
+
+	&stack_pop(3);
+	&mov($L,&DWP(0,"ebx","",0));
+	&mov($R,&DWP(4,"ebx","",0));
+
+	&comment("");
+	&comment("FP");
+	&FP_new($L,$R,"eax",0);
+
+	&mov(&DWP(0,"ebx","",0),"eax");
+	&mov(&DWP(4,"ebx","",0),$R);
+
+	&pop("edi");
+	&pop("esi");
+	&pop("ebp");
+	&pop("ebx");
+	&ret();
+	&function_end_B($name);
+	}
+
+
diff --git a/crypto/des/asm/dx86unix.cpp b/crypto/des/asm/dx86unix.cpp
index 941cf1f604..6fca9afa16 100644
--- a/crypto/des/asm/dx86unix.cpp
+++ b/crypto/des/asm/dx86unix.cpp
@@ -1,32 +1,41 @@
+/* Run the C pre-processor over this file with one of the following defined
+ * ELF - elf object files,
+ * OUT - a.out object files,
+ * BSDI - BSDI style a.out object files
+ * SOL - Solaris style elf
+ */
 
-#define TYPE(a,b)	.type	a,b
-#define SIZE(a,b)	.size	a,b
+#define TYPE(a,b)       .type   a,b
+#define SIZE(a,b)       .size   a,b
+
+#if defined(OUT) || defined(BSDI)
+#define des_SPtrans _des_SPtrans
+#define des_encrypt _des_encrypt
+#define des_encrypt2 _des_encrypt2
+#define des_encrypt3 _des_encrypt3
+#define des_decrypt3 _des_decrypt3
+#define des_ncbc_encrypt _des_ncbc_encrypt
+#define des_ede3_cbc_encrypt _des_ede3_cbc_encrypt
+
+#endif
 
 #ifdef OUT
-#define OK		1
-#define des_SPtrans	_des_SPtrans
-#define des_encrypt	_des_encrypt
-#define des_encrypt2	_des_encrypt2
-#define des_encrypt3	_des_encrypt3
-#define des_decrypt3	_des_decrypt3
-#define ALIGN		4
+#define OK	1
+#define ALIGN	4
 #endif
 
 #ifdef BSDI
-#define OK		1
-#define des_SPtrans	_des_SPtrans
-#define des_encrypt	_des_encrypt
-#define des_encrypt2	_des_encrypt2
-#define des_encrypt3	_des_encrypt3
-#define des_decrypt3	_des_decrypt3
-#define ALIGN		4
+#define OK              1
+#define ALIGN           4
 #undef SIZE
 #undef TYPE
+#define SIZE(a,b)
+#define TYPE(a,b)
 #endif
 
 #if defined(ELF) || defined(SOL)
-#define OK		1
-#define ALIGN		16
+#define OK              1
+#define ALIGN           16
 #endif
 
 #ifndef OK
@@ -37,5 +46,3157 @@ SOL - solaris systems, which are elf with strange comment lines
 BSDI - a.out with a very primative version of as.
 #endif
 
-#include "dx86-cpp.s" 
+/* Let the Assembler begin :-) */
+	/* Don't even think of reading this code */
+	/* It was automatically generated by des-586.pl */
+	/* Which is a perl program used to generate the x86 assember for */
+	/* any of elf, a.out, BSDI,Win32, or Solaris */
+	/* eric <eay@cryptsoft.com> */
+
+	.file	"des-586.s"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align ALIGN
+.globl des_encrypt
+	TYPE(des_encrypt,@function)
+des_encrypt:
+	pushl	%esi
+	pushl	%edi
+
+	/* Load the 2 words */
+	movl	12(%esp),	%esi
+	xorl	%ecx,		%ecx
+	pushl	%ebx
+	pushl	%ebp
+	movl	(%esi),		%eax
+	movl	28(%esp),	%ebx
+	movl	4(%esi),	%edi
+
+	/* IP */
+	roll	$4,		%eax
+	movl	%eax,		%esi
+	xorl	%edi,		%eax
+	andl	$0xf0f0f0f0,	%eax
+	xorl	%eax,		%esi
+	xorl	%eax,		%edi
+
+	roll	$20,		%edi
+	movl	%edi,		%eax
+	xorl	%esi,		%edi
+	andl	$0xfff0000f,	%edi
+	xorl	%edi,		%eax
+	xorl	%edi,		%esi
+
+	roll	$14,		%eax
+	movl	%eax,		%edi
+	xorl	%esi,		%eax
+	andl	$0x33333333,	%eax
+	xorl	%eax,		%edi
+	xorl	%eax,		%esi
+
+	roll	$22,		%esi
+	movl	%esi,		%eax
+	xorl	%edi,		%esi
+	andl	$0x03fc03fc,	%esi
+	xorl	%esi,		%eax
+	xorl	%esi,		%edi
+
+	roll	$9,		%eax
+	movl	%eax,		%esi
+	xorl	%edi,		%eax
+	andl	$0xaaaaaaaa,	%eax
+	xorl	%eax,		%esi
+	xorl	%eax,		%edi
+
+.byte 209
+.byte 199		/* roll $1 %edi */
+	movl	24(%esp),	%ebp
+	cmpl	$0,		%ebx
+	je	.L000start_decrypt
+
+	/* Round 0 */
+	movl	(%ebp),		%eax
+	xorl	%ebx,		%ebx
+	movl	4(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 1 */
+	movl	8(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	12(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 2 */
+	movl	16(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	20(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 3 */
+	movl	24(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	28(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 4 */
+	movl	32(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	36(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 5 */
+	movl	40(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	44(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 6 */
+	movl	48(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	52(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 7 */
+	movl	56(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	60(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 8 */
+	movl	64(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	68(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 9 */
+	movl	72(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	76(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 10 */
+	movl	80(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	84(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 11 */
+	movl	88(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	92(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 12 */
+	movl	96(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	100(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 13 */
+	movl	104(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	108(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 14 */
+	movl	112(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	116(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 15 */
+	movl	120(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	124(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+	jmp	.L001end
+.L000start_decrypt:
+
+	/* Round 15 */
+	movl	120(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	124(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 14 */
+	movl	112(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	116(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 13 */
+	movl	104(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	108(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 12 */
+	movl	96(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	100(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 11 */
+	movl	88(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	92(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 10 */
+	movl	80(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	84(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 9 */
+	movl	72(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	76(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 8 */
+	movl	64(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	68(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 7 */
+	movl	56(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	60(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 6 */
+	movl	48(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	52(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 5 */
+	movl	40(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	44(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 4 */
+	movl	32(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	36(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 3 */
+	movl	24(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	28(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 2 */
+	movl	16(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	20(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 1 */
+	movl	8(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	12(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 0 */
+	movl	(%ebp),		%eax
+	xorl	%ebx,		%ebx
+	movl	4(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+.L001end:
+
+	/* FP */
+	movl	20(%esp),	%edx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	movl	%edi,		%eax
+	xorl	%esi,		%edi
+	andl	$0xaaaaaaaa,	%edi
+	xorl	%edi,		%eax
+	xorl	%edi,		%esi
+
+	roll	$23,		%eax
+	movl	%eax,		%edi
+	xorl	%esi,		%eax
+	andl	$0x03fc03fc,	%eax
+	xorl	%eax,		%edi
+	xorl	%eax,		%esi
+
+	roll	$10,		%edi
+	movl	%edi,		%eax
+	xorl	%esi,		%edi
+	andl	$0x33333333,	%edi
+	xorl	%edi,		%eax
+	xorl	%edi,		%esi
+
+	roll	$18,		%esi
+	movl	%esi,		%edi
+	xorl	%eax,		%esi
+	andl	$0xfff0000f,	%esi
+	xorl	%esi,		%edi
+	xorl	%esi,		%eax
+
+	roll	$12,		%edi
+	movl	%edi,		%esi
+	xorl	%eax,		%edi
+	andl	$0xf0f0f0f0,	%edi
+	xorl	%edi,		%esi
+	xorl	%edi,		%eax
+
+	rorl	$4,		%eax
+	movl	%eax,		(%edx)
+	movl	%esi,		4(%edx)
+	popl	%ebp
+	popl	%ebx
+	popl	%edi
+	popl	%esi
+	ret
+.des_encrypt_end:
+	SIZE(des_encrypt,.des_encrypt_end-des_encrypt)
+.ident	"desasm.pl"
+.text
+	.align ALIGN
+.globl des_encrypt2
+	TYPE(des_encrypt2,@function)
+des_encrypt2:
+	pushl	%esi
+	pushl	%edi
+
+	/* Load the 2 words */
+	movl	12(%esp),	%eax
+	xorl	%ecx,		%ecx
+	pushl	%ebx
+	pushl	%ebp
+	movl	(%eax),		%esi
+	movl	28(%esp),	%ebx
+	roll	$3,		%esi
+	movl	4(%eax),	%edi
+	roll	$3,		%edi
+	movl	24(%esp),	%ebp
+	cmpl	$0,		%ebx
+	je	.L002start_decrypt
+
+	/* Round 0 */
+	movl	(%ebp),		%eax
+	xorl	%ebx,		%ebx
+	movl	4(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 1 */
+	movl	8(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	12(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 2 */
+	movl	16(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	20(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 3 */
+	movl	24(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	28(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 4 */
+	movl	32(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	36(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 5 */
+	movl	40(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	44(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 6 */
+	movl	48(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	52(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 7 */
+	movl	56(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	60(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 8 */
+	movl	64(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	68(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 9 */
+	movl	72(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	76(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 10 */
+	movl	80(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	84(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 11 */
+	movl	88(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	92(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 12 */
+	movl	96(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	100(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 13 */
+	movl	104(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	108(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 14 */
+	movl	112(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	116(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 15 */
+	movl	120(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	124(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+	jmp	.L003end
+.L002start_decrypt:
+
+	/* Round 15 */
+	movl	120(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	124(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 14 */
+	movl	112(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	116(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 13 */
+	movl	104(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	108(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 12 */
+	movl	96(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	100(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 11 */
+	movl	88(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	92(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 10 */
+	movl	80(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	84(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 9 */
+	movl	72(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	76(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 8 */
+	movl	64(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	68(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 7 */
+	movl	56(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	60(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 6 */
+	movl	48(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	52(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 5 */
+	movl	40(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	44(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 4 */
+	movl	32(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	36(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 3 */
+	movl	24(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	28(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 2 */
+	movl	16(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	20(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 1 */
+	movl	8(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	12(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 0 */
+	movl	(%ebp),		%eax
+	xorl	%ebx,		%ebx
+	movl	4(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+.L003end:
+
+	/* Fixup */
+	rorl	$3,		%edi
+	movl	20(%esp),	%eax
+	rorl	$3,		%esi
+	movl	%edi,		(%eax)
+	movl	%esi,		4(%eax)
+	popl	%ebp
+	popl	%ebx
+	popl	%edi
+	popl	%esi
+	ret
+.des_encrypt2_end:
+	SIZE(des_encrypt2,.des_encrypt2_end-des_encrypt2)
+.ident	"desasm.pl"
+.text
+	.align ALIGN
+.globl des_encrypt3
+	TYPE(des_encrypt3,@function)
+des_encrypt3:
+	pushl	%ebx
+	movl	8(%esp),	%ebx
+	pushl	%ebp
+	pushl	%esi
+	pushl	%edi
+
+	/* Load the data words */
+	movl	(%ebx),		%edi
+	movl	4(%ebx),	%esi
+	subl	$12,		%esp
+
+	/* IP */
+	roll	$4,		%edi
+	movl	%edi,		%edx
+	xorl	%esi,		%edi
+	andl	$0xf0f0f0f0,	%edi
+	xorl	%edi,		%edx
+	xorl	%edi,		%esi
+
+	roll	$20,		%esi
+	movl	%esi,		%edi
+	xorl	%edx,		%esi
+	andl	$0xfff0000f,	%esi
+	xorl	%esi,		%edi
+	xorl	%esi,		%edx
+
+	roll	$14,		%edi
+	movl	%edi,		%esi
+	xorl	%edx,		%edi
+	andl	$0x33333333,	%edi
+	xorl	%edi,		%esi
+	xorl	%edi,		%edx
+
+	roll	$22,		%edx
+	movl	%edx,		%edi
+	xorl	%esi,		%edx
+	andl	$0x03fc03fc,	%edx
+	xorl	%edx,		%edi
+	xorl	%edx,		%esi
+
+	roll	$9,		%edi
+	movl	%edi,		%edx
+	xorl	%esi,		%edi
+	andl	$0xaaaaaaaa,	%edi
+	xorl	%edi,		%edx
+	xorl	%edi,		%esi
+
+	rorl	$3,		%edx
+	rorl	$2,		%esi
+	movl	%esi,		4(%ebx)
+	movl	36(%esp),	%eax
+	movl	%edx,		(%ebx)
+	movl	40(%esp),	%edi
+	movl	44(%esp),	%esi
+	movl	$1,		8(%esp)
+	movl	%eax,		4(%esp)
+	movl	%ebx,		(%esp)
+	call	des_encrypt2
+	movl	$0,		8(%esp)
+	movl	%edi,		4(%esp)
+	movl	%ebx,		(%esp)
+	call	des_encrypt2
+	movl	$1,		8(%esp)
+	movl	%esi,		4(%esp)
+	movl	%ebx,		(%esp)
+	call	des_encrypt2
+	addl	$12,		%esp
+	movl	(%ebx),		%edi
+	movl	4(%ebx),	%esi
+
+	/* FP */
+	roll	$2,		%esi
+	roll	$3,		%edi
+	movl	%edi,		%eax
+	xorl	%esi,		%edi
+	andl	$0xaaaaaaaa,	%edi
+	xorl	%edi,		%eax
+	xorl	%edi,		%esi
+
+	roll	$23,		%eax
+	movl	%eax,		%edi
+	xorl	%esi,		%eax
+	andl	$0x03fc03fc,	%eax
+	xorl	%eax,		%edi
+	xorl	%eax,		%esi
+
+	roll	$10,		%edi
+	movl	%edi,		%eax
+	xorl	%esi,		%edi
+	andl	$0x33333333,	%edi
+	xorl	%edi,		%eax
+	xorl	%edi,		%esi
+
+	roll	$18,		%esi
+	movl	%esi,		%edi
+	xorl	%eax,		%esi
+	andl	$0xfff0000f,	%esi
+	xorl	%esi,		%edi
+	xorl	%esi,		%eax
+
+	roll	$12,		%edi
+	movl	%edi,		%esi
+	xorl	%eax,		%edi
+	andl	$0xf0f0f0f0,	%edi
+	xorl	%edi,		%esi
+	xorl	%edi,		%eax
+
+	rorl	$4,		%eax
+	movl	%eax,		(%ebx)
+	movl	%esi,		4(%ebx)
+	popl	%edi
+	popl	%esi
+	popl	%ebp
+	popl	%ebx
+	ret
+.des_encrypt3_end:
+	SIZE(des_encrypt3,.des_encrypt3_end-des_encrypt3)
+.ident	"desasm.pl"
+.text
+	.align ALIGN
+.globl des_decrypt3
+	TYPE(des_decrypt3,@function)
+des_decrypt3:
+	pushl	%ebx
+	movl	8(%esp),	%ebx
+	pushl	%ebp
+	pushl	%esi
+	pushl	%edi
+
+	/* Load the data words */
+	movl	(%ebx),		%edi
+	movl	4(%ebx),	%esi
+	subl	$12,		%esp
+
+	/* IP */
+	roll	$4,		%edi
+	movl	%edi,		%edx
+	xorl	%esi,		%edi
+	andl	$0xf0f0f0f0,	%edi
+	xorl	%edi,		%edx
+	xorl	%edi,		%esi
+
+	roll	$20,		%esi
+	movl	%esi,		%edi
+	xorl	%edx,		%esi
+	andl	$0xfff0000f,	%esi
+	xorl	%esi,		%edi
+	xorl	%esi,		%edx
+
+	roll	$14,		%edi
+	movl	%edi,		%esi
+	xorl	%edx,		%edi
+	andl	$0x33333333,	%edi
+	xorl	%edi,		%esi
+	xorl	%edi,		%edx
+
+	roll	$22,		%edx
+	movl	%edx,		%edi
+	xorl	%esi,		%edx
+	andl	$0x03fc03fc,	%edx
+	xorl	%edx,		%edi
+	xorl	%edx,		%esi
+
+	roll	$9,		%edi
+	movl	%edi,		%edx
+	xorl	%esi,		%edi
+	andl	$0xaaaaaaaa,	%edi
+	xorl	%edi,		%edx
+	xorl	%edi,		%esi
+
+	rorl	$3,		%edx
+	rorl	$2,		%esi
+	movl	%esi,		4(%ebx)
+	movl	36(%esp),	%esi
+	movl	%edx,		(%ebx)
+	movl	40(%esp),	%edi
+	movl	44(%esp),	%eax
+	movl	$0,		8(%esp)
+	movl	%eax,		4(%esp)
+	movl	%ebx,		(%esp)
+	call	des_encrypt2
+	movl	$1,		8(%esp)
+	movl	%edi,		4(%esp)
+	movl	%ebx,		(%esp)
+	call	des_encrypt2
+	movl	$0,		8(%esp)
+	movl	%esi,		4(%esp)
+	movl	%ebx,		(%esp)
+	call	des_encrypt2
+	addl	$12,		%esp
+	movl	(%ebx),		%edi
+	movl	4(%ebx),	%esi
+
+	/* FP */
+	roll	$2,		%esi
+	roll	$3,		%edi
+	movl	%edi,		%eax
+	xorl	%esi,		%edi
+	andl	$0xaaaaaaaa,	%edi
+	xorl	%edi,		%eax
+	xorl	%edi,		%esi
+
+	roll	$23,		%eax
+	movl	%eax,		%edi
+	xorl	%esi,		%eax
+	andl	$0x03fc03fc,	%eax
+	xorl	%eax,		%edi
+	xorl	%eax,		%esi
+
+	roll	$10,		%edi
+	movl	%edi,		%eax
+	xorl	%esi,		%edi
+	andl	$0x33333333,	%edi
+	xorl	%edi,		%eax
+	xorl	%edi,		%esi
+
+	roll	$18,		%esi
+	movl	%esi,		%edi
+	xorl	%eax,		%esi
+	andl	$0xfff0000f,	%esi
+	xorl	%esi,		%edi
+	xorl	%esi,		%eax
+
+	roll	$12,		%edi
+	movl	%edi,		%esi
+	xorl	%eax,		%edi
+	andl	$0xf0f0f0f0,	%edi
+	xorl	%edi,		%esi
+	xorl	%edi,		%eax
+
+	rorl	$4,		%eax
+	movl	%eax,		(%ebx)
+	movl	%esi,		4(%ebx)
+	popl	%edi
+	popl	%esi
+	popl	%ebp
+	popl	%ebx
+	ret
+.des_decrypt3_end:
+	SIZE(des_decrypt3,.des_decrypt3_end-des_decrypt3)
+.ident	"desasm.pl"
+.text
+	.align ALIGN
+.globl des_ncbc_encrypt
+	TYPE(des_ncbc_encrypt,@function)
+des_ncbc_encrypt:
+
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	28(%esp),	%ebp
+	/* getting iv ptr from parameter 4 */
+	movl	36(%esp),	%ebx
+	movl	(%ebx),		%esi
+	movl	4(%ebx),	%edi
+	pushl	%edi
+	pushl	%esi
+	pushl	%edi
+	pushl	%esi
+	movl	%esp,		%ebx
+	movl	36(%esp),	%esi
+	movl	40(%esp),	%edi
+	/* getting encrypt flag from parameter 5 */
+	movl	56(%esp),	%ecx
+	/* get and push parameter 5 */
+	pushl	%ecx
+	/* get and push parameter 3 */
+	movl	52(%esp),	%eax
+	pushl	%eax
+	pushl	%ebx
+	cmpl	$0,		%ecx
+	jz	.L004decrypt
+	andl	$4294967288,	%ebp
+	movl	12(%esp),	%eax
+	movl	16(%esp),	%ebx
+	jz	.L005encrypt_finish
+.L006encrypt_loop:
+	movl	(%esi),		%ecx
+	movl	4(%esi),	%edx
+	xorl	%ecx,		%eax
+	xorl	%edx,		%ebx
+	movl	%eax,		12(%esp)
+	movl	%ebx,		16(%esp)
+	call	des_encrypt
+	movl	12(%esp),	%eax
+	movl	16(%esp),	%ebx
+	movl	%eax,		(%edi)
+	movl	%ebx,		4(%edi)
+	addl	$8,		%esi
+	addl	$8,		%edi
+	subl	$8,		%ebp
+	jnz	.L006encrypt_loop
+.L005encrypt_finish:
+	movl	56(%esp),	%ebp
+	andl	$7,		%ebp
+	jz	.L007finish
+	xorl	%ecx,		%ecx
+	xorl	%edx,		%edx
+	movl	.L008cbc_enc_jmp_table(,%ebp,4),%ebp
+	jmp	*%ebp
+.L009ej7:
+	movb	6(%esi),	%dh
+	sall	$8,		%edx
+.L010ej6:
+	movb	5(%esi),	%dh
+.L011ej5:
+	movb	4(%esi),	%dl
+.L012ej4:
+	movl	(%esi),		%ecx
+	jmp	.L013ejend
+.L014ej3:
+	movb	2(%esi),	%ch
+	sall	$8,		%ecx
+.L015ej2:
+	movb	1(%esi),	%ch
+.L016ej1:
+	movb	(%esi),		%cl
+.L013ejend:
+	xorl	%ecx,		%eax
+	xorl	%edx,		%ebx
+	movl	%eax,		12(%esp)
+	movl	%ebx,		16(%esp)
+	call	des_encrypt
+	movl	12(%esp),	%eax
+	movl	16(%esp),	%ebx
+	movl	%eax,		(%edi)
+	movl	%ebx,		4(%edi)
+	jmp	.L007finish
+.align ALIGN
+.L004decrypt:
+	andl	$4294967288,	%ebp
+	movl	20(%esp),	%eax
+	movl	24(%esp),	%ebx
+	jz	.L017decrypt_finish
+.L018decrypt_loop:
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+	movl	%eax,		12(%esp)
+	movl	%ebx,		16(%esp)
+	call	des_encrypt
+	movl	12(%esp),	%eax
+	movl	16(%esp),	%ebx
+	movl	20(%esp),	%ecx
+	movl	24(%esp),	%edx
+	xorl	%eax,		%ecx
+	xorl	%ebx,		%edx
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+	movl	%ecx,		(%edi)
+	movl	%edx,		4(%edi)
+	movl	%eax,		20(%esp)
+	movl	%ebx,		24(%esp)
+	addl	$8,		%esi
+	addl	$8,		%edi
+	subl	$8,		%ebp
+	jnz	.L018decrypt_loop
+.L017decrypt_finish:
+	movl	56(%esp),	%ebp
+	andl	$7,		%ebp
+	jz	.L007finish
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+	movl	%eax,		12(%esp)
+	movl	%ebx,		16(%esp)
+	call	des_encrypt
+	movl	12(%esp),	%eax
+	movl	16(%esp),	%ebx
+	movl	20(%esp),	%ecx
+	movl	24(%esp),	%edx
+	xorl	%eax,		%ecx
+	xorl	%ebx,		%edx
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+.L019dj7:
+	rorl	$16,		%edx
+	movb	%dl,		6(%edi)
+	shrl	$16,		%edx
+.L020dj6:
+	movb	%dh,		5(%edi)
+.L021dj5:
+	movb	%dl,		4(%edi)
+.L022dj4:
+	movl	%ecx,		(%edi)
+	jmp	.L023djend
+.L024dj3:
+	rorl	$16,		%ecx
+	movb	%cl,		2(%edi)
+	sall	$16,		%ecx
+.L025dj2:
+	movb	%ch,		1(%esi)
+.L026dj1:
+	movb	%cl,		(%esi)
+.L023djend:
+	jmp	.L007finish
+.align ALIGN
+.L007finish:
+	movl	64(%esp),	%ecx
+	addl	$28,		%esp
+	movl	%eax,		(%ecx)
+	movl	%ebx,		4(%ecx)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align ALIGN
+.L008cbc_enc_jmp_table:
+	.long 0
+	.long .L016ej1
+	.long .L015ej2
+	.long .L014ej3
+	.long .L012ej4
+	.long .L011ej5
+	.long .L010ej6
+	.long .L009ej7
+.align ALIGN
+.L027cbc_dec_jmp_table:
+	.long 0
+	.long .L026dj1
+	.long .L025dj2
+	.long .L024dj3
+	.long .L022dj4
+	.long .L021dj5
+	.long .L020dj6
+	.long .L019dj7
+.des_ncbc_encrypt_end:
+	SIZE(des_ncbc_encrypt,.des_ncbc_encrypt_end-des_ncbc_encrypt)
+.ident	"desasm.pl"
+.text
+	.align ALIGN
+.globl des_ede3_cbc_encrypt
+	TYPE(des_ede3_cbc_encrypt,@function)
+des_ede3_cbc_encrypt:
 
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	28(%esp),	%ebp
+	/* getting iv ptr from parameter 6 */
+	movl	44(%esp),	%ebx
+	movl	(%ebx),		%esi
+	movl	4(%ebx),	%edi
+	pushl	%edi
+	pushl	%esi
+	pushl	%edi
+	pushl	%esi
+	movl	%esp,		%ebx
+	movl	36(%esp),	%esi
+	movl	40(%esp),	%edi
+	/* getting encrypt flag from parameter 7 */
+	movl	64(%esp),	%ecx
+	/* get and push parameter 5 */
+	movl	56(%esp),	%eax
+	pushl	%eax
+	/* get and push parameter 4 */
+	movl	56(%esp),	%eax
+	pushl	%eax
+	/* get and push parameter 3 */
+	movl	56(%esp),	%eax
+	pushl	%eax
+	pushl	%ebx
+	cmpl	$0,		%ecx
+	jz	.L028decrypt
+	andl	$4294967288,	%ebp
+	movl	16(%esp),	%eax
+	movl	20(%esp),	%ebx
+	jz	.L029encrypt_finish
+.L030encrypt_loop:
+	movl	(%esi),		%ecx
+	movl	4(%esi),	%edx
+	xorl	%ecx,		%eax
+	xorl	%edx,		%ebx
+	movl	%eax,		16(%esp)
+	movl	%ebx,		20(%esp)
+	call	des_encrypt3
+	movl	16(%esp),	%eax
+	movl	20(%esp),	%ebx
+	movl	%eax,		(%edi)
+	movl	%ebx,		4(%edi)
+	addl	$8,		%esi
+	addl	$8,		%edi
+	subl	$8,		%ebp
+	jnz	.L030encrypt_loop
+.L029encrypt_finish:
+	movl	60(%esp),	%ebp
+	andl	$7,		%ebp
+	jz	.L031finish
+	xorl	%ecx,		%ecx
+	xorl	%edx,		%edx
+	movl	.L032cbc_enc_jmp_table(,%ebp,4),%ebp
+	jmp	*%ebp
+.L033ej7:
+	movb	6(%esi),	%dh
+	sall	$8,		%edx
+.L034ej6:
+	movb	5(%esi),	%dh
+.L035ej5:
+	movb	4(%esi),	%dl
+.L036ej4:
+	movl	(%esi),		%ecx
+	jmp	.L037ejend
+.L038ej3:
+	movb	2(%esi),	%ch
+	sall	$8,		%ecx
+.L039ej2:
+	movb	1(%esi),	%ch
+.L040ej1:
+	movb	(%esi),		%cl
+.L037ejend:
+	xorl	%ecx,		%eax
+	xorl	%edx,		%ebx
+	movl	%eax,		16(%esp)
+	movl	%ebx,		20(%esp)
+	call	des_encrypt3
+	movl	16(%esp),	%eax
+	movl	20(%esp),	%ebx
+	movl	%eax,		(%edi)
+	movl	%ebx,		4(%edi)
+	jmp	.L031finish
+.align ALIGN
+.L028decrypt:
+	andl	$4294967288,	%ebp
+	movl	24(%esp),	%eax
+	movl	28(%esp),	%ebx
+	jz	.L041decrypt_finish
+.L042decrypt_loop:
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+	movl	%eax,		16(%esp)
+	movl	%ebx,		20(%esp)
+	call	des_decrypt3
+	movl	16(%esp),	%eax
+	movl	20(%esp),	%ebx
+	movl	24(%esp),	%ecx
+	movl	28(%esp),	%edx
+	xorl	%eax,		%ecx
+	xorl	%ebx,		%edx
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+	movl	%ecx,		(%edi)
+	movl	%edx,		4(%edi)
+	movl	%eax,		24(%esp)
+	movl	%ebx,		28(%esp)
+	addl	$8,		%esi
+	addl	$8,		%edi
+	subl	$8,		%ebp
+	jnz	.L042decrypt_loop
+.L041decrypt_finish:
+	movl	60(%esp),	%ebp
+	andl	$7,		%ebp
+	jz	.L031finish
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+	movl	%eax,		16(%esp)
+	movl	%ebx,		20(%esp)
+	call	des_decrypt3
+	movl	16(%esp),	%eax
+	movl	20(%esp),	%ebx
+	movl	24(%esp),	%ecx
+	movl	28(%esp),	%edx
+	xorl	%eax,		%ecx
+	xorl	%ebx,		%edx
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+.L043dj7:
+	rorl	$16,		%edx
+	movb	%dl,		6(%edi)
+	shrl	$16,		%edx
+.L044dj6:
+	movb	%dh,		5(%edi)
+.L045dj5:
+	movb	%dl,		4(%edi)
+.L046dj4:
+	movl	%ecx,		(%edi)
+	jmp	.L047djend
+.L048dj3:
+	rorl	$16,		%ecx
+	movb	%cl,		2(%edi)
+	sall	$16,		%ecx
+.L049dj2:
+	movb	%ch,		1(%esi)
+.L050dj1:
+	movb	%cl,		(%esi)
+.L047djend:
+	jmp	.L031finish
+.align ALIGN
+.L031finish:
+	movl	76(%esp),	%ecx
+	addl	$32,		%esp
+	movl	%eax,		(%ecx)
+	movl	%ebx,		4(%ecx)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align ALIGN
+.L032cbc_enc_jmp_table:
+	.long 0
+	.long .L040ej1
+	.long .L039ej2
+	.long .L038ej3
+	.long .L036ej4
+	.long .L035ej5
+	.long .L034ej6
+	.long .L033ej7
+.align ALIGN
+.L051cbc_dec_jmp_table:
+	.long 0
+	.long .L050dj1
+	.long .L049dj2
+	.long .L048dj3
+	.long .L046dj4
+	.long .L045dj5
+	.long .L044dj6
+	.long .L043dj7
+.des_ede3_cbc_encrypt_end:
+	SIZE(des_ede3_cbc_encrypt,.des_ede3_cbc_encrypt_end-des_ede3_cbc_encrypt)
+.ident	"desasm.pl"
diff --git a/crypto/des/asm/readme b/crypto/des/asm/readme
index da2561a6b3..f8529d9307 100644
--- a/crypto/des/asm/readme
+++ b/crypto/des/asm/readme
@@ -1,131 +1,131 @@
-First up, let me say I don't like writing in assembler.  It is not portable,
-dependant on the particular CPU architecture release and is generally a pig
-to debug and get right.  Having said that, the x86 architecture is probably
-the most important for speed due to number of boxes and since
-it appears to be the worst architecture to to get
-good C compilers for.  So due to this, I have lowered myself to do
-assembler for the inner DES routines in libdes :-).
-
-The file to implement in assembler is des_enc.c.  Replace the following
-4 functions
-des_encrypt(DES_LONG data[2],des_key_schedule ks, int encrypt);
-des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt);
-des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
-des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
-
-They encrypt/decrypt the 64 bits held in 'data' using
-the 'ks' key schedules.   The only difference between the 4 functions is that
-des_encrypt2() does not perform IP() or FP() on the data (this is an
-optimization for when doing triple DES and des_encrypt3() and des_decrypt3()
-perform triple des.  The triple DES routines are in here because it does
-make a big difference to have them located near the des_encrypt2 function
-at link time..
-
-Now as we all know, there are lots of different operating systems running on
-x86 boxes, and unfortunately they normally try to make sure their assembler
-formating is not the same as the other peoples.
-The 4 main formats I know of are
-Microsoft	Windows 95/Windows NT
-Elf		Includes Linux and FreeBSD(?).
-a.out		The older Linux.
-Solaris		Same as Elf but different comments :-(.
-
-Now I was not overly keen to write 4 different copies of the same code,
-so I wrote a few perl routines to output the correct assembler, given
-a target assembler type.  This code is ugly and is just a hack.
-The libraries are x86unix.pl and x86ms.pl.
-des586.pl, des686.pl and des-som[23].pl are the programs to actually
-generate the assembler.
-
-So to generate elf assembler
-perl des-som3.pl elf >dx86-elf.s
-For Windows 95/NT
-perl des-som2.pl win32 >win32.asm
-
-[ update 4 Jan 1996 ]
-I have added another way to do things.
-perl des-som3.pl cpp >dx86-cpp.s
-generates a file that will be included by dx86unix.cpp when it is compiled.
-To build for elf, a.out, solaris, bsdi etc,
-cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
-cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o
-cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
-cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
-This was done to cut down the number of files in the distribution.
-
-Now the ugly part.  I acquired my copy of Intels
-"Optimization's For Intel's 32-Bit Processors" and found a few interesting
-things.  First, the aim of the exersize is to 'extract' one byte at a time
-from a word and do an array lookup.  This involves getting the byte from
-the 4 locations in the word and moving it to a new word and doing the lookup.
-The most obvious way to do this is
-xor	eax,	eax				# clear word
-movb	al,	cl				# get low byte
-xor	edi	DWORD PTR 0x100+des_SP[eax] 	# xor in word
-movb	al,	ch				# get next byte
-xor	edi	DWORD PTR 0x300+des_SP[eax] 	# xor in word
-shr	ecx	16
-which seems ok.  For the pentium, this system appears to be the best.
-One has to do instruction interleaving to keep both functional units
-operating, but it is basically very efficient.
-
-Now the crunch.  When a full register is used after a partial write, eg.
-mov	al,	cl
-xor	edi,	DWORD PTR 0x100+des_SP[eax]
-386	- 1 cycle stall
-486	- 1 cycle stall
-586	- 0 cycle stall
-686	- at least 7 cycle stall (page 22 of the above mentioned document).
-
-So the technique that produces the best results on a pentium, according to
-the documentation, will produce hideous results on a pentium pro.
-
-To get around this, des686.pl will generate code that is not as fast on
-a pentium, should be very good on a pentium pro.
-mov	eax,	ecx				# copy word 
-shr	ecx,	8				# line up next byte
-and	eax,	0fch				# mask byte
-xor	edi	DWORD PTR 0x100+des_SP[eax] 	# xor in array lookup
-mov	eax,	ecx				# get word
-shr	ecx	8				# line up next byte
-and	eax,	0fch				# mask byte
-xor	edi	DWORD PTR 0x300+des_SP[eax] 	# xor in array lookup
-
-Due to the execution units in the pentium, this actually works quite well.
-For a pentium pro it should be very good.  This is the type of output
-Visual C++ generates.
-
-There is a third option.  instead of using
-mov	al,	ch
-which is bad on the pentium pro, one may be able to use
-movzx	eax,	ch
-which may not incur the partial write penalty.  On the pentium,
-this instruction takes 4 cycles so is not worth using but on the
-pentium pro it appears it may be worth while.  I need access to one to
-experiment :-).
-
-eric (20 Oct 1996)
-
-22 Nov 1996 - I have asked people to run the 2 different version on pentium
-pros and it appears that the intel documentation is wrong.  The
-mov al,bh is still faster on a pentium pro, so just use the des586.pl
-install des686.pl
-
-3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these
-functions into des_enc.c because it does make a massive performance
-difference on some boxes to have the functions code located close to
-the des_encrypt2() function.
-
-9 Jan 1997 - des-som2.pl is now the correct perl script to use for
-pentiums.  It contains an inner loop from
-Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> which does raw ecb DES calls at
-273,000 per second.  He had a previous version at 250,000 and the best
-I was able to get was 203,000.  The content has not changed, this is all
-due to instruction sequencing (and actual instructions choice) which is able
-to keep both functional units of the pentium going.
-We may have lost the ugly register usage restrictions when x86 went 32 bit
-but for the pentium it has been replaced by evil instruction ordering tricks.
-
-13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf.
-raw DES at 281,000 per second on a pentium 100.
-
+First up, let me say I don't like writing in assembler.  It is not portable,
+dependant on the particular CPU architecture release and is generally a pig
+to debug and get right.  Having said that, the x86 architecture is probably
+the most important for speed due to number of boxes and since
+it appears to be the worst architecture to to get
+good C compilers for.  So due to this, I have lowered myself to do
+assembler for the inner DES routines in libdes :-).
+
+The file to implement in assembler is des_enc.c.  Replace the following
+4 functions
+des_encrypt(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
+des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
+
+They encrypt/decrypt the 64 bits held in 'data' using
+the 'ks' key schedules.   The only difference between the 4 functions is that
+des_encrypt2() does not perform IP() or FP() on the data (this is an
+optimization for when doing triple DES and des_encrypt3() and des_decrypt3()
+perform triple des.  The triple DES routines are in here because it does
+make a big difference to have them located near the des_encrypt2 function
+at link time..
+
+Now as we all know, there are lots of different operating systems running on
+x86 boxes, and unfortunately they normally try to make sure their assembler
+formating is not the same as the other peoples.
+The 4 main formats I know of are
+Microsoft	Windows 95/Windows NT
+Elf		Includes Linux and FreeBSD(?).
+a.out		The older Linux.
+Solaris		Same as Elf but different comments :-(.
+
+Now I was not overly keen to write 4 different copies of the same code,
+so I wrote a few perl routines to output the correct assembler, given
+a target assembler type.  This code is ugly and is just a hack.
+The libraries are x86unix.pl and x86ms.pl.
+des586.pl, des686.pl and des-som[23].pl are the programs to actually
+generate the assembler.
+
+So to generate elf assembler
+perl des-som3.pl elf >dx86-elf.s
+For Windows 95/NT
+perl des-som2.pl win32 >win32.asm
+
+[ update 4 Jan 1996 ]
+I have added another way to do things.
+perl des-som3.pl cpp >dx86-cpp.s
+generates a file that will be included by dx86unix.cpp when it is compiled.
+To build for elf, a.out, solaris, bsdi etc,
+cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
+cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o
+cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
+cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
+This was done to cut down the number of files in the distribution.
+
+Now the ugly part.  I acquired my copy of Intels
+"Optimization's For Intel's 32-Bit Processors" and found a few interesting
+things.  First, the aim of the exersize is to 'extract' one byte at a time
+from a word and do an array lookup.  This involves getting the byte from
+the 4 locations in the word and moving it to a new word and doing the lookup.
+The most obvious way to do this is
+xor	eax,	eax				# clear word
+movb	al,	cl				# get low byte
+xor	edi	DWORD PTR 0x100+des_SP[eax] 	# xor in word
+movb	al,	ch				# get next byte
+xor	edi	DWORD PTR 0x300+des_SP[eax] 	# xor in word
+shr	ecx	16
+which seems ok.  For the pentium, this system appears to be the best.
+One has to do instruction interleaving to keep both functional units
+operating, but it is basically very efficient.
+
+Now the crunch.  When a full register is used after a partial write, eg.
+mov	al,	cl
+xor	edi,	DWORD PTR 0x100+des_SP[eax]
+386	- 1 cycle stall
+486	- 1 cycle stall
+586	- 0 cycle stall
+686	- at least 7 cycle stall (page 22 of the above mentioned document).
+
+So the technique that produces the best results on a pentium, according to
+the documentation, will produce hideous results on a pentium pro.
+
+To get around this, des686.pl will generate code that is not as fast on
+a pentium, should be very good on a pentium pro.
+mov	eax,	ecx				# copy word 
+shr	ecx,	8				# line up next byte
+and	eax,	0fch				# mask byte
+xor	edi	DWORD PTR 0x100+des_SP[eax] 	# xor in array lookup
+mov	eax,	ecx				# get word
+shr	ecx	8				# line up next byte
+and	eax,	0fch				# mask byte
+xor	edi	DWORD PTR 0x300+des_SP[eax] 	# xor in array lookup
+
+Due to the execution units in the pentium, this actually works quite well.
+For a pentium pro it should be very good.  This is the type of output
+Visual C++ generates.
+
+There is a third option.  instead of using
+mov	al,	ch
+which is bad on the pentium pro, one may be able to use
+movzx	eax,	ch
+which may not incur the partial write penalty.  On the pentium,
+this instruction takes 4 cycles so is not worth using but on the
+pentium pro it appears it may be worth while.  I need access to one to
+experiment :-).
+
+eric (20 Oct 1996)
+
+22 Nov 1996 - I have asked people to run the 2 different version on pentium
+pros and it appears that the intel documentation is wrong.  The
+mov al,bh is still faster on a pentium pro, so just use the des586.pl
+install des686.pl
+
+3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these
+functions into des_enc.c because it does make a massive performance
+difference on some boxes to have the functions code located close to
+the des_encrypt2() function.
+
+9 Jan 1997 - des-som2.pl is now the correct perl script to use for
+pentiums.  It contains an inner loop from
+Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> which does raw ecb DES calls at
+273,000 per second.  He had a previous version at 250,000 and the best
+I was able to get was 203,000.  The content has not changed, this is all
+due to instruction sequencing (and actual instructions choice) which is able
+to keep both functional units of the pentium going.
+We may have lost the ugly register usage restrictions when x86 went 32 bit
+but for the pentium it has been replaced by evil instruction ordering tricks.
+
+13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf.
+raw DES at 281,000 per second on a pentium 100.
+
diff --git a/crypto/des/asm/y-win32.asm b/crypto/des/asm/y-win32.asm
new file mode 100644
index 0000000000..af5c102422
--- /dev/null
+++ b/crypto/des/asm/y-win32.asm
@@ -0,0 +1,929 @@
+	; Don't even think of reading this code
+	; It was automatically generated by crypt586.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, BSDI,Win32, or Solaris
+	; eric <eay@cryptsoft.com>
+	; 
+	TITLE	crypt586.asm
+        .386
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_fcrypt_body
+EXTRN   _des_SPtrans:DWORD
+_fcrypt_body PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	; 
+	; Load the 2 words
+	xor	edi,		edi
+	xor	esi,		esi
+	mov	ebp,		DWORD PTR 24[esp]
+	push	25
+L000start:
+	; 
+	; Round 0
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR [ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 4[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 1
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 8[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 12[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 2
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 16[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 20[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 3
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 24[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 28[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 4
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 32[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 36[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 5
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 40[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 44[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 6
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 48[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 52[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 7
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 56[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 60[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 8
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 64[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 68[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 9
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 72[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 76[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 10
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 80[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 84[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 11
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 88[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 92[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 12
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 96[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 100[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 13
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 104[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 108[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 14
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 112[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 116[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 15
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 120[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 124[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR [esp]
+	mov	eax,		edi
+	dec	ebx
+	mov	edi,		esi
+	mov	esi,		eax
+	mov	DWORD PTR [esp],ebx
+	jnz	L000start
+	; 
+	; FP
+	mov	edx,		DWORD PTR 24[esp]
+	ror	edi,		1
+	mov	eax,		esi
+	xor	esi,		edi
+	and	esi,		0aaaaaaaah
+	xor	eax,		esi
+	xor	edi,		esi
+	; 
+	rol	eax,		23
+	mov	esi,		eax
+	xor	eax,		edi
+	and	eax,		003fc03fch
+	xor	esi,		eax
+	xor	edi,		eax
+	; 
+	rol	esi,		10
+	mov	eax,		esi
+	xor	esi,		edi
+	and	esi,		033333333h
+	xor	eax,		esi
+	xor	edi,		esi
+	; 
+	rol	edi,		18
+	mov	esi,		edi
+	xor	edi,		eax
+	and	edi,		0fff0000fh
+	xor	esi,		edi
+	xor	eax,		edi
+	; 
+	rol	esi,		12
+	mov	edi,		esi
+	xor	esi,		eax
+	and	esi,		0f0f0f0f0h
+	xor	edi,		esi
+	xor	eax,		esi
+	; 
+	ror	eax,		4
+	mov	DWORD PTR [edx],eax
+	mov	DWORD PTR 4[edx],edi
+	pop	ecx
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_fcrypt_body ENDP
+_TEXT	ENDS
+END
diff --git a/crypto/des/asm/yx86unix.cpp b/crypto/des/asm/yx86unix.cpp
new file mode 100644
index 0000000000..8719e38607
--- /dev/null
+++ b/crypto/des/asm/yx86unix.cpp
@@ -0,0 +1,976 @@
+/* Run the C pre-processor over this file with one of the following defined
+ * ELF - elf object files,
+ * OUT - a.out object files,
+ * BSDI - BSDI style a.out object files
+ * SOL - Solaris style elf
+ */
+
+#define TYPE(a,b)       .type   a,b
+#define SIZE(a,b)       .size   a,b
+
+#if defined(OUT) || defined(BSDI)
+#define des_SPtrans _des_SPtrans
+#define fcrypt_body _fcrypt_body
+
+#endif
+
+#ifdef OUT
+#define OK	1
+#define ALIGN	4
+#endif
+
+#ifdef BSDI
+#define OK              1
+#define ALIGN           4
+#undef SIZE
+#undef TYPE
+#define SIZE(a,b)
+#define TYPE(a,b)
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK              1
+#define ALIGN           16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+/* Let the Assembler begin :-) */
+	/* Don't even think of reading this code */
+	/* It was automatically generated by crypt586.pl */
+	/* Which is a perl program used to generate the x86 assember for */
+	/* any of elf, a.out, BSDI,Win32, or Solaris */
+	/* eric <eay@cryptsoft.com> */
+
+	.file	"crypt586.s"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align ALIGN
+.globl fcrypt_body
+	TYPE(fcrypt_body,@function)
+fcrypt_body:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+
+
+	/* Load the 2 words */
+	xorl	%edi,		%edi
+	xorl	%esi,		%esi
+	movl	24(%esp),	%ebp
+	pushl	$25
+.L000start:
+
+	/* Round 0 */
+	movl	32(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	(%ebp),		%ebx
+	xorl	%ebx,		%eax
+	movl	4(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 1 */
+	movl	32(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	8(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	12(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 2 */
+	movl	32(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	16(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	20(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 3 */
+	movl	32(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	24(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	28(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 4 */
+	movl	32(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	32(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	36(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 5 */
+	movl	32(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	40(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	44(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 6 */
+	movl	32(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	48(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	52(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 7 */
+	movl	32(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	56(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	60(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 8 */
+	movl	32(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	64(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	68(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 9 */
+	movl	32(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	72(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	76(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 10 */
+	movl	32(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	80(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	84(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 11 */
+	movl	32(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	88(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	92(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 12 */
+	movl	32(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	96(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	100(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 13 */
+	movl	32(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	104(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	108(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 14 */
+	movl	32(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	112(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	116(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 15 */
+	movl	32(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	36(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	120(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	124(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	28(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+	movl	(%esp),		%ebx
+	movl	%edi,		%eax
+	decl	%ebx
+	movl	%esi,		%edi
+	movl	%eax,		%esi
+	movl	%ebx,		(%esp)
+	jnz	.L000start
+
+	/* FP */
+	movl	24(%esp),	%edx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	movl	%esi,		%eax
+	xorl	%edi,		%esi
+	andl	$0xaaaaaaaa,	%esi
+	xorl	%esi,		%eax
+	xorl	%esi,		%edi
+
+	roll	$23,		%eax
+	movl	%eax,		%esi
+	xorl	%edi,		%eax
+	andl	$0x03fc03fc,	%eax
+	xorl	%eax,		%esi
+	xorl	%eax,		%edi
+
+	roll	$10,		%esi
+	movl	%esi,		%eax
+	xorl	%edi,		%esi
+	andl	$0x33333333,	%esi
+	xorl	%esi,		%eax
+	xorl	%esi,		%edi
+
+	roll	$18,		%edi
+	movl	%edi,		%esi
+	xorl	%eax,		%edi
+	andl	$0xfff0000f,	%edi
+	xorl	%edi,		%esi
+	xorl	%edi,		%eax
+
+	roll	$12,		%esi
+	movl	%esi,		%edi
+	xorl	%eax,		%esi
+	andl	$0xf0f0f0f0,	%esi
+	xorl	%esi,		%edi
+	xorl	%esi,		%eax
+
+	rorl	$4,		%eax
+	movl	%eax,		(%edx)
+	movl	%edi,		4(%edx)
+	popl	%ecx
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.fcrypt_body_end:
+	SIZE(fcrypt_body,.fcrypt_body_end-fcrypt_body)
+.ident	"fcrypt_body"
diff --git a/crypto/des/cbc3_enc.c b/crypto/des/cbc3_enc.c
index e9bf500f44..92a78b05d6 100644
--- a/crypto/des/cbc3_enc.c
+++ b/crypto/des/cbc3_enc.c
@@ -1,5 +1,5 @@
 /* crypto/des/cbc3_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -58,7 +58,7 @@
 
 #include "des_locl.h"
 
-/* HAS BUGS? DON'T USE */
+/* HAS BUGS? DON'T USE - this is only present for use in des.c */
 void des_3cbc_encrypt(input, output, length, ks1, ks2, iv1, iv2, enc)
 des_cblock (*input);
 des_cblock (*output);
diff --git a/crypto/des/cbc_cksm.c b/crypto/des/cbc_cksm.c
index f6b32744eb..edfdec8a0f 100644
--- a/crypto/des/cbc_cksm.c
+++ b/crypto/des/cbc_cksm.c
@@ -1,5 +1,5 @@
 /* crypto/des/cbc_cksm.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/cbc_enc.c b/crypto/des/cbc_enc.c
index a06f9f99e3..a84a53633c 100644
--- a/crypto/des/cbc_enc.c
+++ b/crypto/des/cbc_enc.c
@@ -1,5 +1,5 @@
 /* crypto/des/cbc_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/cfb64ede.c b/crypto/des/cfb64ede.c
index f62373792b..80b8a9eaaa 100644
--- a/crypto/des/cfb64ede.c
+++ b/crypto/des/cfb64ede.c
@@ -1,5 +1,5 @@
 /* crypto/des/cfb64ede.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/cfb64enc.c b/crypto/des/cfb64enc.c
index 327e489635..403da479df 100644
--- a/crypto/des/cfb64enc.c
+++ b/crypto/des/cfb64enc.c
@@ -1,5 +1,5 @@
 /* crypto/des/cfb64enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/cfb_enc.c b/crypto/des/cfb_enc.c
index fb328328e6..342e785691 100644
--- a/crypto/des/cfb_enc.c
+++ b/crypto/des/cfb_enc.c
@@ -1,5 +1,5 @@
 /* crypto/des/cfb_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -93,7 +93,7 @@ int enc;
 		if (num == 32)
 			mask0=0xffffffffL;
 		else	mask0=(1L<<num)-1;
-		mask1=0x00000000;
+		mask1=0x00000000L;
 		}
 
 	iv=(unsigned char *)ivec;
diff --git a/crypto/des/des.c b/crypto/des/des.c
index 0376163ffd..c1e5005474 100644
--- a/crypto/des/des.c
+++ b/crypto/des/des.c
@@ -1,5 +1,5 @@
 /* crypto/des/des.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -99,6 +99,9 @@ void uufwriteEnd(FILE *fp);
 int uufread(unsigned char *out,int size,unsigned int num,FILE *fp);
 int uuencode(unsigned char *in,int num,unsigned char *out);
 int uudecode(unsigned char *in,int num,unsigned char *out);
+void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule sk1,des_key_schedule sk2,
+	des_cblock *ivec1,des_cblock *ivec2,int enc);
 #else
 void usage();
 void doencryption();
@@ -107,10 +110,11 @@ void uufwriteEnd();
 int uufread();
 int uuencode();
 int uudecode();
+void des_3cbc_encrypt();
 #endif
 
 #ifdef VMS
-#define EXIT(a) exit(a&0x10000000)
+#define EXIT(a) exit(a&0x10000000L)
 #else
 #define EXIT(a) exit(a)
 #endif
diff --git a/crypto/des/des.h b/crypto/des/des.h
index 1728fe8889..a4cf5c8770 100644
--- a/crypto/des/des.h
+++ b/crypto/des/des.h
@@ -161,9 +161,6 @@ void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
 void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
 	des_key_schedule schedule,des_cblock *ivec,
 	des_cblock *inw,des_cblock *outw,int enc);
-void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
-	des_key_schedule sk1,des_key_schedule sk2,
-	des_cblock *ivec1,des_cblock *ivec2,int enc);
 void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
 	long length,des_key_schedule schedule,des_cblock *ivec,int enc);
 void des_ecb_encrypt(des_cblock *input,des_cblock *output,
@@ -246,7 +243,6 @@ DES_LONG des_cbc_cksum();
 void des_cbc_encrypt();
 void des_ncbc_encrypt();
 void des_xcbc_encrypt();
-void des_3cbc_encrypt();
 void des_cfb_encrypt();
 void des_ede3_cfb64_encrypt();
 void des_ede3_ofb64_encrypt();
diff --git a/crypto/des/des.org b/crypto/des/des.org
index 1728fe8889..a4cf5c8770 100644
--- a/crypto/des/des.org
+++ b/crypto/des/des.org
@@ -161,9 +161,6 @@ void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
 void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
 	des_key_schedule schedule,des_cblock *ivec,
 	des_cblock *inw,des_cblock *outw,int enc);
-void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
-	des_key_schedule sk1,des_key_schedule sk2,
-	des_cblock *ivec1,des_cblock *ivec2,int enc);
 void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
 	long length,des_key_schedule schedule,des_cblock *ivec,int enc);
 void des_ecb_encrypt(des_cblock *input,des_cblock *output,
@@ -246,7 +243,6 @@ DES_LONG des_cbc_cksum();
 void des_cbc_encrypt();
 void des_ncbc_encrypt();
 void des_xcbc_encrypt();
-void des_3cbc_encrypt();
 void des_cfb_encrypt();
 void des_ede3_cfb64_encrypt();
 void des_ede3_ofb64_encrypt();
diff --git a/crypto/des/des3s.cpp b/crypto/des/des3s.cpp
new file mode 100644
index 0000000000..9aff6494d9
--- /dev/null
+++ b/crypto/des/des3s.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "des.h"
+
+void main(int argc,char *argv[])
+	{
+	des_key_schedule key1,key2,key3;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			des_encrypt3(&data[0],key1,key2,key3);
+			GetTSC(s1);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			GetTSC(e1);
+			GetTSC(s2);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			GetTSC(e2);
+			des_encrypt3(&data[0],key1,key2,key3);
+			}
+
+		printf("des %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/crypto/des/des_enc.c b/crypto/des/des_enc.c
index b04e12dc29..e4db09299e 100644
--- a/crypto/des/des_enc.c
+++ b/crypto/des/des_enc.c
@@ -1,5 +1,5 @@
 /* crypto/des/des_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -183,8 +183,8 @@ int enc;
 	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
 	 * for pointing this out. */
 	/* clear the top bits on machines with 8byte longs */
-	r=ROTATE(r,29)&0xffffffff;
-	l=ROTATE(l,29)&0xffffffff;
+	r=ROTATE(r,29)&0xffffffffL;
+	l=ROTATE(l,29)&0xffffffffL;
 
 	s=(DES_LONG *)ks;
 	/* I don't know if it is worth the effort of loop unrolling the
@@ -248,8 +248,8 @@ int enc;
 #endif
 		}
 	/* rotate and clear the top bits on machines with 8byte longs */
-	data[0]=ROTATE(l,3)&0xffffffff;
-	data[1]=ROTATE(r,3)&0xffffffff;
+	data[0]=ROTATE(l,3)&0xffffffffL;
+	data[1]=ROTATE(r,3)&0xffffffffL;
 	l=r=t=u=0;
 	}
 
@@ -299,3 +299,204 @@ des_key_schedule ks3;
 	data[1]=r;
 	}
 
+#ifndef DES_DEFAULT_OPTIONS
+
+void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int enc;
+	{
+	register DES_LONG tin0,tin1;
+	register DES_LONG tout0,tout1,xor0,xor1;
+	register unsigned char *in,*out;
+	register long l=length;
+	DES_LONG tin[2];
+	unsigned char *iv;
+
+	in=(unsigned char *)input;
+	out=(unsigned char *)output;
+	iv=(unsigned char *)ivec;
+
+	if (enc)
+		{
+		c2l(iv,tout0);
+		c2l(iv,tout1);
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+			tin0^=tout0; tin[0]=tin0;
+			tin1^=tout1; tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+			tout0=tin[0]; l2c(tout0,out);
+			tout1=tin[1]; l2c(tout1,out);
+			}
+		if (l != -8)
+			{
+			c2ln(in,tin0,tin1,l+8);
+			tin0^=tout0; tin[0]=tin0;
+			tin1^=tout1; tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+			tout0=tin[0]; l2c(tout0,out);
+			tout1=tin[1]; l2c(tout1,out);
+			}
+		iv=(unsigned char *)ivec;
+		l2c(tout0,iv);
+		l2c(tout1,iv);
+		}
+	else
+		{
+		c2l(iv,xor0);
+		c2l(iv,xor1);
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0); tin[0]=tin0;
+			c2l(in,tin1); tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2c(tout0,out);
+			l2c(tout1,out);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		if (l != -8)
+			{
+			c2l(in,tin0); tin[0]=tin0;
+			c2l(in,tin1); tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2cn(tout0,tout1,out,l+8);
+			xor0=tin0;
+			xor1=tin1;
+			}
+
+		iv=(unsigned char *)ivec;
+		l2c(xor0,iv);
+		l2c(xor1,iv);
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	tin[0]=tin[1]=0;
+	}
+
+void des_ede3_cbc_encrypt(input, output, length, ks1, ks2, ks3, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_key_schedule ks3;
+des_cblock (*ivec);
+int enc;
+	{
+	register DES_LONG tin0,tin1;
+	register DES_LONG tout0,tout1,xor0,xor1;
+	register unsigned char *in,*out;
+	register long l=length;
+	DES_LONG tin[2];
+	unsigned char *iv;
+
+	in=(unsigned char *)input;
+	out=(unsigned char *)output;
+	iv=(unsigned char *)ivec;
+
+	if (enc)
+		{
+		c2l(iv,tout0);
+		c2l(iv,tout1);
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+			tin0^=tout0;
+			tin1^=tout1;
+
+			tin[0]=tin0;
+			tin[1]=tin1;
+			des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+			tout0=tin[0];
+			tout1=tin[1];
+
+			l2c(tout0,out);
+			l2c(tout1,out);
+			}
+		if (l != -8)
+			{
+			c2ln(in,tin0,tin1,l+8);
+			tin0^=tout0;
+			tin1^=tout1;
+
+			tin[0]=tin0;
+			tin[1]=tin1;
+			des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+			tout0=tin[0];
+			tout1=tin[1];
+
+			l2c(tout0,out);
+			l2c(tout1,out);
+			}
+		iv=(unsigned char *)ivec;
+		l2c(tout0,iv);
+		l2c(tout1,iv);
+		}
+	else
+		{
+		register DES_LONG t0,t1;
+
+		c2l(iv,xor0);
+		c2l(iv,xor1);
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+
+			t0=tin0;
+			t1=tin1;
+
+			tin[0]=tin0;
+			tin[1]=tin1;
+			des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+			tout0=tin[0];
+			tout1=tin[1];
+
+			tout0^=xor0;
+			tout1^=xor1;
+			l2c(tout0,out);
+			l2c(tout1,out);
+			xor0=t0;
+			xor1=t1;
+			}
+		if (l != -8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+			
+			t0=tin0;
+			t1=tin1;
+
+			tin[0]=tin0;
+			tin[1]=tin1;
+			des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+			tout0=tin[0];
+			tout1=tin[1];
+		
+			tout0^=xor0;
+			tout1^=xor1;
+			l2cn(tout0,tout1,out,l+8);
+			xor0=t0;
+			xor1=t1;
+			}
+
+		iv=(unsigned char *)ivec;
+		l2c(xor0,iv);
+		l2c(xor1,iv);
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	tin[0]=tin[1]=0;
+	}
+
+#endif /* DES_DEFAULT_OPTIONS */
diff --git a/crypto/des/des_opts.c b/crypto/des/des_opts.c
index 8522c28a6e..fdf0fbf461 100644
--- a/crypto/des/des_opts.c
+++ b/crypto/des/des_opts.c
@@ -1,5 +1,5 @@
 /* crypto/des/des_opts.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/des_ver.h b/crypto/des/des_ver.h
index 98352bc0d4..7041a9271d 100644
--- a/crypto/des/des_ver.h
+++ b/crypto/des/des_ver.h
@@ -1,5 +1,5 @@
 /* crypto/des/des_ver.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/dess.cpp b/crypto/des/dess.cpp
new file mode 100644
index 0000000000..7fb5987314
--- /dev/null
+++ b/crypto/des/dess.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "des.h"
+
+void main(int argc,char *argv[])
+	{
+	des_key_schedule key;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			des_encrypt(&data[0],key,1);
+			GetTSC(s1);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			GetTSC(e1);
+			GetTSC(s2);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			GetTSC(e2);
+			des_encrypt(&data[0],key,1);
+			}
+
+		printf("des %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/crypto/des/destest.c b/crypto/des/destest.c
index 6aa582b19e..620c13ba6f 100644
--- a/crypto/des/destest.c
+++ b/crypto/des/destest.c
@@ -1,5 +1,5 @@
 /* crypto/des/destest.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -222,7 +222,16 @@ static unsigned char cbc_key [8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
 static unsigned char cbc2_key[8]={0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
 static unsigned char cbc3_key[8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
 static unsigned char cbc_iv  [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
-static char cbc_data[40]="7654321 Now is the time for ";
+/* Changed the following text constant to binary so it will work on ebcdic
+ * machines :-) */
+/* static char cbc_data[40]="7654321 Now is the time for \0001"; */
+static char cbc_data[40]={
+	0x37,0x36,0x35,0x34,0x33,0x32,0x31,0x20,
+	0x4E,0x6F,0x77,0x20,0x69,0x73,0x20,0x74,
+	0x68,0x65,0x20,0x74,0x69,0x6D,0x65,0x20,
+	0x66,0x6F,0x72,0x20,0x00,0x31,0x00,0x00,
+	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	};
 
 static unsigned char cbc_ok[32]={
 	0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
@@ -395,14 +404,17 @@ char *argv[];
 		}
 	memset(cbc_out,0,40);
 	memset(cbc_in,0,40);
-	des_cbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+	des_ncbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
 		(long)strlen((char *)cbc_data)+1,ks,
-		(C_Block *)cbc_iv,DES_ENCRYPT);
+		(C_Block *)iv3,DES_ENCRYPT);
 	if (memcmp(cbc_out,cbc_ok,32) != 0)
 		printf("cbc_encrypt encrypt error\n");
-	des_cbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+
+	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+	des_ncbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
 		(long)strlen((char *)cbc_data)+1,ks,
-		(C_Block *)cbc_iv,DES_DECRYPT);
+		(C_Block *)iv3,DES_DECRYPT);
 	if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)) != 0)
 		{
 		printf("cbc_encrypt decrypt error\n");
@@ -432,7 +444,7 @@ char *argv[];
 		(long)strlen((char *)cbc_data)+1,ks,
 		(C_Block *)iv3,
 		(C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_DECRYPT);
-	if (memcmp(cbc_in,cbc_data,32) != 0)
+	if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
 		{
 		printf("des_xcbc_encrypt decrypt error\n");
 		err=1;
@@ -458,7 +470,7 @@ char *argv[];
 	memset(cbc_out,0,40);
 	memset(cbc_in,0,40);
 	i=strlen((char *)cbc_data)+1;
-	i=((i+7)/8)*8;
+	/* i=((i+7)/8)*8; */
 	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
 
 	des_ede3_cbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
@@ -500,7 +512,7 @@ char *argv[];
 		}
 	des_pcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
 		(long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_DECRYPT);
-	if (memcmp(cbc_in,cbc_data,32) != 0)
+	if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0)
 		{
 		printf("pcbc_encrypt decrypt error\n");
 		err=1;
@@ -554,6 +566,12 @@ char *argv[];
 	if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
 		{
 		printf("ofb_encrypt encrypt error\n");
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf1[8+0], ofb_buf1[8+1], ofb_buf1[8+2], ofb_buf1[8+3],
+ofb_buf1[8+4], ofb_buf1[8+5], ofb_buf1[8+6], ofb_buf1[8+7]);
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf1[8+0], ofb_cipher[8+1], ofb_cipher[8+2], ofb_cipher[8+3],
+ofb_buf1[8+4], ofb_cipher[8+5], ofb_cipher[8+6], ofb_cipher[8+7]);
 		err=1;
 		}
 	memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
@@ -562,6 +580,12 @@ char *argv[];
 	if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
 		{
 		printf("ofb_encrypt decrypt error\n");
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf2[8+0], ofb_buf2[8+1], ofb_buf2[8+2], ofb_buf2[8+3],
+ofb_buf2[8+4], ofb_buf2[8+5], ofb_buf2[8+6], ofb_buf2[8+7]);
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+plain[8+0], plain[8+1], plain[8+2], plain[8+3],
+plain[8+4], plain[8+5], plain[8+6], plain[8+7]);
 		err=1;
 		}
 
@@ -636,10 +660,12 @@ char *argv[];
 	printf("Doing quad_cksum\n");
 	cs=quad_cksum((C_Block *)cbc_data,(C_Block *)qret,
 		(long)strlen(cbc_data),2,(C_Block *)cbc_iv);
+	j=sizeof(lqret[0])-4;
 	for (i=0; i<4; i++)
 		{
 		lqret[i]=0;
 		memcpy(&(lqret[i]),&(qret[i][0]),4);
+		if (j > 0) lqret[i]=lqret[i]>>(j*8); /* For Cray */
 		}
 	{ /* Big-endian fix */
 	static DES_LONG l=1;
@@ -692,7 +718,7 @@ char *argv[];
 	for (i=0; i<4; i++)
 		{
 		printf(" %d",i);
-		des_cbc_encrypt((C_Block *)&(cbc_out[i]),(C_Block *)cbc_in,
+		des_ncbc_encrypt((C_Block *)&(cbc_out[i]),(C_Block *)cbc_in,
 			(long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,
 			DES_ENCRYPT);
 		}
@@ -700,7 +726,7 @@ char *argv[];
 	for (i=0; i<4; i++)
 		{
 		printf(" %d",i);
-		des_cbc_encrypt((C_Block *)cbc_out,(C_Block *)&(cbc_in[i]),
+		des_ncbc_encrypt((C_Block *)cbc_out,(C_Block *)&(cbc_in[i]),
 			(long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,
 			DES_ENCRYPT);
 		}
diff --git a/crypto/des/ecb3_enc.c b/crypto/des/ecb3_enc.c
index 28c0d886b4..140f6b5285 100644
--- a/crypto/des/ecb3_enc.c
+++ b/crypto/des/ecb3_enc.c
@@ -1,5 +1,5 @@
 /* crypto/des/ecb3_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/ecb_enc.c b/crypto/des/ecb_enc.c
index fac4b41b19..acf23fdd00 100644
--- a/crypto/des/ecb_enc.c
+++ b/crypto/des/ecb_enc.c
@@ -1,5 +1,5 @@
 /* crypto/des/ecb_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -60,7 +60,7 @@
 #include "spr.h"
 
 char *libdes_version="libdes v 3.24 - 20-Apr-1996 - eay";
-char *DES_version="DES part of SSLeay 0.8.1b 29-Jun-1998";
+char *DES_version="DES part of SSLeay 0.9.0b 29-Jun-1998";
 
 char *des_options()
 	{
diff --git a/crypto/des/ede_enc.c b/crypto/des/ede_enc.c
index 20c3cf34a9..9f75dd1037 100644
--- a/crypto/des/ede_enc.c
+++ b/crypto/des/ede_enc.c
@@ -1,5 +1,5 @@
 /* crypto/des/ede_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -149,7 +149,7 @@ int enc;
 			{
 			c2l(in,tin0);
 			c2l(in,tin1);
-
+			
 			t0=tin0;
 			t1=tin1;
 
@@ -158,13 +158,14 @@ int enc;
 			des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
 			tout0=tin[0];
 			tout1=tin[1];
-
+		
 			tout0^=xor0;
 			tout1^=xor1;
 			l2cn(tout0,tout1,out,l+8);
 			xor0=t0;
 			xor1=t1;
 			}
+
 		iv=(unsigned char *)ivec;
 		l2c(xor0,iv);
 		l2c(xor1,iv);
diff --git a/crypto/des/enc_read.c b/crypto/des/enc_read.c
index 3b254d0fd5..e08a904d75 100644
--- a/crypto/des/enc_read.c
+++ b/crypto/des/enc_read.c
@@ -1,5 +1,5 @@
 /* crypto/des/enc_read.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -132,7 +132,9 @@ des_cblock (*iv);
 	while (net_num < HDRSIZE) 
 		{
 		i=read(fd,&(net[net_num]),(unsigned int)HDRSIZE-net_num);
+#ifdef EINTR
 		if ((i == -1) && (errno == EINTR)) continue;
+#endif
 		if (i <= 0) return(0);
 		net_num+=i;
 		}
@@ -152,7 +154,9 @@ des_cblock (*iv);
 	while (net_num < rnum)
 		{
 		i=read(fd,&(net[net_num]),(unsigned int)rnum-net_num);
+#ifdef EINTR
 		if ((i == -1) && (errno == EINTR)) continue;
+#endif
 		if (i <= 0) return(0);
 		net_num+=i;
 		}
diff --git a/crypto/des/enc_writ.c b/crypto/des/enc_writ.c
index 672c745664..29a7330fb0 100644
--- a/crypto/des/enc_writ.c
+++ b/crypto/des/enc_writ.c
@@ -1,5 +1,5 @@
 /* crypto/des/enc_writ.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -76,7 +76,7 @@ des_cblock (*iv);
 
 	long rnum;
 	int i,j,k,outnum;
-	char *outbuf=NULL;
+	static char *outbuf=NULL;
 	char shortbuf[8];
 	char *p;
 	static int start=1;
diff --git a/crypto/des/fcrypt.c b/crypto/des/fcrypt.c
index db9ad65c1d..129beb27da 100644
--- a/crypto/des/fcrypt.c
+++ b/crypto/des/fcrypt.c
@@ -55,7 +55,7 @@ static unsigned const char cov_2char[64]={
 void fcrypt_body(DES_LONG *out,des_key_schedule ks,
 	DES_LONG Eswap0, DES_LONG Eswap1);
 
-#ifdef PERL5
+#if defined(PERL5) || defined(FreeBSD)
 char *des_crypt(const char *buf,const char *salt);
 #else
 char *crypt(const char *buf,const char *salt);
@@ -69,7 +69,7 @@ char *crypt();
 #endif
 #endif
 
-#ifdef PERL5
+#if defined(PERL5) || defined(FreeBSD)
 char *des_crypt(buf,salt)
 #else
 char *crypt(buf,salt)
diff --git a/crypto/des/fcrypt_b.c b/crypto/des/fcrypt_b.c
index f929b66cfb..1544634bc1 100644
--- a/crypto/des/fcrypt_b.c
+++ b/crypto/des/fcrypt_b.c
@@ -1,5 +1,5 @@
 /* crypto/des/fcrypt_b.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/ncbc_enc.c b/crypto/des/ncbc_enc.c
index b79d965237..1d1a368c22 100644
--- a/crypto/des/ncbc_enc.c
+++ b/crypto/des/ncbc_enc.c
@@ -1,5 +1,5 @@
 /* crypto/des/ncbc_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -120,17 +120,6 @@ int enc;
 			xor0=tin0;
 			xor1=tin1;
 			}
-		if (l != -8)
-			{
-			c2l(in,tin0); tin[0]=tin0;
-			c2l(in,tin1); tin[1]=tin1;
-			des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2cn(tout0,tout1,out,l+8);
-			xor0=tin0;
-			xor1=tin1;
-			}
 		iv=(unsigned char *)ivec;
 		l2c(xor0,iv);
 		l2c(xor1,iv);
diff --git a/crypto/des/ofb64ede.c b/crypto/des/ofb64ede.c
index 6a6b95c769..4b1b0199f1 100644
--- a/crypto/des/ofb64ede.c
+++ b/crypto/des/ofb64ede.c
@@ -1,5 +1,5 @@
 /* crypto/des/ofb64ede.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -91,8 +91,8 @@ int *num;
 		{
 		if (n == 0)
 			{
-			ti[0]=v0;
-			ti[1]=v1;
+			/* ti[0]=v0; */
+			/* ti[1]=v1; */
 			des_encrypt3((DES_LONG *)ti,k1,k2,k3);
 			v0=ti[0];
 			v1=ti[1];
diff --git a/crypto/des/ofb64enc.c b/crypto/des/ofb64enc.c
index fe4073981d..ea7e612697 100644
--- a/crypto/des/ofb64enc.c
+++ b/crypto/des/ofb64enc.c
@@ -1,5 +1,5 @@
 /* crypto/des/ofb64enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/ofb_enc.c b/crypto/des/ofb_enc.c
index 9b2ecb6749..4db0cdbd60 100644
--- a/crypto/des/ofb_enc.c
+++ b/crypto/des/ofb_enc.c
@@ -1,5 +1,5 @@
 /* crypto/des/ofb_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -72,7 +72,7 @@ long length;
 des_key_schedule schedule;
 des_cblock (*ivec);
 	{
-	register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;
+	register DES_LONG d0,d1,vv0,vv1,v0,v1,n=(numbits+7)/8;
 	register DES_LONG mask0,mask1;
 	register long l=length;
 	register int num=numbits;
@@ -94,7 +94,7 @@ des_cblock (*ivec);
 			mask0=0xffffffffL;
 		else
 			mask0=(1L<<num)-1;
-		mask1=0x00000000;
+		mask1=0x00000000L;
 		}
 
 	iv=(unsigned char *)ivec;
@@ -104,19 +104,36 @@ des_cblock (*ivec);
 	ti[1]=v1;
 	while (l-- > 0)
 		{
+		ti[0]=v0;
+		ti[1]=v1;
 		des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+		vv0=ti[0];
+		vv1=ti[1];
 		c2ln(in,d0,d1,n);
 		in+=n;
-		d0=(d0^ti[0])&mask0;
-		d1=(d1^ti[1])&mask1;
+		d0=(d0^vv0)&mask0;
+		d1=(d1^vv1)&mask1;
 		l2cn(d0,d1,out,n);
 		out+=n;
+
+		if (num == 32)
+			{ v0=v1; v1=vv0; }
+		else if (num == 64)
+				{ v0=vv0; v1=vv1; }
+		else if (num > 32) /* && num != 64 */
+			{
+			v0=((v1>>(num-32))|(vv0<<(64-num)))&0xffffffffL;
+			v1=((vv0>>(num-32))|(vv1<<(64-num)))&0xffffffffL;
+			}
+		else /* num < 32 */
+			{
+			v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
+			v1=((v1>>num)|(vv0<<(32-num)))&0xffffffffL;
+			}
 		}
-	v0=ti[0];
-	v1=ti[1];
 	iv=(unsigned char *)ivec;
 	l2c(v0,iv);
 	l2c(v1,iv);
-	v0=v1=d0=d1=ti[0]=ti[1]=0;
+	v0=v1=d0=d1=ti[0]=ti[1]=vv0=vv1=0;
 	}
 
diff --git a/crypto/des/options.txt b/crypto/des/options.txt
index 9fe648816a..6e2b50f765 100644
--- a/crypto/des/options.txt
+++ b/crypto/des/options.txt
@@ -3,13 +3,13 @@ instead of the default 4.
 RISC1 and RISC2 are 2 alternatives for the inner loop and
 PTR means to use pointers arithmatic instead of arrays.
 
-FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - assember		577,000 4620k/s
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - assembler		577,000 4620k/s
 IRIX 6.2 - R10000 195mhz - cc (-O3 -n32) - UNROLL RISC2 PTR	496,000 3968k/s
 solaris 2.5.1 usparc 167mhz?? - SC4.0 - UNROLL RISC1 PTR [1]	459,400 3672k/s
 FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - UNROLL RISC1	433,000 3468k/s
 solaris 2.5.1 usparc 167mhz?? - gcc 2.7.2 - UNROLL 		380,000 3041k/s
-linux - pentium 100mhz - gcc 2.7.0 - assember			281,000 2250k/s
-NT 4.0 - pentium 100mhz - VC 4.2 - assember			281,000 2250k/s
+linux - pentium 100mhz - gcc 2.7.0 - assembler			281,000 2250k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - assembler			281,000 2250k/s
 AIX 4.1? - PPC604 100mhz - cc - UNROLL 				275,000 2200k/s
 IRIX 5.3 - R4400 200mhz - gcc 2.6.3 - UNROLL RISC2 PTR		235,300 1882k/s
 IRIX 5.3 - R4400 200mhz - cc - UNROLL RISC2 PTR			233,700 1869k/s
@@ -20,7 +20,7 @@ HPUX 10 - 9000/887 - cc - UNROLL [3]	 			148,000	1190k/s
 solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2 - UNROLL		123,600  989k/s
 IRIX 5.3 - R4000 100mhz - cc - UNROLL RISC2 PTR			101,000  808k/s
 DGUX - 88100 50mhz(?) - gcc 2.6.3 - UNROLL			 81,000  648k/s
-solaris 2.4 486 50mhz - gcc 2.6.3 - assember			 65,000  522k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - assembler			 65,000  522k/s
 HPUX 10 - 9000/887 - k&r cc (default compiler) - UNROLL PTR	 76,000	 608k/s
 solaris 2.4 486 50mhz - gcc 2.6.3 - UNROLL RISC2		 43,500  344k/s
 AIX - old slow one :-) - cc -					 39,000  312k/s
diff --git a/crypto/des/pcbc_enc.c b/crypto/des/pcbc_enc.c
index 8adba1aad3..4513207d90 100644
--- a/crypto/des/pcbc_enc.c
+++ b/crypto/des/pcbc_enc.c
@@ -1,5 +1,5 @@
 /* crypto/des/pcbc_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/podd.h b/crypto/des/podd.h
index c00cd6ba0c..1b2bfe0843 100644
--- a/crypto/des/podd.h
+++ b/crypto/des/podd.h
@@ -1,5 +1,5 @@
 /* crypto/des/podd.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/qud_cksm.c b/crypto/des/qud_cksm.c
index 39e8f40fa9..8526abf334 100644
--- a/crypto/des/qud_cksm.c
+++ b/crypto/des/qud_cksm.c
@@ -1,5 +1,5 @@
 /* crypto/des/qud_cksm.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/rand_key.c b/crypto/des/rand_key.c
index feb7ba75bc..8c30bd029a 100644
--- a/crypto/des/rand_key.c
+++ b/crypto/des/rand_key.c
@@ -1,5 +1,5 @@
 /* crypto/des/rand_key.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/ranlib.sh b/crypto/des/ranlib.sh
new file mode 100644
index 0000000000..543f712c6b
--- /dev/null
+++ b/crypto/des/ranlib.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+cwd=`pwd`
+cd /tmp
+
+if [ -s /bin/ranlib ] ; then 
+	RL=/bin/ranlib
+else if [ -s /usr/bin/ranlib ] ; then
+	RL=/usr/bin/ranlib
+fi
+fi
+
+if [ "x$RL" != "x" ]
+then
+	case "$1" in
+		/*)  
+		$RL "$1"
+		;;
+		*)
+		$RL "$cwd/$1"
+		;;
+	esac
+fi
diff --git a/crypto/des/read2pwd.c b/crypto/des/read2pwd.c
index 84136b950b..a0d53793e4 100644
--- a/crypto/des/read2pwd.c
+++ b/crypto/des/read2pwd.c
@@ -1,5 +1,5 @@
 /* crypto/des/read2pwd.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/read_pwd.c b/crypto/des/read_pwd.c
index 75d035cf9c..99920f2f86 100644
--- a/crypto/des/read_pwd.c
+++ b/crypto/des/read_pwd.c
@@ -1,5 +1,5 @@
 /* crypto/des/read_pwd.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -56,6 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
+/* #define SIGACTION */ /* Define this if you have sigaction() */
 #ifdef WIN16TTY
 #undef WIN16
 #undef _WINDOWS
@@ -164,10 +165,14 @@ static int noecho_fgets();
 #endif
 #endif
 
-#ifndef NOPROTO
-static void (*savsig[NX509_SIG])(int );
+#ifdef SIGACTION
+ static struct sigaction savsig[NX509_SIG];
 #else
-static void (*savsig[NX509_SIG])();
+# ifndef NOPROTO
+  static void (*savsig[NX509_SIG])(int );
+# else
+  static void (*savsig[NX509_SIG])();
+# endif
 #endif
 static jmp_buf save;
 
@@ -242,6 +247,13 @@ int verify;
 			is_a_tty=0;
 		else
 #endif
+#ifdef EINVAL
+		/* Ariel Glenn ariel@columbia.edu reports that solaris
+		 * can return EINVAL instead.  This should be ok */
+		if (errno == EINVAL)
+			is_a_tty=0;
+		else
+#endif
 			return(-1);
 		}
 	memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
@@ -359,7 +371,21 @@ static void pushsig()
 	int i;
 
 	for (i=1; i<NX509_SIG; i++)
+		{
+#ifdef SIGUSR1
+		if (i == SIGUSR1)
+			continue;
+#endif
+#ifdef SIGUSR2
+		if (i == SIGUSR2)
+			continue;
+#endif
+#ifdef SIGACTION
+		sigaction(i,NULL,&savsig[i]);
+#else
 		savsig[i]=signal(i,recsig);
+#endif
+		}
 
 #ifdef SIGWINCH
 	signal(SIGWINCH,SIG_DFL);
@@ -371,7 +397,21 @@ static void popsig()
 	int i;
 
 	for (i=1; i<NX509_SIG; i++)
+		{
+#ifdef SIGUSR1
+		if (i == SIGUSR1)
+			continue;
+#endif
+#ifdef SIGUSR2
+		if (i == SIGUSR2)
+			continue;
+#endif
+#ifdef SIGACTION
+		sigaction(i,&savsig[i],NULL);
+#else
 		signal(i,savsig[i]);
+#endif
+		}
 	}
 
 static void recsig(i)
diff --git a/crypto/des/rpc_des.h b/crypto/des/rpc_des.h
index 4d53eea8c7..4cbb4d2dcd 100644
--- a/crypto/des/rpc_des.h
+++ b/crypto/des/rpc_des.h
@@ -1,5 +1,5 @@
 /* crypto/des/rpc_des.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/rpc_enc.c b/crypto/des/rpc_enc.c
index b7eeb09144..7c1da1f538 100644
--- a/crypto/des/rpc_enc.c
+++ b/crypto/des/rpc_enc.c
@@ -1,5 +1,5 @@
 /* crypto/des/rpc_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/rpw.c b/crypto/des/rpw.c
index 93793c6f53..6447ed9cf0 100644
--- a/crypto/des/rpw.c
+++ b/crypto/des/rpw.c
@@ -1,5 +1,5 @@
 /* crypto/des/rpw.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c
index 99ac273484..c3bcd7ee2b 100644
--- a/crypto/des/set_key.c
+++ b/crypto/des/set_key.c
@@ -1,5 +1,5 @@
 /* crypto/des/set_key.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/sk.h b/crypto/des/sk.h
index 2407030704..f2ade88c7c 100644
--- a/crypto/des/sk.h
+++ b/crypto/des/sk.h
@@ -1,5 +1,5 @@
 /* crypto/des/sk.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/speed.c b/crypto/des/speed.c
index 250b697135..5bbe8b01d6 100644
--- a/crypto/des/speed.c
+++ b/crypto/des/speed.c
@@ -1,5 +1,5 @@
 /* crypto/des/speed.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -317,11 +317,11 @@ char **argv;
 	printf("%ld crypts in %.2f second\n",count,e);
 	e=((double)COUNT(ce))/e;
 
-	printf("set_key            per sec = %12.2f (%5.1fuS)\n",a,1.0e6/a);
-	printf("DES raw ecb bytes  per sec = %12.2f (%5.1fuS)\n",b,8.0e6/b);
-	printf("DES cbc bytes      per sec = %12.2f (%5.1fuS)\n",c,8.0e6/c);
-	printf("DES ede cbc bytes  per sec = %12.2f (%5.1fuS)\n",d,8.0e6/d);
-	printf("crypt              per sec = %12.2f (%5.1fuS)\n",e,1.0e6/e);
+	printf("set_key            per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+	printf("DES raw ecb bytes  per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
+	printf("DES cbc bytes      per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+	printf("DES ede cbc bytes  per sec = %12.2f (%9.3fuS)\n",d,8.0e6/d);
+	printf("crypt              per sec = %12.2f (%9.3fuS)\n",e,1.0e6/e);
 	exit(0);
 #if defined(LINT) || defined(MSDOS)
 	return(0);
diff --git a/crypto/des/spr.h b/crypto/des/spr.h
index a84d6a723f..81813f9f7a 100644
--- a/crypto/des/spr.h
+++ b/crypto/des/spr.h
@@ -1,5 +1,5 @@
 /* crypto/des/spr.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/str2key.c b/crypto/des/str2key.c
index 65a1184653..3365c1bcf3 100644
--- a/crypto/des/str2key.c
+++ b/crypto/des/str2key.c
@@ -1,5 +1,5 @@
 /* crypto/des/str2key.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/des/supp.c b/crypto/des/supp.c
index 56bd85beff..75c1015252 100644
--- a/crypto/des/supp.c
+++ b/crypto/des/supp.c
@@ -1,5 +1,5 @@
 /* crypto/des/supp.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -87,7 +87,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $Id: supp.c,v 1.1 1998/12/21 10:52:29 rse Exp $
+ * $Id: supp.c,v 1.1.1.2 1998/12/21 10:55:04 rse Exp $
  */
 
 #include <stdio.h>
diff --git a/crypto/des/xcbc_enc.c b/crypto/des/xcbc_enc.c
index fa251170fb..031589bf50 100644
--- a/crypto/des/xcbc_enc.c
+++ b/crypto/des/xcbc_enc.c
@@ -1,5 +1,5 @@
 /* crypto/des/xcbc_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/dh/Makefile.ssl b/crypto/dh/Makefile.ssl
index 7e0c1e1049..dfa7e4525d 100644
--- a/crypto/dh/Makefile.ssl
+++ b/crypto/dh/Makefile.ssl
@@ -79,6 +79,6 @@ clean:
 
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
index 44978028b7..4cc1df2650 100644
--- a/crypto/dh/dh.h
+++ b/crypto/dh/dh.h
@@ -1,5 +1,5 @@
 /* crypto/dh/dh.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -106,13 +106,13 @@ DH *	DH_new(void);
 void	DH_free(DH *dh);
 int	DH_size(DH *dh);
 DH *	DH_generate_parameters(int prime_len,int generator,
-		void (*callback)(int,int));
+		void (*callback)(int,int,char *),char *cb_arg);
 int	DH_check(DH *dh,int *codes);
 int	DH_generate_key(DH *dh);
 int	DH_compute_key(unsigned char *key,BIGNUM *pub_key,DH *dh);
 DH *	d2i_DHparams(DH **a,unsigned char **pp, long length);
 int	i2d_DHparams(DH *a,unsigned char **pp);
-#ifndef WIN16
+#ifndef NO_FP_API
 int	DHparams_print_fp(FILE *fp, DH *x);
 #endif
 #ifdef HEADER_BIO_H
@@ -133,7 +133,7 @@ int	DH_generate_key();
 int	DH_compute_key();
 DH *	d2i_DHparams();
 int	i2d_DHparams();
-#ifndef WIN16
+#ifndef NO_FP_API
 int	DHparams_print_fp();
 #endif
 int	DHparams_print();
diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
index 8da8dc8393..65602e494f 100644
--- a/crypto/dh/dh_check.c
+++ b/crypto/dh/dh_check.c
@@ -1,5 +1,5 @@
 /* crypto/dh/dh_check.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -104,12 +104,12 @@ int *ret;
 	else
 		*ret|=DH_UNABLE_TO_CHECK_GENERATOR;
 
-	if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx))
+	if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL))
 		*ret|=DH_CHECK_P_NOT_PRIME;
 	else
 		{
 		if (!BN_rshift1(q,dh->p)) goto err;
-		if (!BN_is_prime(q,BN_prime_checks,NULL,ctx))
+		if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL))
 			*ret|=DH_CHECK_P_NOT_STRONG_PRIME;
 		}
 	ok=1;
diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c
index 1950f43f62..9d5c06ac24 100644
--- a/crypto/dh/dh_err.c
+++ b/crypto/dh/dh_err.c
@@ -60,6 +60,7 @@
 #include "dh.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA DH_str_functs[]=
 	{
 {ERR_PACK(0,DH_F_DHPARAMS_PRINT,0),	"DHparams_print"},
@@ -77,14 +78,19 @@ static ERR_STRING_DATA DH_str_reasons[]=
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_DH_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_DH,DH_str_functs);
 		ERR_load_strings(ERR_LIB_DH,DH_str_reasons);
+#endif
+
 		}
 	}
diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c
index ff4f18e1e0..04c7046a7b 100644
--- a/crypto/dh/dh_gen.c
+++ b/crypto/dh/dh_gen.c
@@ -1,5 +1,5 @@
 /* crypto/dh/dh_gen.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -83,10 +83,11 @@
  * this generator function can take a very very long time to run.
  */
 
-DH *DH_generate_parameters(prime_len,generator,callback)
+DH *DH_generate_parameters(prime_len,generator,callback,cb_arg)
 int prime_len;
 int generator;
-void (*callback)(P_I_I);
+void (*callback)(P_I_I_P);
+char *cb_arg;
 	{
 	BIGNUM *p=NULL,*t1,*t2;
 	DH *ret=NULL;
@@ -125,9 +126,9 @@ void (*callback)(P_I_I);
 	else
 		g=generator;
 	
-	p=BN_generate_prime(prime_len,1,t1,t2,callback);
+	p=BN_generate_prime(prime_len,1,t1,t2,callback,cb_arg);
 	if (p == NULL) goto err;
-	if (callback != NULL) callback(3,0);
+	if (callback != NULL) callback(3,0,cb_arg);
 	ret->p=p;
 	ret->g=BN_new();
 	if (!BN_set_word(ret->g,g)) goto err;
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index 12f47c4574..7576772bcd 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -1,5 +1,5 @@
 /* crypto/dh/dh_key.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
index 786a2c14b4..a300b38396 100644
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -1,5 +1,5 @@
 /* crypto/dh/dh_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -61,7 +61,7 @@
 #include "bn.h"
 #include "dh.h"
 
-char *DH_version="Diffie-Hellman part of SSLeay 0.8.1b 29-Jun-1998";
+char *DH_version="Diffie-Hellman part of SSLeay 0.9.0b 29-Jun-1998";
 
 DH *DH_new()
 	{
diff --git a/crypto/dh/dhtest.c b/crypto/dh/dhtest.c
index b338715880..488f10fd41 100644
--- a/crypto/dh/dhtest.c
+++ b/crypto/dh/dhtest.c
@@ -1,5 +1,5 @@
 /* crypto/dh/dhtest.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -59,8 +59,8 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#ifdef WIN16
-#define APPS_WIN16
+#ifdef WINDOWS
+#include "../bio/bss_file.c" 
 #endif
 #include "crypto.h"
 #include "bio.h"
@@ -74,14 +74,14 @@
 #endif
 
 #ifndef NOPROTO
-static void MS_CALLBACK cb(int p, int n);
+static void MS_CALLBACK cb(int p, int n, char *arg);
 #else
 static void MS_CALLBACK cb();
 #endif
 
-#ifdef WIN16
+#ifdef NO_STDIO
 #define APPS_WIN16
-#include "../bio/bss_file.c"
+#include "bss_file.c"
 #endif
 
 BIO *out=NULL;
@@ -103,7 +103,7 @@ char *argv[];
 	if (out == NULL) exit(1);
 	BIO_set_fp(out,stdout,BIO_NOCLOSE);
 
-	a=DH_generate_parameters(64,DH_GENERATOR_5,cb);
+	a=DH_generate_parameters(64,DH_GENERATOR_5,cb,(char *)out);
 	if (a == NULL) goto err;
 
 	BIO_puts(out,"\np    =");
@@ -170,9 +170,10 @@ err:
 	return(ret);
 	}
 
-static void MS_CALLBACK cb(p, n)
+static void MS_CALLBACK cb(p, n,arg)
 int p;
 int n;
+char *arg;
 	{
 	char c='*';
 
@@ -180,7 +181,7 @@ int n;
 	if (p == 1) c='+';
 	if (p == 2) c='*';
 	if (p == 3) c='\n';
-	BIO_write(out,&c,1);
+	BIO_write((BIO *)arg,&c,1);
 #ifdef LINT
 	p=n;
 #endif
diff --git a/crypto/dh/p1024.c b/crypto/dh/p1024.c
index 7f8cd56d5a..0c50c24cfb 100644
--- a/crypto/dh/p1024.c
+++ b/crypto/dh/p1024.c
@@ -1,5 +1,5 @@
 /* crypto/dh/p1024.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/dh/p192.c b/crypto/dh/p192.c
index c96972c8c6..881908169a 100644
--- a/crypto/dh/p192.c
+++ b/crypto/dh/p192.c
@@ -1,5 +1,5 @@
 /* crypto/dh/p192.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/dh/p512.c b/crypto/dh/p512.c
index 6105612cf9..cc84e8e50e 100644
--- a/crypto/dh/p512.c
+++ b/crypto/dh/p512.c
@@ -1,5 +1,5 @@
 /* crypto/dh/p512.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/dsa/Makefile.ssl b/crypto/dsa/Makefile.ssl
index 7b9c9cf4ce..2cc4ddb39e 100644
--- a/crypto/dsa/Makefile.ssl
+++ b/crypto/dsa/Makefile.ssl
@@ -79,6 +79,6 @@ clean:
 
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h
index e5dfafe214..1ca87c1cbe 100644
--- a/crypto/dsa/dsa.h
+++ b/crypto/dsa/dsa.h
@@ -1,5 +1,5 @@
 /* crypto/dsa/dsa.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -106,7 +106,6 @@ typedef struct dsa_st
 
 DSA *	DSA_new(void);
 int	DSA_size(DSA *);
-	/* DSA *	DSA_generate_key(int bits, void (*callback)()); */
 	/* next 4 return -1 on error */
 int	DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
 int	DSA_sign(int type,unsigned char *dgst,int dlen,
@@ -121,7 +120,8 @@ DSA *	d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
 DSA *	d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
 DSA * 	d2i_DSAparams(DSA **a, unsigned char **pp, long length);
 DSA *	DSA_generate_parameters(int bits, unsigned char *seed,int seed_len,
-		int *counter_ret, unsigned long *h_ret,void (*callback)());
+		int *counter_ret, unsigned long *h_ret,void
+		(*callback)(),char *cb_arg);
 int	DSA_generate_key(DSA *a);
 int	i2d_DSAPublicKey(DSA *a, unsigned char **pp);
 int 	i2d_DSAPrivateKey(DSA *a, unsigned char **pp);
@@ -131,12 +131,12 @@ int	i2d_DSAparams(DSA *a,unsigned char **pp);
 int	DSAparams_print(BIO *bp, DSA *x);
 int	DSA_print(BIO *bp, DSA *x, int off);
 #endif
-#ifndef WIN16
+#ifndef NO_FP_API
 int	DSAparams_print_fp(FILE *fp, DSA *x);
 int	DSA_print_fp(FILE *bp, DSA *x, int off);
 #endif
 
-int DSA_is_prime(BIGNUM *q,void (*callback)());
+int DSA_is_prime(BIGNUM *q,void (*callback)(),char *cb_arg);
 
 #else
 
@@ -163,7 +163,7 @@ int	DSA_is_prime();
 int	DSAparams_print();
 int	DSA_print();
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int	DSAparams_print_fp();
 int	DSA_print_fp();
 #endif
diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c
index ec0699d282..318e9f31aa 100644
--- a/crypto/dsa/dsa_err.c
+++ b/crypto/dsa/dsa_err.c
@@ -60,6 +60,7 @@
 #include "dsa.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA DSA_str_functs[]=
 	{
 {ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0),	"DSAparams_print"},
@@ -80,14 +81,19 @@ static ERR_STRING_DATA DSA_str_reasons[]=
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_DSA_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_DSA,DSA_str_functs);
 		ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons);
+#endif
+
 		}
 	}
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index 2b80104e7b..d7d30bf90a 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -1,5 +1,5 @@
 /* crypto/dsa/dsa_gen.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -72,13 +72,15 @@
 #include "dsa.h"
 #include "rand.h"
 
-DSA *DSA_generate_parameters(bits,seed_in,seed_len,counter_ret,h_ret,callback)
+DSA *DSA_generate_parameters(bits,seed_in,seed_len,counter_ret,h_ret,callback,
+	cb_arg)
 int bits;
 unsigned char *seed_in;
 int seed_len;
 int *counter_ret;
 unsigned long *h_ret;
 void (*callback)();
+char *cb_arg;
 	{
 	int ok=0;
 	unsigned char seed[SHA_DIGEST_LENGTH];
@@ -120,7 +122,7 @@ void (*callback)();
 		for (;;)
 			{
 			/* step 1 */
-			if (callback != NULL) callback(0,m++);
+			if (callback != NULL) callback(0,m++,cb_arg);
 
 			if (!seed_len)
 				RAND_bytes(seed,SHA_DIGEST_LENGTH);
@@ -147,13 +149,13 @@ void (*callback)();
 			if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) abort();
 
 			/* step 4 */
-			if (DSA_is_prime(q,callback) > 0) break;
+			if (DSA_is_prime(q,callback,cb_arg) > 0) break;
 			/* do a callback call */
 			/* step 5 */
 			}
 
-		if (callback != NULL) callback(2,0);
-		if (callback != NULL) callback(3,0);
+		if (callback != NULL) callback(2,0,cb_arg);
+		if (callback != NULL) callback(3,0,cb_arg);
 
 		/* step 6 */
 		counter=0;
@@ -196,7 +198,7 @@ void (*callback)();
 			if (BN_cmp(p,test) >= 0)
 				{
 				/* step 11 */
-				if (DSA_is_prime(p,callback) > 0)
+				if (DSA_is_prime(p,callback,cb_arg) > 0)
 					goto end;
 				}
 
@@ -206,11 +208,11 @@ void (*callback)();
 			/* step 14 */
 			if (counter >= 4096) break;
 
-			if (callback != NULL) callback(0,counter);
+			if (callback != NULL) callback(0,counter,cb_arg);
 			}
 		}
 end:
-	if (callback != NULL) callback(2,1);
+	if (callback != NULL) callback(2,1,cb_arg);
 
 	/* We now need to gernerate g */
 	/* Set r0=(p-1)/q */
@@ -227,7 +229,7 @@ end:
 		h++;
 		}
 
-	if (callback != NULL) callback(3,1);
+	if (callback != NULL) callback(3,1,cb_arg);
 
 	ok=1;
 err:
@@ -249,9 +251,10 @@ err:
 	return(ok?ret:NULL);
 	}
 
-int DSA_is_prime(w, callback)
+int DSA_is_prime(w, callback,cb_arg)
 BIGNUM *w;
 void (*callback)();
+char *cb_arg;
 	{
 	int ok= -1,j,i,n;
 	BN_CTX *ctx=NULL,*ctx2=NULL;
@@ -310,7 +313,7 @@ void (*callback)();
 				}
 
 			if (!BN_mod_mul(z,z,z,w,ctx)) goto err;
-			if (callback != NULL) callback(1,j);
+			if (callback != NULL) callback(1,j,cb_arg);
 			}
 		}
 
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index 2c70248687..d51ed9395f 100644
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -1,5 +1,5 @@
 /* crypto/dsa/dsa_key.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
index e666db07f0..b647257f9f 100644
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -1,5 +1,5 @@
 /* crypto/dsa/dsa_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -64,7 +64,7 @@
 #include "dsa.h"
 #include "asn1.h"
 
-char *DSA_version="\0DSA part of SSLeay 0.8.1b 29-Jun-1998";
+char *DSA_version="\0DSA part of SSLeay 0.9.0b 29-Jun-1998";
 
 DSA *DSA_new()
 	{
@@ -101,6 +101,9 @@ DSA *r;
 	if (r == NULL) return;
 
 	i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA);
+#ifdef REF_PRINT
+	REF_PRINT("DSA",r);
+#endif
 	if (i > 0) return;
 #ifdef REF_CHECK
 	if (i < 0)
diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c
index ebb758feb5..6ca1c318f2 100644
--- a/crypto/dsa/dsa_sign.c
+++ b/crypto/dsa/dsa_sign.c
@@ -1,5 +1,5 @@
 /* crypto/dsa/dsa_sign.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/dsa/dsa_vrf.c b/crypto/dsa/dsa_vrf.c
index a217f8631c..0f860984ed 100644
--- a/crypto/dsa/dsa_vrf.c
+++ b/crypto/dsa/dsa_vrf.c
@@ -1,5 +1,5 @@
 /* crypto/dsa/dsa_vrf.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/dsa/dsagen.c b/crypto/dsa/dsagen.c
index 3422d877f4..20335de250 100644
--- a/crypto/dsa/dsagen.c
+++ b/crypto/dsa/dsagen.c
@@ -1,5 +1,5 @@
 /* crypto/dsa/dsagen.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -98,8 +98,15 @@ main()
 	unsigned char seed_buf[20];
 	DSA *dsa;
 	int counter,h;
+	BIO *bio_err=NULL;
+
+	if (bio_err == NULL)
+		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
 
 	memcpy(seed_buf,seed,20);
-	dsa=DSA_generate_key(1024,seed,20,&counter,&h,cb);
+	dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb);
+
+	if (dsa == NULL)
+		DSA_print(bio_err,dsa,0);
 	}
 
diff --git a/crypto/dsa/dsatest.c b/crypto/dsa/dsatest.c
index 894d2dbf04..39bb712c4a 100644
--- a/crypto/dsa/dsatest.c
+++ b/crypto/dsa/dsatest.c
@@ -1,5 +1,5 @@
 /* crypto/dsa/dsatest.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -61,16 +61,12 @@
 #include <string.h>
 #include <sys/types.h>
 #include <sys/stat.h>
-#ifdef WIN16
-#define APPS_WIN16
-#endif
 #include "crypto.h"
 #include "rand.h"
 #include "bio.h"
 #include "err.h"
 #include "dsa.h"
-
-#ifdef WIN16
+#ifdef WINDOWS
 #include "../bio/bss_file.c"
 #endif
 
@@ -81,7 +77,7 @@
 #endif
 
 #ifndef NOPROTO
-static void MS_CALLBACK dsa_cb(int p, int n);
+static void MS_CALLBACK dsa_cb(int p, int n, char *arg);
 #else
 static void MS_CALLBACK dsa_cb();
 #endif
@@ -135,7 +131,8 @@ char **argv;
 
 	BIO_printf(bio_err,"test generation of DSA parameters\n");
 	BIO_printf(bio_err,"expect '.*' followed by 5 lines of '.'s and '+'s\n");
-	dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb);
+	dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,
+		(char *)bio_err);
 
 	BIO_printf(bio_err,"seed\n");
 	for (i=0; i<20; i+=4)
@@ -192,9 +189,10 @@ end:
 	return(0);
 	}
 
-static void MS_CALLBACK dsa_cb(p, n)
+static void MS_CALLBACK dsa_cb(p, n, arg)
 int p;
 int n;
+char *arg;
 	{
 	char c='*';
 	static int ok=0,num=0;
@@ -203,12 +201,12 @@ int n;
 	if (p == 1) c='+';
 	if (p == 2) { c='*'; ok++; }
 	if (p == 3) c='\n';
-	BIO_write(bio_err,&c,1);
-	BIO_flush(bio_err);
+	BIO_write((BIO *)arg,&c,1);
+	BIO_flush((BIO *)arg);
 
 	if (!ok && (p == 0) && (num > 1))
 		{
-		BIO_printf(bio_err,"error in dsatest\n");
+		BIO_printf((BIO *)arg,"error in dsatest\n");
 		exit(1);
 		}
 	}
diff --git a/crypto/err/Makefile.ssl b/crypto/err/Makefile.ssl
index 9e1e451e59..57c87eb041 100644
--- a/crypto/err/Makefile.ssl
+++ b/crypto/err/Makefile.ssl
@@ -2,7 +2,7 @@
 # SSLeay/crypto/err/Makefile
 #
 
-DIR=	error
+DIR=	err
 TOP=	../..
 CC=	cc
 INCLUDES= -I.. -I../../include
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 6eec77a154..a65192493a 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -1,5 +1,5 @@
 /* crypto/err/err.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -73,11 +73,16 @@ static unsigned long err_hash(ERR_STRING_DATA *a);
 static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b);
 static unsigned long pid_hash(ERR_STATE *pid);
 static int pid_cmp(ERR_STATE *a,ERR_STATE *pid);
+static unsigned long get_error_values(int inc,char **file,int *line,
+	char **data,int *flags);
+static void ERR_STATE_free(ERR_STATE *s);
 #else
 static unsigned long err_hash();
 static int err_cmp();
 static unsigned long pid_hash();
 static int pid_cmp();
+static void ERR_STATE_free();
+ERR_STATE *s;
 #endif
 
 #ifndef NO_ERR
@@ -147,6 +152,27 @@ static ERR_STRING_DATA ERR_str_reasons[]=
 	};
 #endif
 
+#define err_clear_data(p,i) \
+	if (((p)->err_data[i] != NULL) && \
+		(p)->err_data_flags[i] & ERR_TXT_MALLOCED) \
+		{  \
+		Free((p)->err_data[i]); \
+		(p)->err_data[i]=NULL; \
+		} \
+	(p)->err_data_flags[i]=0;
+
+static void ERR_STATE_free(s)
+ERR_STATE *s;
+	{
+	int i;
+
+	for (i=0; i<ERR_NUM_ERRORS; i++)
+		{
+		err_clear_data(s,i);
+		}
+	Free(s);
+	}
+
 void ERR_load_ERR_strings()
 	{
 	static int init=1;
@@ -211,6 +237,8 @@ void ERR_free_strings()
 	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
 	}
 
+/********************************************************/
+
 void ERR_put_error(lib,func,reason,file,line)
 int lib,func,reason;
 char *file;
@@ -226,117 +254,109 @@ int line;
 	es->err_buffer[es->top]=ERR_PACK(lib,func,reason);
 	es->err_file[es->top]=file;
 	es->err_line[es->top]=line;
+	err_clear_data(es,es->top);
 	}
 
 void ERR_clear_error()
 	{
-	int i;
 	ERR_STATE *es;
 
 	es=ERR_get_state();
 
+#if 0
+	/* hmm... is this needed */
 	for (i=0; i<ERR_NUM_ERRORS; i++)
 		{
 		es->err_buffer[i]=0;
 		es->err_file[i]=NULL;
 		es->err_line[i]= -1;
+		err_clear_data(es,i);
 		}
+#endif
 	es->top=es->bottom=0;
 	}
 
-unsigned long ERR_peek_error()
-	{	
-	int i;
-	ERR_STATE *es;
-
-	/* should be fine since only one thread should ever be playing
-	 * with the value returned from this call */
-	es=ERR_get_state();
-
-	if (es->bottom == es->top) return(0);
-	i=(es->bottom+1)%ERR_NUM_ERRORS;
-
-
-	return(es->err_buffer[i]);
-	}
 
 unsigned long ERR_get_error()
-	{
-	int i;
-	unsigned long ret;
-	ERR_STATE *es;
+	{ return(get_error_values(1,NULL,NULL,NULL,NULL)); }
 
-	es=ERR_get_state();
-
-	if (es->bottom == es->top) return(0);
-	i=(es->bottom+1)%ERR_NUM_ERRORS;
-	es->bottom=i;
-	ret=es->err_buffer[i];
-	es->err_buffer[i]=0;
+unsigned long ERR_get_error_line(file,line)
+char **file;
+int *line;
+	{ return(get_error_values(1,file,line,NULL,NULL)); }
 
+unsigned long ERR_get_error_line_data(file,line,data,flags)
+char **file;
+int *line;
+char **data;
+int *flags;
+	{ return(get_error_values(1,file,line,data,flags)); }
 
-	return(ret);
-	}
+unsigned long ERR_peek_error()
+	{ return(get_error_values(0,NULL,NULL,NULL,NULL)); }
 
 unsigned long ERR_peek_error_line(file,line)
 char **file;
 int *line;
-	{	
-	int i=0;
-	ERR_STATE *es;
-
-	es=ERR_get_state();
-
-	if (es->bottom == es->top)
-		{
-		return(0);
-		}
-
-	i=(es->bottom+1)%ERR_NUM_ERRORS;
-	if (es->err_file[i] == NULL)
-		{
-		*file="NA";
-		*line=0;
-		}
-	else
-		{
-		*file=es->err_file[i];
-		*line=es->err_line[i];
-		}
+	{ return(get_error_values(0,file,line,NULL,NULL)); }
 
-	return(es->err_buffer[i]);
-	}
+unsigned long ERR_peek_error_line_data(file,line,data,flags)
+char **file;
+int *line;
+char **data;
+int *flags;
+	{ return(get_error_values(0,file,line,data,flags)); }
 
-unsigned long ERR_get_error_line(file,line)
+static unsigned long get_error_values(inc,file,line,data,flags)
+int inc;
 char **file;
 int *line;
-	{
-	int i;
-	unsigned long ret;
+char **data;
+int *flags;
+	{	
+	int i=0;
 	ERR_STATE *es;
+	unsigned long ret;
 
 	es=ERR_get_state();
 
-	if (es->bottom == es->top)
-		return(0);
-
+	if (es->bottom == es->top) return(0);
 	i=(es->bottom+1)%ERR_NUM_ERRORS;
-	es->bottom=i;
-	ret=  es->err_buffer[i];
-	if (es->err_file[i] == NULL)
+
+	ret=es->err_buffer[i];
+	if (inc)
 		{
-		*file="NA";
-		*line=0;
+		es->bottom=i;
+		es->err_buffer[i]=0;
 		}
-	else
+
+	if ((file != NULL) && (line != NULL))
 		{
-		*file=es->err_file[i];
-		*line=es->err_line[i];
+		if (es->err_file[i] == NULL)
+			{
+			*file="NA";
+			if (line != NULL) *line=0;
+			}
+		else
+			{
+			*file=es->err_file[i];
+			if (line != NULL) *line=es->err_line[i];
+			}
 		}
-	es->err_buffer[i]=0;
-	es->err_file[i]=NULL;
-	es->err_line[i]= -1;
 
+	if (data != NULL)
+		{
+		if (es->err_data[i] == NULL)
+			{
+			*data="";
+			if (flags != NULL) *flags=0;
+			}
+		else
+			{
+			*data=es->err_data[i];
+			if (flags != NULL) *flags=es->err_data_flags[i];
+			}
+		}
 	return(ret);
 	}
 
@@ -498,14 +518,16 @@ unsigned long pid;
 	tmp.pid=pid;
 	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
 	p=(ERR_STATE *)lh_delete(thread_hash,(char *)&tmp);
-	if (p != NULL) Free(p);
 	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+	if (p != NULL) ERR_STATE_free(p);
 	}
 
 ERR_STATE *ERR_get_state()
 	{
 	static ERR_STATE fallback;
 	ERR_STATE *ret=NULL,tmp,*tmpp;
+	int i;
 	unsigned long pid;
 
 	pid=(unsigned long)CRYPTO_thread_id();
@@ -539,12 +561,80 @@ ERR_STATE *ERR_get_state()
 		ret->pid=pid;
 		ret->top=0;
 		ret->bottom=0;
+		for (i=0; i<ERR_NUM_ERRORS; i++)
+			{
+			ret->err_data[i]=NULL;
+			ret->err_data_flags[i]=0;
+			}
 		CRYPTO_w_lock(CRYPTO_LOCK_ERR);
 		tmpp=(ERR_STATE *)lh_insert(thread_hash,(char *)ret);
 		CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
 		if (tmpp != NULL) /* old entry - should not happen */
-			Free(tmpp);
+			{
+			ERR_STATE_free(tmpp);
+			}
 		}
 	return(ret);
 	}
 
+int ERR_get_next_error_library()
+	{
+	static int value=ERR_LIB_USER;
+
+	return(value++);
+	}
+
+void ERR_set_error_data(data,flags)
+char *data;
+int flags;
+	{
+	ERR_STATE *es;
+	int i;
+
+	es=ERR_get_state();
+
+	i=es->top;
+	if (i == 0)
+		i=ERR_NUM_ERRORS-1;
+
+	es->err_data[i]=data;
+	es->err_data_flags[es->top]=flags;
+	}
+
+void ERR_add_error_data( VAR_PLIST(int , num))
+VAR_ALIST
+        {
+        VAR_BDEFN(args, int, num);
+	int i,n,s;
+	char *str,*p,*a;
+
+	s=64;
+	str=Malloc(s+1);
+	if (str == NULL) return;
+	str[0]='\0';
+
+	VAR_INIT(args,int,num);
+	n=0;
+	for (i=0; i<num; i++)
+		{
+		VAR_ARG(args,char *,a);
+		n+=strlen(a);
+		if (n > s)
+			{
+			s=n+20;
+			p=Realloc(str,s+1);
+			if (p == NULL)
+				{
+				Free(str);
+				return;
+				}
+			else
+				str=p;
+			}
+		strcat(str,a);
+		}
+	ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING);
+
+	VAR_END( args );
+	}
+
diff --git a/crypto/err/err.h b/crypto/err/err.h
index aa3354e2dd..75f931be11 100644
--- a/crypto/err/err.h
+++ b/crypto/err/err.h
@@ -1,5 +1,5 @@
 /* crypto/err/err.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -77,11 +77,16 @@ extern "C" {
 
 #include <errno.h>
 
-#define ERR_NUM_ERRORS	10
+#define ERR_TXT_MALLOCED	0x01
+#define ERR_TXT_STRING		0x02
+
+#define ERR_NUM_ERRORS	16
 typedef struct err_state_st
 	{
 	unsigned long pid;
 	unsigned long err_buffer[ERR_NUM_ERRORS];
+	char *err_data[ERR_NUM_ERRORS];
+	int err_data_flags[ERR_NUM_ERRORS];
 	char *err_file[ERR_NUM_ERRORS];
 	int err_line[ERR_NUM_ERRORS];
 	int top,bottom;
@@ -102,6 +107,7 @@ typedef struct err_state_st
 #define ERR_LIB_METH		12
 #define ERR_LIB_ASN1		13
 #define ERR_LIB_CONF		14
+#define ERR_LIB_CRYPTO		15
 #define ERR_LIB_SSL		20
 #define ERR_LIB_SSL23		21
 #define ERR_LIB_SSL2		22
@@ -113,27 +119,28 @@ typedef struct err_state_st
 
 #define ERR_LIB_USER		128
 
-#define SYSerr(f,r)	ERR_PUT_error(ERR_LIB_SYS,(f),(r),ERR_file_name,__LINE__)
-#define BNerr(f,r)	ERR_PUT_error(ERR_LIB_BN,(f),(r),ERR_file_name,__LINE__)
-#define RSAerr(f,r)	ERR_PUT_error(ERR_LIB_RSA,(f),(r),ERR_file_name,__LINE__)
-#define DHerr(f,r)	ERR_PUT_error(ERR_LIB_DH,(f),(r),ERR_file_name,__LINE__)
-#define EVPerr(f,r)	ERR_PUT_error(ERR_LIB_EVP,(f),(r),ERR_file_name,__LINE__)
-#define BUFerr(f,r)	ERR_PUT_error(ERR_LIB_BUF,(f),(r),ERR_file_name,__LINE__)
-#define BIOerr(f,r)	ERR_PUT_error(ERR_LIB_BIO,(f),(r),ERR_file_name,__LINE__)
-#define OBJerr(f,r)	ERR_PUT_error(ERR_LIB_OBJ,(f),(r),ERR_file_name,__LINE__)
-#define PEMerr(f,r)	ERR_PUT_error(ERR_LIB_PEM,(f),(r),ERR_file_name,__LINE__)
-#define DSAerr(f,r)	ERR_PUT_error(ERR_LIB_DSA,(f),(r),ERR_file_name,__LINE__)
-#define X509err(f,r)	ERR_PUT_error(ERR_LIB_X509,(f),(r),ERR_file_name,__LINE__)
-#define METHerr(f,r)	ERR_PUT_error(ERR_LIB_METH,(f),(r),ERR_file_name,__LINE__)
-#define ASN1err(f,r)	ERR_PUT_error(ERR_LIB_ASN1,(f),(r),ERR_file_name,__LINE__)
-#define CONFerr(f,r)	ERR_PUT_error(ERR_LIB_CONF,(f),(r),ERR_file_name,__LINE__)
-#define SSLerr(f,r)	ERR_PUT_error(ERR_LIB_SSL,(f),(r),ERR_file_name,__LINE__)
-#define SSL23err(f,r)	ERR_PUT_error(ERR_LIB_SSL23,(f),(r),ERR_file_name,__LINE__)
-#define SSL2err(f,r)	ERR_PUT_error(ERR_LIB_SSL2,(f),(r),ERR_file_name,__LINE__)
-#define SSL3err(f,r)	ERR_PUT_error(ERR_LIB_SSL3,(f),(r),ERR_file_name,__LINE__)
-#define RSAREFerr(f,r)	ERR_PUT_error(ERR_LIB_RSAREF,(f),(r),ERR_file_name,__LINE__)
-#define PROXYerr(f,r)	ERR_PUT_error(ERR_LIB_PROXY,(f),(r),ERR_file_name,__LINE__)
-#define PKCS7err(f,r)	ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),ERR_file_name,__LINE__)
+#define SYSerr(f,r)  ERR_PUT_error(ERR_LIB_SYS,(f),(r),ERR_file_name,__LINE__)
+#define BNerr(f,r)   ERR_PUT_error(ERR_LIB_BN,(f),(r),ERR_file_name,__LINE__)
+#define RSAerr(f,r)  ERR_PUT_error(ERR_LIB_RSA,(f),(r),ERR_file_name,__LINE__)
+#define DHerr(f,r)   ERR_PUT_error(ERR_LIB_DH,(f),(r),ERR_file_name,__LINE__)
+#define EVPerr(f,r)  ERR_PUT_error(ERR_LIB_EVP,(f),(r),ERR_file_name,__LINE__)
+#define BUFerr(f,r)  ERR_PUT_error(ERR_LIB_BUF,(f),(r),ERR_file_name,__LINE__)
+#define BIOerr(f,r)  ERR_PUT_error(ERR_LIB_BIO,(f),(r),ERR_file_name,__LINE__)
+#define OBJerr(f,r)  ERR_PUT_error(ERR_LIB_OBJ,(f),(r),ERR_file_name,__LINE__)
+#define PEMerr(f,r)  ERR_PUT_error(ERR_LIB_PEM,(f),(r),ERR_file_name,__LINE__)
+#define DSAerr(f,r)  ERR_PUT_error(ERR_LIB_DSA,(f),(r),ERR_file_name,__LINE__)
+#define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),ERR_file_name,__LINE__)
+#define METHerr(f,r) ERR_PUT_error(ERR_LIB_METH,(f),(r),ERR_file_name,__LINE__)
+#define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),ERR_file_name,__LINE__)
+#define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),ERR_file_name,__LINE__)
+#define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),ERR_file_name,__LINE__)
+#define SSLerr(f,r)  ERR_PUT_error(ERR_LIB_SSL,(f),(r),ERR_file_name,__LINE__)
+#define SSL23err(f,r) ERR_PUT_error(ERR_LIB_SSL23,(f),(r),ERR_file_name,__LINE__)
+#define SSL2err(f,r) ERR_PUT_error(ERR_LIB_SSL2,(f),(r),ERR_file_name,__LINE__)
+#define SSL3err(f,r) ERR_PUT_error(ERR_LIB_SSL3,(f),(r),ERR_file_name,__LINE__)
+#define RSAREFerr(f,r) ERR_PUT_error(ERR_LIB_RSAREF,(f),(r),ERR_file_name,__LINE__)
+#define PROXYerr(f,r) ERR_PUT_error(ERR_LIB_PROXY,(f),(r),ERR_file_name,__LINE__)
+#define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),ERR_file_name,__LINE__)
 
 /* Borland C seems too stupid to be able to shift and do longs in
  * the pre-processor :-( */
@@ -172,6 +179,7 @@ typedef struct err_state_st
 #define ERR_R_METH_LIB	ERR_LIB_METH
 #define ERR_R_ASN1_LIB	ERR_LIB_ASN1
 #define ERR_R_CONF_LIB	ERR_LIB_CONF
+#define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO
 #define ERR_R_SSL_LIB	ERR_LIB_SSL
 #define ERR_R_SSL23_LIB	ERR_LIB_SSL23
 #define ERR_R_SSL2_LIB	ERR_LIB_SSL2
@@ -193,20 +201,27 @@ typedef struct ERR_string_data_st
 
 #ifndef NOPROTO
 void ERR_put_error(int lib, int func,int reason,char *file,int line);
+void ERR_set_error_data(char *data,int flags);
+
 unsigned long ERR_get_error(void );
 unsigned long ERR_get_error_line(char **file,int *line);
+unsigned long ERR_get_error_line_data(char **file,int *line,
+		char **data, int *flags);
 unsigned long ERR_peek_error(void );
 unsigned long ERR_peek_error_line(char **file,int *line);
+unsigned long ERR_peek_error_line_data(char **file,int *line,
+		char **data,int *flags);
 void ERR_clear_error(void );
 char *ERR_error_string(unsigned long e,char *buf);
 char *ERR_lib_error_string(unsigned long e);
 char *ERR_func_error_string(unsigned long e);
 char *ERR_reason_error_string(unsigned long e);
-#ifndef WIN16
+#ifndef NO_FP_API
 void ERR_print_errors_fp(FILE *fp);
 #endif
 #ifdef HEADER_BIO_H
 void ERR_print_errors(BIO *bp);
+void ERR_add_error_data( VAR_PLIST( int, num ) );
 #endif
 void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
 void ERR_load_ERR_strings(void );
@@ -224,9 +239,13 @@ char *ERR_get_string_table(void );
 char *ERR_get_err_state_table(void );
 #endif
 
+int ERR_get_next_error_library(void );
+
 #else
 
 void ERR_put_error();
+void ERR_set_error_data();
+
 unsigned long ERR_get_error();
 unsigned long ERR_get_error_line();
 unsigned long ERR_peek_error();
@@ -236,10 +255,11 @@ char *ERR_error_string();
 char *ERR_lib_error_string();
 char *ERR_func_error_string();
 char *ERR_reason_error_string();
-#ifndef WIN16
+#ifndef NO_FP_API
 void ERR_print_errors_fp();
 #endif
 void ERR_print_errors();
+void ERR_add_error_data();
 void ERR_load_strings();
 void ERR_load_ERR_strings();
 void ERR_load_crypto_strings();
@@ -256,6 +276,8 @@ char *ERR_get_string_table();
 char *ERR_get_err_state_table();
 #endif
 
+int ERR_get_next_error_library();
+
 #endif
 
 #ifdef	__cplusplus
diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c
index d6d8109ea0..f874268e1a 100644
--- a/crypto/err/err_all.c
+++ b/crypto/err/err_all.c
@@ -1,5 +1,5 @@
 /* crypto/err/err_all.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -110,6 +110,7 @@ void ERR_load_crypto_strings()
 	ERR_load_OBJ_strings();
 	ERR_load_PEM_strings();
 	ERR_load_X509_strings();
+	ERR_load_CRYPTO_strings();
 	ERR_load_PKCS7_strings();
 #endif
 	}
diff --git a/crypto/err/err_code.pl b/crypto/err/err_code.pl
index 5b893001c6..7f4cd7c216 100644
--- a/crypto/err/err_code.pl
+++ b/crypto/err/err_code.pl
@@ -1,79 +1,48 @@
 #!/usr/local/bin/perl
 
-%errfile=(
-	"ERR",	"NONE",
-	"BN",	"bn/bn.err",
-	"RSA",	"rsa/rsa.err",
-	"DSA",	"dsa/dsa.err",
-	"DH",	"dh/dh.err",
-	"EVP",	"evp/evp.err",
-	"BUF",	"buffer/buffer.err",
-	"BIO",	"bio/bio.err",
-	"OBJ",	"objects/objects.err",
-	"PEM",	"pem/pem.err",
-	"X509",	"x509/x509.err",
-	"METH",	"meth/meth.err",
-	"ASN1",	"asn1/asn1.err",
-	"CONF",	"conf/conf.err",
-	"PROXY","proxy/proxy.err",
-	"PKCS7","pkcs7/pkcs7.err",
-	"RSAREF","../rsaref/rsaref.err",
-	"SSL",	"../ssl/ssl.err",
-	"SSL2",	"../ssl/ssl2.err",
-	"SSL3",	"../ssl/ssl3.err",
-	"SSL23","../ssl/ssl23.err",
-	);
-
-$function{'RSAREF_F_RSA_BN2BIN'}=1;
-$function{'RSAREF_F_RSA_PRIVATE_DECRYPT'}=1;
-$function{'RSAREF_F_RSA_PRIVATE_ENCRYPT'}=1;
-$function{'RSAREF_F_RSA_PUBLIC_DECRYPT'}=1;
-$function{'RSAREF_F_RSA_PUBLIC_ENCRYPT'}=1;
-$function{'SSL_F_CLIENT_CERTIFICATE'}=1;
-
-$r_value{'SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE'}=	1010;
-$r_value{'SSL_R_SSLV3_ALERT_BAD_RECORD_MAC'}=	1020;
-$r_value{'SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE'}=1030;
-$r_value{'SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE'}=	1040;
-$r_value{'SSL_R_SSLV3_ALERT_NO_CERTIFICATE'}=	1041;
-$r_value{'SSL_R_SSLV3_ALERT_BAD_CERTIFICATE'}=	1042;
-$r_value{'SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE'}=1043;
-$r_value{'SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED'}=	1044;
-$r_value{'SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED'}=	1045;
-$r_value{'SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN'}=	1046;
-$r_value{'SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER'}=	1047;
-
-$r_value{'RSAREF_R_CONTENT_ENCODING'}=	0x0400;
-$r_value{'RSAREF_R_DATA'}=		0x0401;
-$r_value{'RSAREF_R_DIGEST_ALGORITHM'}=	0x0402;
-$r_value{'RSAREF_R_ENCODING'}=		0x0403;
-$r_value{'RSAREF_R_KEY'}=		0x0404;
-$r_value{'RSAREF_R_KEY_ENCODING'}=	0x0405;
-$r_value{'RSAREF_R_LEN'}=		0x0406;
-$r_value{'RSAREF_R_MODULUS_LEN'}=	0x0407;
-$r_value{'RSAREF_R_NEED_RANDOM'}=	0x0408;
-$r_value{'RSAREF_R_PRIVATE_KEY'}=	0x0409;
-$r_value{'RSAREF_R_PUBLIC_KEY'}=	0x040a;
-$r_value{'RSAREF_R_SIGNATURE'}=		0x040b;
-$r_value{'RSAREF_R_SIGNATURE_ENCODING'}=0x040c;
-$r_value{'RSAREF_R_ENCRYPTION_ALGORITHM'}=0x040d;
-
-$last="";
-while (<>)
+while (@ARGV)
 	{
-	if (/err\(([A-Z0-9]+_F_[0-9A-Z_]+)\s*,\s*([0-9A-Z]+_R_[0-9A-Z_]+)\s*\)/)
+	$in=shift(@ARGV);
+	if ($in =~ /^-conf$/)
 		{
-		if ($1 != $last)
+		$in=shift(@ARGV);
+		open(IN,"<$in") || die "unable to open '$in'\n";
+		while (<IN>)
 			{
-			if ($function{$1} == 0)
+			s/#.*$//;
+			s/\s+$//;
+			next if (/^$/);
+			if (/^L\s+(\S+)\s+(\S+)$/)
+				{ $errfile{$1}=$2; }
+			elsif (/^F\s+(\S+)$/)
+				{ $function{$1}=1; }
+			elsif (/^R\s+(\S+)\s+(\S+)$/)
+				{ $r_value{$1}=$2; }
+			else { die "bad input line: $in:$.\n"; }
+			}
+		close(IN);
+		next;
+		}
+
+	open(IN,"<$in") || die "unable to open '$in'\n";
+	$last="";
+	while (<IN>)
+		{
+		if (/err\(([A-Z0-9]+_F_[0-9A-Z_]+)\s*,\s*([0-9A-Z]+_R_[0-9A-Z_]+)\s*\)/)
+			{
+			if ($1 != $last)
 				{
-				printf STDERR "$. $1 is bad\n";
+				if ($function{$1} == 0)
+					{
+					printf STDERR "$. $1 is bad\n";
+					}
 				}
+			$function{$1}++;
+			$last=$1;
+			$reason{$2}++;
 			}
-		$function{$1}++;
-		$last=$1;
-		$reason{$2}++;
 		}
+	close(IN);
 	}
 
 foreach (keys %function,keys %reason)
@@ -88,7 +57,17 @@ foreach $j (sort keys %prefix)
 	{
 	next if $errfile{$j} eq "NONE";
 	printf STDERR "doing %-6s - ",$j;
-	open(OUT,">$errfile{$j}") || die "unable to open '$errfile{$j}':$!\n";
+	if (defined($errfile{$j}))
+		{
+		open(OUT,">$errfile{$j}") ||
+			die "unable to open '$errfile{$j}':$!\n";
+		$close_file=1;
+		}
+	else
+		{
+		*OUT=*STDOUT;
+		$close=0;
+		}
 	@f=grep(/^${j}_/,@F);
 	@r=grep(/^${j}_/,@R);
 	$num=100;
@@ -119,7 +98,7 @@ foreach $j (sort keys %prefix)
 			}
 		$r_count++;
 		}
-	close(OUT);
+	close(OUT) if $close_file;
 
 	printf STDERR "%3d functions, %3d reasons\n",$f_count,$r_count;
 	}
diff --git a/crypto/err/err_genc.pl b/crypto/err/err_genc.pl
index 6733cfe574..d3251da842 100644
--- a/crypto/err/err_genc.pl
+++ b/crypto/err/err_genc.pl
@@ -1,6 +1,8 @@
 #!/usr/local/bin/perl
 
-($#ARGV == 1) || die "usage: $0 <header file> <output C file>\n";
+if ($ARGV[0] eq "-s") { $static=1; shift @ARGV; }
+
+($#ARGV == 1) || die "usage: $0 [-s] <header file> <output C file>\n";
 open(IN,"<$ARGV[0]") || die "unable to open $ARGV[0]:$!\n";
 open(STDOUT,">$ARGV[1]") || die "unable to open $ARGV[1]:$!\n";
 
@@ -58,19 +60,67 @@ foreach (sort keys %out)
 	print "{0,NULL},\n";
 	print "\t};\n\n";
 	}
+print "#endif\n";
+
+if ($static)
+	{ $lib="ERR_LIB_$type"; }
+else
+	{ $lib="${type}_lib_error_code"; }
+
+$str="";
+$str.="#ifndef NO_ERR\n";
+$str.="\t\tERR_load_strings($lib,${type}_str_functs);\n" if $Func;
+$str.="\t\tERR_load_strings($lib,${type}_str_reasons);\n" if $Reas;
+$str.="#endif\n";
+
+if (!$static)
+	{
+print <<"EOF";
+
+static int ${type}_lib_error_code=0;
+
+void ERR_load_${type}_strings()
+	{
+	static int init=1;
+
+	if (${type}_lib_error_code == 0)
+		${type}_lib_error_code=ERR_get_next_error_library();
+
+	if (init);
+		{;
+		init=0;
+$str
+		}
+	}
 
-print "void ERR_load_${type}_strings()\n";
-print "\t{\n";
-print "\tstatic int init=1;\n\n";
-print "\tif (init)\n";
-print "\t\t{\n";
-print "\t\tinit=0;\n";
-print "\t\tERR_load_strings(ERR_LIB_$type,${type}_str_functs);\n"
-	if $Func;
-print "\t\tERR_load_strings(ERR_LIB_$type,${type}_str_reasons);\n"
-	if $Reas;
-print "\t\t}\n";
-print "\t}\n";
+void ERR_${type}_error(function,reason,file,line)
+int function;
+int reason;
+char *file;
+int line;
+	{
+	if (${type}_lib_error_code == 0)
+		${type}_lib_error_code=ERR_get_next_error_library();
+	ERR_PUT_error(${type}_lib_error_code,function,reason,file,line);
+	}
+EOF
+	}
+else # $static
+	{
+	print <<"EOF";
+
+void ERR_load_${type}_strings()
+	{
+	static int init=1;
+
+	if (init);
+		{;
+		init=0;
+$str
+		}
+	}
+EOF
+	}
 
 sub header
 	{
@@ -143,5 +193,6 @@ EOF
 	print "#include \"err.h\"\n";
 	print "#include \"$header\"\n";
 	print "\n/* BEGIN ERROR CODES */\n";
+	print "#ifndef NO_ERR\n";
 	}
 
diff --git a/crypto/err/err_prn.c b/crypto/err/err_prn.c
index 16e313879d..ecd0e7c4fa 100644
--- a/crypto/err/err_prn.c
+++ b/crypto/err/err_prn.c
@@ -1,5 +1,5 @@
 /* crypto/err/err_prn.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -64,20 +64,22 @@
 #include "err.h"
 #include "crypto.h"
 
-#ifndef WIN16
+#ifndef NO_FP_API
 void ERR_print_errors_fp(fp)
 FILE *fp;
 	{
 	unsigned long l;
 	char buf[200];
-	char *file;
-	int line;
+	char *file,*data;
+	int line,flags;
 	unsigned long es;
 
 	es=CRYPTO_thread_id();
-	while ((l=ERR_get_error_line(&file,&line)) != 0)
-		fprintf(fp,"%lu:%s:%s:%d\n",es,ERR_error_string(l,buf),
-			file,line);
+	while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0)
+		{
+		fprintf(fp,"%lu:%s:%s:%d:%s\n",es,ERR_error_string(l,buf),
+			file,line,(flags&ERR_TXT_STRING)?data:"");
+		}
 	}
 #endif
 
@@ -87,16 +89,19 @@ BIO *bp;
 	unsigned long l;
 	char buf[256];
 	char buf2[256];
-	char *file;
-	int line;
+	char *file,*data;
+	int line,flags;
 	unsigned long es;
 
 	es=CRYPTO_thread_id();
-	while ((l=ERR_get_error_line(&file,&line)) != 0)
+	while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0)
 		{
-		sprintf(buf2,"%lu:%s:%s:%d\n",es,ERR_error_string(l,buf),
+		sprintf(buf2,"%lu:%s:%s:%d:",es,ERR_error_string(l,buf),
 			file,line);
 		BIO_write(bp,buf2,strlen(buf2));
+		if (flags & ERR_TXT_STRING)
+			BIO_write(bp,data,strlen(data));
+		BIO_write(bp,"\n",1);
 		}
 	}
 
diff --git a/crypto/err/ssleay.ec b/crypto/err/ssleay.ec
new file mode 100644
index 0000000000..10b5dbb59d
--- /dev/null
+++ b/crypto/err/ssleay.ec
@@ -0,0 +1,57 @@
+L ERR		NONE
+L CRYPTO	crypto.err
+L BN		bn/bn.err
+L RSA		rsa/rsa.err
+L DSA		dsa/dsa.err
+L DH		dh/dh.err
+L EVP		evp/evp.err
+L BUF		buffer/buffer.err
+L BIO		bio/bio.err
+L OBJ		objects/objects.err
+L PEM		pem/pem.err
+L X509		x509/x509.err
+L METH		meth/meth.err
+L ASN1		asn1/asn1.err
+L CONF		conf/conf.err
+L PROXY		proxy/proxy.err
+L PKCS7		pkcs7/pkcs7.err
+L RSAREF	../rsaref/rsaref.err
+L SSL		../ssl/ssl.err
+L SSL2		../ssl/ssl2.err
+L SSL3		../ssl/ssl3.err
+L SSL23		../ssl/ssl23.err
+
+F RSAREF_F_RSA_BN2BIN
+F RSAREF_F_RSA_PRIVATE_DECRYPT
+F RSAREF_F_RSA_PRIVATE_ENCRYPT
+F RSAREF_F_RSA_PUBLIC_DECRYPT
+F RSAREF_F_RSA_PUBLIC_ENCRYPT
+#F SSL_F_CLIENT_CERTIFICATE
+
+R SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE		1010
+R SSL_R_SSLV3_ALERT_BAD_RECORD_MAC		1020
+R SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE	1030
+R SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE		1040
+R SSL_R_SSLV3_ALERT_NO_CERTIFICATE		1041
+R SSL_R_SSLV3_ALERT_BAD_CERTIFICATE		1042
+R SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE	1043
+R SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED		1044
+R SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED		1045
+R SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN		1046
+R SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER		1047
+
+R RSAREF_R_CONTENT_ENCODING			0x0400
+R RSAREF_R_DATA					0x0401
+R RSAREF_R_DIGEST_ALGORITHM			0x0402
+R RSAREF_R_ENCODING				0x0403
+R RSAREF_R_KEY					0x0404
+R RSAREF_R_KEY_ENCODING				0x0405
+R RSAREF_R_LEN					0x0406
+R RSAREF_R_MODULUS_LEN				0x0407
+R RSAREF_R_NEED_RANDOM				0x0408
+R RSAREF_R_PRIVATE_KEY				0x0409
+R RSAREF_R_PUBLIC_KEY				0x040a
+R RSAREF_R_SIGNATURE				0x040b
+R RSAREF_R_SIGNATURE_ENCODING			0x040c
+R RSAREF_R_ENCRYPTION_ALGORITHM			0x040d
+
diff --git a/crypto/evp/Makefile.ssl b/crypto/evp/Makefile.ssl
index 20338119ef..8bf2516458 100644
--- a/crypto/evp/Makefile.ssl
+++ b/crypto/evp/Makefile.ssl
@@ -29,10 +29,13 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c \
 	e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c \
 	e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c \
 	e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c \
+	e_ecb_c.c e_cbc_c.c e_cfb_c.c e_ofb_c.c \
+	e_ecb_r5.c e_cbc_r5.c e_cfb_r5.c e_ofb_r5.c \
 	m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c \
-	p_open.c p_seal.c p_sign.c p_verify.c p_lib.c \
+	m_ripemd.c \
+	p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
 	bio_md.c bio_b64.c bio_enc.c $(ERRC).c e_null.c \
-	c_all.c
+	c_all.c evp_lib.c
 
 LIBOBJ=	encode.o digest.o evp_enc.o evp_key.o \
 	e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o \
@@ -41,10 +44,13 @@ LIBOBJ=	encode.o digest.o evp_enc.o evp_key.o \
 	e_cfb_3d.o e_ofb_3d.o e_xcbc_d.o \
 	e_ecb_r2.o e_cbc_r2.o e_cfb_r2.o e_ofb_r2.o \
 	e_ecb_bf.o e_cbc_bf.o e_cfb_bf.o e_ofb_bf.o \
+	e_ecb_c.o e_cbc_c.o e_cfb_c.o e_ofb_c.o \
+	e_ecb_r5.o e_cbc_r5.o e_cfb_r5.o e_ofb_r5.o \
 	m_null.o m_md2.o m_md5.o m_sha.o m_sha1.o m_dss.o m_dss1.o m_mdc2.o \
-	p_open.o p_seal.o p_sign.o p_verify.o p_lib.o \
+	m_ripemd.o \
+	p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
 	bio_md.o bio_b64.o bio_enc.o $(ERRC).o e_null.o \
-	c_all.o
+	c_all.o evp_lib.o
 
 SRC= $(LIBSRC)
 
@@ -100,6 +106,6 @@ clean:
 
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c
index e362dc3bfe..73172b9a07 100644
--- a/crypto/evp/bio_b64.c
+++ b/crypto/evp/bio_b64.c
@@ -1,5 +1,5 @@
 /* crypto/evp/bio_b64.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -81,6 +81,7 @@ static int b64_free();
 #endif
 
 #define B64_BLOCK_SIZE	1024
+#define B64_BLOCK_SIZE2	768
 #define B64_NONE	0
 #define B64_ENCODE	1
 #define B64_DECODE	2
@@ -155,7 +156,7 @@ BIO *b;
 char *out;
 int outl;
 	{
-	int ret=0,i,ii,j,k,x,n,num;
+	int ret=0,i,ii,j,k,x,n,num,ret_code=0;
 	BIO_B64_CTX *ctx;
 	unsigned char *p,*q;
 
@@ -169,6 +170,7 @@ int outl;
 		ctx->encode=B64_DECODE;
 		ctx->buf_len=0;
 		ctx->buf_off=0;
+		ctx->tmp_len=0;
 		EVP_DecodeInit(&(ctx->base64));
 		}
 
@@ -192,6 +194,7 @@ int outl;
 	/* At this point, we have room of outl bytes and an empty
 	 * buffer, so we should read in some more. */
 
+	ret_code=0;
 	while (outl > 0)
 		{
 		if (ctx->cont <= 0) break;
@@ -201,16 +204,24 @@ int outl;
 
 		if (i <= 0)
 			{
+			ret_code=i;
+
 			/* Should be continue next time we are called? */
 			if (!BIO_should_retry(b->next_bio))
 				ctx->cont=i;
+			/* else we should continue when called again */
 			break;
 			}
 		i+=ctx->tmp_len;
 
 		/* We need to scan, a line at a time until we
 		 * have a valid line if we are starting. */
-		if (ctx->start)
+		if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL))
+			{
+			/* ctx->start=1; */
+			ctx->tmp_len=0;
+			}
+		else if (ctx->start)
 			{
 			q=p=(unsigned char *)ctx->tmp;
 			for (j=0; j<i; j++)
@@ -273,13 +284,51 @@ int outl;
 			else
 				ctx->tmp_len=0;
 			}
-		i=EVP_DecodeUpdate(&(ctx->base64),
-			(unsigned char *)ctx->buf,&ctx->buf_len,
-			(unsigned char *)ctx->tmp,i);
+
+		if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
+			{
+			int z,jj;
+
+			jj=(i>>2)<<2;
+			z=EVP_DecodeBlock((unsigned char *)ctx->buf,
+				(unsigned char *)ctx->tmp,jj);
+			if (jj > 2)
+				{
+				if (ctx->tmp[jj-1] == '=')
+					{
+					z--;
+					if (ctx->tmp[jj-2] == '=')
+						z--;
+					}
+				}
+			/* z is now number of output bytes and jj is the
+			 * number consumed */
+			if (jj != i)
+				{
+				memcpy((unsigned char *)ctx->tmp,
+					(unsigned char *)&(ctx->tmp[jj]),i-jj);
+				ctx->tmp_len=i-jj;
+				}
+			ctx->buf_len=0;
+			if (z > 0)
+				{
+				ctx->buf_len=z;
+				i=1;
+				}
+			else
+				i=z;
+			}
+		else
+			{
+			i=EVP_DecodeUpdate(&(ctx->base64),
+				(unsigned char *)ctx->buf,&ctx->buf_len,
+				(unsigned char *)ctx->tmp,i);
+			}
 		ctx->cont=i;
 		ctx->buf_off=0;
 		if (i < 0)
 			{
+			ret_code=0;
 			ctx->buf_len=0;
 			break;
 			}
@@ -302,7 +351,7 @@ int outl;
 		}
 	BIO_clear_retry_flags(b);
 	BIO_copy_next_retry(b);
-	return((ret == 0)?ctx->cont:ret);
+	return((ret == 0)?ret_code:ret);
 	}
 
 static int b64_write(b,in,inl)
@@ -321,6 +370,7 @@ int inl;
 		ctx->encode=B64_ENCODE;
 		ctx->buf_len=0;
 		ctx->buf_off=0;
+		ctx->tmp_len=0;
 		EVP_EncodeInit(&(ctx->base64));
 		}
 
@@ -344,9 +394,41 @@ int inl;
 	while (inl > 0)
 		{
 		n=(inl > B64_BLOCK_SIZE)?B64_BLOCK_SIZE:inl;
-		EVP_EncodeUpdate(&(ctx->base64),
-			(unsigned char *)ctx->buf,&ctx->buf_len,
-			(unsigned char *)in,n);
+
+		if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
+			{
+			if (ctx->tmp_len > 0)
+				{
+				n=3-ctx->tmp_len;
+				memcpy(&(ctx->tmp[ctx->tmp_len]),in,n);
+				ctx->tmp_len+=n;
+				n=ctx->tmp_len;
+				if (n < 3)
+					break;
+				ctx->buf_len=EVP_EncodeBlock(
+					(unsigned char *)ctx->buf,
+					(unsigned char *)ctx->tmp,n);
+				}
+			else
+				{
+				if (n < 3)
+					{
+					memcpy(&(ctx->tmp[0]),in,n);
+					ctx->tmp_len=n;
+					break;
+					}
+				n-=n%3;
+				ctx->buf_len=EVP_EncodeBlock(
+					(unsigned char *)ctx->buf,
+					(unsigned char *)in,n);
+				}
+			}
+		else
+			{
+			EVP_EncodeUpdate(&(ctx->base64),
+				(unsigned char *)ctx->buf,&ctx->buf_len,
+				(unsigned char *)in,n);
+			}
 		inl-=n;
 		in+=n;
 
@@ -419,7 +501,20 @@ again:
 				break;
 				}
 			}
-		if (ctx->base64.num != 0)
+		if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
+			{
+			if (ctx->tmp_len != 0)
+				{
+				ctx->buf_len=EVP_EncodeBlock(
+					(unsigned char *)ctx->buf,
+					(unsigned char *)ctx->tmp,
+					ctx->tmp_len);
+				ctx->buf_off=0;
+				ctx->tmp_len=0;
+				goto again;
+				}
+			}
+		else if (ctx->base64.num != 0)
 			{
 			ctx->buf_off=0;
 			EVP_EncodeFinal(&(ctx->base64),
diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c
index 6020736fd0..6c30ddfc54 100644
--- a/crypto/evp/bio_enc.c
+++ b/crypto/evp/bio_enc.c
@@ -1,5 +1,5 @@
 /* crypto/evp/bio_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -116,6 +116,7 @@ BIO *bi;
 	BIO_ENC_CTX *ctx;
 
 	ctx=(BIO_ENC_CTX *)Malloc(sizeof(BIO_ENC_CTX));
+	EVP_CIPHER_CTX_init(&ctx->cipher);
 	if (ctx == NULL) return(0);
 
 	ctx->buf_len=0;
@@ -377,6 +378,26 @@ again:
 	return(ret);
 	}
 
+/*
+void BIO_set_cipher_ctx(b,c)
+BIO *b;
+EVP_CIPHER_ctx *c;
+	{
+	if (b == NULL) return;
+
+	if ((b->callback != NULL) &&
+		(b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
+		return;
+
+	b->init=1;
+	ctx=(BIO_ENC_CTX *)b->ptr;
+	memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
+	
+	if (b->callback != NULL)
+		b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
+	}
+*/
+
 void BIO_set_cipher(b,c,k,i,e)
 BIO *b;
 EVP_CIPHER *c;
diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c
index 0d6508c988..fa5fdc055b 100644
--- a/crypto/evp/bio_md.c
+++ b/crypto/evp/bio_md.c
@@ -1,5 +1,5 @@
 /* crypto/evp/bio_md.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/evp/c_all.c b/crypto/evp/c_all.c
index b618d8d259..e77d1c896b 100644
--- a/crypto/evp/c_all.c
+++ b/crypto/evp/c_all.c
@@ -1,5 +1,5 @@
 /* crypto/evp/c_all.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -97,6 +97,7 @@ void SSLeay_add_all_ciphers()
 
 #ifndef NO_RC4
 	EVP_add_cipher(EVP_rc4());
+	EVP_add_cipher(EVP_rc4_40());
 #endif
 
 #ifndef NO_IDEA
@@ -113,6 +114,7 @@ void SSLeay_add_all_ciphers()
 	EVP_add_cipher(EVP_rc2_cfb());
 	EVP_add_cipher(EVP_rc2_ofb());
 	EVP_add_cipher(EVP_rc2_cbc());
+	EVP_add_cipher(EVP_rc2_40_cbc());
 	EVP_add_alias(SN_rc2_cbc,"RC2");
 	EVP_add_alias(SN_rc2_cbc,"rc2");
 #endif
@@ -126,6 +128,28 @@ void SSLeay_add_all_ciphers()
 	EVP_add_alias(SN_bf_cbc,"bf");
 	EVP_add_alias(SN_bf_cbc,"blowfish");
 #endif
+
+#ifndef NO_CAST
+	EVP_add_cipher(EVP_cast5_ecb());
+	EVP_add_cipher(EVP_cast5_cfb());
+	EVP_add_cipher(EVP_cast5_ofb());
+	EVP_add_cipher(EVP_cast5_cbc());
+	EVP_add_alias(SN_cast5_cbc,"CAST");
+	EVP_add_alias(SN_cast5_cbc,"cast");
+	EVP_add_alias(SN_cast5_cbc,"CAST-cbc");
+	EVP_add_alias(SN_cast5_cbc,"cast-cbc");
+#endif
+
+#ifndef NO_RC5
+	EVP_add_cipher(EVP_rc5_32_12_16_ecb());
+	EVP_add_cipher(EVP_rc5_32_12_16_cfb());
+	EVP_add_cipher(EVP_rc5_32_12_16_ofb());
+	EVP_add_cipher(EVP_rc5_32_12_16_cbc());
+	EVP_add_alias(SN_rc5_cbc,"rc5");
+	EVP_add_alias(SN_rc5_cbc,"RC5");
+	EVP_add_alias(SN_rc5_cbc,"rc5-cbc");
+	EVP_add_alias(SN_rc5_cbc,"RC5-cbc");
+#endif
 	}
 
 
@@ -134,8 +158,10 @@ void SSLeay_add_all_digests()
 #ifndef NO_MD2
 	EVP_add_digest(EVP_md2());
 #endif
-#ifndef NO_MD2
+#ifndef NO_MD5
 	EVP_add_digest(EVP_md5());
+	EVP_add_alias(SN_md5,"ssl2-md5");
+	EVP_add_alias(SN_md5,"ssl3-md5");
 #endif
 #ifndef NO_SHA
 	EVP_add_digest(EVP_sha());
@@ -145,11 +171,20 @@ void SSLeay_add_all_digests()
 #endif
 #ifndef NO_SHA1
 	EVP_add_digest(EVP_sha1());
+	EVP_add_alias(SN_sha1,"ssl3-sha1");
 #ifndef NO_DSA
 	EVP_add_digest(EVP_dss1());
+	EVP_add_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
+	EVP_add_alias(SN_dsaWithSHA1,"DSS1");
+	EVP_add_alias(SN_dsaWithSHA1,"dss1");
 #endif
 #endif
 #if !defined(NO_MDC2) && !defined(NO_DES)
 	EVP_add_digest(EVP_mdc2());
 #endif
+#ifndef NO_RIPEMD160
+	EVP_add_digest(EVP_ripemd160());
+	EVP_add_alias(SN_ripemd160,"ripemd");
+	EVP_add_alias(SN_ripemd160,"rmd160");
+#endif
 	}
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 035218d431..d65f0036f7 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -1,5 +1,5 @@
 /* crypto/evp/digest.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/evp/e_cbc_3d.c b/crypto/evp/e_cbc_3d.c
index 3749759e28..5761bf186a 100644
--- a/crypto/evp/e_cbc_3d.c
+++ b/crypto/evp/e_cbc_3d.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_cbc_3d.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -80,6 +80,11 @@ static EVP_CIPHER d_cbc_ede_cipher2=
 	8,16,8,
 	des_cbc_ede_init_key,
 	des_cbc_ede_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
+	EVP_CIPHER_get_asn1_iv,
+	EVP_CIPHER_set_asn1_iv,
 	};
 
 static EVP_CIPHER d_cbc_ede_cipher3=
@@ -88,6 +93,11 @@ static EVP_CIPHER d_cbc_ede_cipher3=
 	8,24,8,
 	des_cbc_ede3_init_key,
 	des_cbc_ede_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_des_ede_cbc()
@@ -107,8 +117,8 @@ unsigned char *iv;
 int enc;
 	{
 	if (iv != NULL)
-		memcpy(&(ctx->c.des_ede.oiv[0]),iv,8);
-	memcpy(&(ctx->c.des_ede.iv[0]),&(ctx->c.des_ede.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 
 	if (key != NULL)
 		{
@@ -127,8 +137,8 @@ unsigned char *iv;
 int enc;
 	{
 	if (iv != NULL)
-		memcpy(&(ctx->c.des_ede.oiv[0]),iv,8);
-	memcpy(&(ctx->c.des_ede.iv[0]),&(ctx->c.des_ede.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 
 	if (key != NULL)
 		{
@@ -148,6 +158,6 @@ unsigned int inl;
 		(des_cblock *)in,(des_cblock *)out,
 		(long)inl, ctx->c.des_ede.ks1,
 		ctx->c.des_ede.ks2,ctx->c.des_ede.ks3,
-		(des_cblock *)&(ctx->c.des_ede.iv[0]),
+		(des_cblock *)&(ctx->iv[0]),
 		ctx->encrypt);
 	}
diff --git a/crypto/evp/e_cbc_bf.c b/crypto/evp/e_cbc_bf.c
index d6278e2488..be605f4a13 100644
--- a/crypto/evp/e_cbc_bf.c
+++ b/crypto/evp/e_cbc_bf.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_cbc_bf.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,6 +79,11 @@ static EVP_CIPHER bfish_cbc_cipher=
 	8,EVP_BLOWFISH_KEY_SIZE,8,
 	bf_cbc_init_key,
 	bf_cbc_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.bf_ks)),
+	EVP_CIPHER_get_asn1_iv,
+	EVP_CIPHER_set_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_bf_cbc()
@@ -93,10 +98,10 @@ unsigned char *iv;
 int enc;
 	{
 	if (iv != NULL)
-		memcpy(&(ctx->c.bf_cbc.oiv[0]),iv,8);
-	memcpy(&(ctx->c.bf_cbc.iv[0]),&(ctx->c.bf_cbc.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
-		BF_set_key(&(ctx->c.bf_cbc.ks),EVP_BLOWFISH_KEY_SIZE,key);
+		BF_set_key(&(ctx->c.bf_ks),EVP_BLOWFISH_KEY_SIZE,key);
 	}
 
 static void bf_cbc_cipher(ctx,out,in,inl)
@@ -107,7 +112,7 @@ unsigned int inl;
 	{
 	BF_cbc_encrypt(
 		in,out,(long)inl,
-		&(ctx->c.bf_cbc.ks),&(ctx->c.bf_cbc.iv[0]),
+		&(ctx->c.bf_ks),&(ctx->iv[0]),
 		ctx->encrypt);
 	}
 
diff --git a/crypto/evp/e_cbc_c.c b/crypto/evp/e_cbc_c.c
new file mode 100644
index 0000000000..b50c7874b3
--- /dev/null
+++ b/crypto/evp/e_cbc_c.c
@@ -0,0 +1,119 @@
+/* crypto/evp/e_cbc_c.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_CAST
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void cast_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void cast_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void cast_cbc_init_key();
+static void cast_cbc_cipher();
+#endif
+
+static EVP_CIPHER cast5_cbc_cipher=
+	{
+	NID_cast5_cbc,
+	8,EVP_CAST5_KEY_SIZE,8,
+	cast_cbc_init_key,
+	cast_cbc_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.cast_ks)),
+	EVP_CIPHER_get_asn1_iv,
+	EVP_CIPHER_set_asn1_iv,
+	};
+
+EVP_CIPHER *EVP_cast5_cbc()
+	{
+	return(&cast5_cbc_cipher);
+	}
+	
+static void cast_cbc_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (iv != NULL)
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
+	if (key != NULL)
+		CAST_set_key(&(ctx->c.cast_ks),EVP_CAST5_KEY_SIZE,key);
+	}
+
+static void cast_cbc_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	CAST_cbc_encrypt(
+		in,out,(long)inl,
+		&(ctx->c.cast_ks),&(ctx->iv[0]),
+		ctx->encrypt);
+	}
+
+#endif
diff --git a/crypto/evp/e_cbc_d.c b/crypto/evp/e_cbc_d.c
index accc01e95e..c67706e3a0 100644
--- a/crypto/evp/e_cbc_d.c
+++ b/crypto/evp/e_cbc_d.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_cbc_d.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -77,6 +77,11 @@ static EVP_CIPHER d_cbc_cipher=
 	8,8,8,
 	des_cbc_init_key,
 	des_cbc_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ks)),
+	EVP_CIPHER_get_asn1_iv,
+	EVP_CIPHER_set_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_des_cbc()
@@ -91,10 +96,10 @@ unsigned char *iv;
 int enc;
 	{
 	if (iv != NULL)
-		memcpy(&(ctx->c.des_cbc.oiv[0]),iv,8);
-	memcpy(&(ctx->c.des_cbc.iv[0]),&(ctx->c.des_cbc.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
-		des_set_key((des_cblock *)key,ctx->c.des_cbc.ks);
+		des_set_key((des_cblock *)key,ctx->c.des_ks);
 	}
 
 static void des_cbc_cipher(ctx,out,in,inl)
@@ -105,7 +110,7 @@ unsigned int inl;
 	{
 	des_ncbc_encrypt(
 		(des_cblock *)in,(des_cblock *)out,
-		(long)inl, ctx->c.des_cbc.ks,
-		(des_cblock *)&(ctx->c.des_cbc.iv[0]),
+		(long)inl, ctx->c.des_ks,
+		(des_cblock *)&(ctx->iv[0]),
 		ctx->encrypt);
 	}
diff --git a/crypto/evp/e_cbc_i.c b/crypto/evp/e_cbc_i.c
index abfb5ed146..312ffcb721 100644
--- a/crypto/evp/e_cbc_i.c
+++ b/crypto/evp/e_cbc_i.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_cbc_i.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,6 +79,11 @@ static EVP_CIPHER i_cbc_cipher=
 	8,16,8,
 	idea_cbc_init_key,
 	idea_cbc_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.idea_ks)),
+	EVP_CIPHER_get_asn1_iv,
+	EVP_CIPHER_set_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_idea_cbc()
@@ -93,18 +98,18 @@ unsigned char *iv;
 int enc;
 	{
 	if (iv != NULL)
-		memcpy(&(ctx->c.idea_cbc.oiv[0]),iv,8);
-	memcpy(&(ctx->c.idea_cbc.iv[0]),&(ctx->c.idea_cbc.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
 		{
 		if (enc)
-			idea_set_encrypt_key(key,&(ctx->c.idea_cbc.ks));
+			idea_set_encrypt_key(key,&(ctx->c.idea_ks));
 		else
 			{
 			IDEA_KEY_SCHEDULE tmp;
 
 			idea_set_encrypt_key(key,&tmp);
-			idea_set_decrypt_key(&tmp,&(ctx->c.idea_cbc.ks));
+			idea_set_decrypt_key(&tmp,&(ctx->c.idea_ks));
 			memset((unsigned char *)&tmp,0,
 				sizeof(IDEA_KEY_SCHEDULE));
 			}
@@ -119,7 +124,7 @@ unsigned int inl;
 	{
 	idea_cbc_encrypt(
 		in,out,(long)inl,
-		&(ctx->c.idea_cbc.ks),&(ctx->c.idea_cbc.iv[0]),
+		&(ctx->c.idea_ks),&(ctx->iv[0]),
 		ctx->encrypt);
 	}
 
diff --git a/crypto/evp/e_cbc_r2.c b/crypto/evp/e_cbc_r2.c
index 2e3f85598b..4f8002f16d 100644
--- a/crypto/evp/e_cbc_r2.c
+++ b/crypto/evp/e_cbc_r2.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_cbc_r2.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,12 +79,33 @@ static EVP_CIPHER r2_cbc_cipher=
 	8,EVP_RC2_KEY_SIZE,8,
 	rc2_cbc_init_key,
 	rc2_cbc_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
+	EVP_CIPHER_get_asn1_iv,
+	EVP_CIPHER_set_asn1_iv,
+	};
+
+static EVP_CIPHER r2_40_cbc_cipher=
+	{
+	NID_rc2_40_cbc,
+	8,5 /* 40 bit */,8,
+	rc2_cbc_init_key,
+	rc2_cbc_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
 	};
 
 EVP_CIPHER *EVP_rc2_cbc()
 	{
 	return(&r2_cbc_cipher);
 	}
+
+EVP_CIPHER *EVP_rc2_40_cbc()
+	{
+	return(&r2_40_cbc_cipher);
+	}
 	
 static void rc2_cbc_init_key(ctx,key,iv,enc)
 EVP_CIPHER_CTX *ctx;
@@ -93,11 +114,11 @@ unsigned char *iv;
 int enc;
 	{
 	if (iv != NULL)
-		memcpy(&(ctx->c.rc2_cbc.oiv[0]),iv,8);
-	memcpy(&(ctx->c.rc2_cbc.iv[0]),&(ctx->c.rc2_cbc.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
-		RC2_set_key(&(ctx->c.rc2_cbc.ks),EVP_RC2_KEY_SIZE,key,
-			EVP_RC2_KEY_SIZE*8);
+		RC2_set_key(&(ctx->c.rc2_ks),EVP_CIPHER_CTX_key_length(ctx),
+			key,EVP_CIPHER_CTX_key_length(ctx)*8);
 	}
 
 static void rc2_cbc_cipher(ctx,out,in,inl)
@@ -108,7 +129,7 @@ unsigned int inl;
 	{
 	RC2_cbc_encrypt(
 		in,out,(long)inl,
-		&(ctx->c.rc2_cbc.ks),&(ctx->c.rc2_cbc.iv[0]),
+		&(ctx->c.rc2_ks),&(ctx->iv[0]),
 		ctx->encrypt);
 	}
 
diff --git a/crypto/evp/e_cbc_r5.c b/crypto/evp/e_cbc_r5.c
new file mode 100644
index 0000000000..f7d46ca91f
--- /dev/null
+++ b/crypto/evp/e_cbc_r5.c
@@ -0,0 +1,120 @@
+/* crypto/evp/e_cbc_r5.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC5
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void r_32_12_16_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void r_32_12_16_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void r_32_12_16_cbc_init_key();
+static void r_32_12_16_cbc_cipher();
+#endif
+
+static EVP_CIPHER rc5_32_12_16_cbc_cipher=
+	{
+	NID_rc5_cbc,
+	8,EVP_RC5_32_12_16_KEY_SIZE,8,
+	r_32_12_16_cbc_init_key,
+	r_32_12_16_cbc_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc5_ks)),
+	NULL,
+	NULL,
+	};
+
+EVP_CIPHER *EVP_rc5_32_12_16_cbc()
+	{
+	return(&rc5_32_12_16_cbc_cipher);
+	}
+	
+static void r_32_12_16_cbc_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (iv != NULL)
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
+	if (key != NULL)
+		RC5_32_set_key(&(ctx->c.rc5_ks),EVP_RC5_32_12_16_KEY_SIZE,
+			key,RC5_12_ROUNDS);
+	}
+
+static void r_32_12_16_cbc_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	RC5_32_cbc_encrypt(
+		in,out,(long)inl,
+		&(ctx->c.rc5_ks),&(ctx->iv[0]),
+		ctx->encrypt);
+	}
+
+#endif
diff --git a/crypto/evp/e_cfb_3d.c b/crypto/evp/e_cfb_3d.c
index 3d6577a78c..e7e3419411 100644
--- a/crypto/evp/e_cfb_3d.c
+++ b/crypto/evp/e_cfb_3d.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_cfb_3d.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -80,6 +80,11 @@ static EVP_CIPHER d_ede_cfb_cipher2=
 	1,16,8,
 	des_ede_cfb_init_key,
 	des_ede_cfb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
 	};
 
 static EVP_CIPHER d_ede3_cfb_cipher3=
@@ -88,6 +93,11 @@ static EVP_CIPHER d_ede3_cfb_cipher3=
 	1,24,8,
 	des_ede3_cfb_init_key,
 	des_ede_cfb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_des_ede_cfb()
@@ -106,18 +116,18 @@ unsigned char *key;
 unsigned char *iv;
 int enc;
 	{
-	ctx->c.des_cfb.num=0;
+	ctx->num=0;
 
 	if (iv != NULL)
-		memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
-	memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
 		{
-		des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
-		des_set_key((des_cblock *)&(key[8]),ctx->c.des_cfb.ks2);
-		memcpy( (char *)ctx->c.des_cfb.ks3,
-			(char *)ctx->c.des_cfb.ks,
-			sizeof(ctx->c.des_cfb.ks));
+		des_set_key((des_cblock *)key,ctx->c.des_ede.ks1);
+		des_set_key((des_cblock *)&(key[8]),ctx->c.des_ede.ks2);
+		memcpy( (char *)ctx->c.des_ede.ks3,
+			(char *)ctx->c.des_ede.ks1,
+			sizeof(ctx->c.des_ede.ks1));
 		}
 	}
 
@@ -127,16 +137,16 @@ unsigned char *key;
 unsigned char *iv;
 int enc;
 	{
-	ctx->c.des_cfb.num=0;
+	ctx->num=0;
 
 	if (iv != NULL)
-		memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
-	memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
 		{
-		des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
-		des_set_key((des_cblock *)&(key[8]),ctx->c.des_cfb.ks2);
-		des_set_key((des_cblock *)&(key[16]),ctx->c.des_cfb.ks3);
+		des_set_key((des_cblock *)key,ctx->c.des_ede.ks1);
+		des_set_key((des_cblock *)&(key[8]),ctx->c.des_ede.ks2);
+		des_set_key((des_cblock *)&(key[16]),ctx->c.des_ede.ks3);
 		}
 	}
 
@@ -148,9 +158,9 @@ unsigned int inl;
 	{
 	des_ede3_cfb64_encrypt(
 		in,out,(long)inl,
-		ctx->c.des_cfb.ks,
-		ctx->c.des_cfb.ks2,
-		ctx->c.des_cfb.ks3,
-		(des_cblock *)&(ctx->c.des_cfb.iv[0]),
-		&ctx->c.des_cfb.num,ctx->encrypt);
+		ctx->c.des_ede.ks1,
+		ctx->c.des_ede.ks2,
+		ctx->c.des_ede.ks3,
+		(des_cblock *)&(ctx->iv[0]),
+		&ctx->num,ctx->encrypt);
 	}
diff --git a/crypto/evp/e_cfb_bf.c b/crypto/evp/e_cfb_bf.c
index be15d14016..8aba2564b8 100644
--- a/crypto/evp/e_cfb_bf.c
+++ b/crypto/evp/e_cfb_bf.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_cfb_bf.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,6 +79,11 @@ static EVP_CIPHER bfish_cfb_cipher=
 	1,EVP_BLOWFISH_KEY_SIZE,8,
 	bf_cfb_init_key,
 	bf_cfb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.bf_ks)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_bf_cfb()
@@ -92,13 +97,13 @@ unsigned char *key;
 unsigned char *iv;
 int enc;
 	{
-	ctx->c.bf_cfb.num=0;
+	ctx->num=0;
 
 	if (iv != NULL)
-		memcpy(&(ctx->c.bf_cfb.oiv[0]),iv,8);
-	memcpy(&(ctx->c.bf_cfb.iv[0]),&(ctx->c.bf_cfb.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
-		BF_set_key(&(ctx->c.bf_cfb.ks),EVP_BLOWFISH_KEY_SIZE,key);
+		BF_set_key(&(ctx->c.bf_ks),EVP_BLOWFISH_KEY_SIZE,key);
 	}
 
 static void bf_cfb_cipher(ctx,out,in,inl)
@@ -109,8 +114,8 @@ unsigned int inl;
 	{
 	BF_cfb64_encrypt(
 		in,out,
-		(long)inl, &(ctx->c.bf_cfb.ks),
-		&(ctx->c.bf_cfb.iv[0]),
-		&ctx->c.bf_cfb.num,ctx->encrypt);
+		(long)inl, &(ctx->c.bf_ks),
+		&(ctx->iv[0]),
+		&ctx->num,ctx->encrypt);
 	}
 #endif
diff --git a/crypto/evp/e_cfb_c.c b/crypto/evp/e_cfb_c.c
new file mode 100644
index 0000000000..936df55fd8
--- /dev/null
+++ b/crypto/evp/e_cfb_c.c
@@ -0,0 +1,121 @@
+/* crypto/evp/e_cfb_c.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_CAST
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void cast_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void cast_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void cast_cfb_init_key();
+static void cast_cfb_cipher();
+#endif
+
+static EVP_CIPHER cast5_cfb_cipher=
+	{
+	NID_cast5_cfb64,
+	1,EVP_CAST5_KEY_SIZE,8,
+	cast_cfb_init_key,
+	cast_cfb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.cast_ks)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
+	};
+
+EVP_CIPHER *EVP_cast5_cfb()
+	{
+	return(&cast5_cfb_cipher);
+	}
+	
+static void cast_cfb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
+	if (key != NULL)
+		CAST_set_key(&(ctx->c.cast_ks),EVP_CAST5_KEY_SIZE,key);
+	}
+
+static void cast_cfb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	CAST_cfb64_encrypt(
+		in,out,
+		(long)inl, &(ctx->c.cast_ks),
+		&(ctx->iv[0]),
+		&ctx->num,ctx->encrypt);
+	}
+#endif
diff --git a/crypto/evp/e_cfb_d.c b/crypto/evp/e_cfb_d.c
index 75af87ac06..9ae4558f51 100644
--- a/crypto/evp/e_cfb_d.c
+++ b/crypto/evp/e_cfb_d.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_cfb_d.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -77,6 +77,11 @@ static EVP_CIPHER d_cfb_cipher=
 	1,8,8,
 	des_cfb_init_key,
 	des_cfb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ks)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_des_cfb()
@@ -90,13 +95,13 @@ unsigned char *key;
 unsigned char *iv;
 int enc;
 	{
-	ctx->c.des_cfb.num=0;
+	ctx->num=0;
 
 	if (iv != NULL)
-		memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
-	memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
-		des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
+		des_set_key((des_cblock *)key,ctx->c.des_ks);
 	}
 
 static void des_cfb_cipher(ctx,out,in,inl)
@@ -107,7 +112,7 @@ unsigned int inl;
 	{
 	des_cfb64_encrypt(
 		in,out,
-		(long)inl, ctx->c.des_cfb.ks,
-		(des_cblock *)&(ctx->c.des_cfb.iv[0]),
-		&ctx->c.des_cfb.num,ctx->encrypt);
+		(long)inl, ctx->c.des_ks,
+		(des_cblock *)&(ctx->iv[0]),
+		&ctx->num,ctx->encrypt);
 	}
diff --git a/crypto/evp/e_cfb_i.c b/crypto/evp/e_cfb_i.c
index 7fe2fbf6df..9225efaa86 100644
--- a/crypto/evp/e_cfb_i.c
+++ b/crypto/evp/e_cfb_i.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_cfb_i.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,6 +79,11 @@ static EVP_CIPHER i_cfb_cipher=
 	1,IDEA_KEY_LENGTH,IDEA_BLOCK,
 	idea_cfb_init_key,
 	idea_cfb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.idea_ks)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_idea_cfb()
@@ -92,13 +97,13 @@ unsigned char *key;
 unsigned char *iv;
 int enc;
 	{
-	ctx->c.idea_cfb.num=0;
+	ctx->num=0;
 
 	if (iv != NULL)
-		memcpy(&(ctx->c.idea_cfb.oiv[0]),iv,8);
-	memcpy(&(ctx->c.idea_cfb.iv[0]),&(ctx->c.idea_cfb.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
-		idea_set_encrypt_key(key,&(ctx->c.idea_cfb.ks));
+		idea_set_encrypt_key(key,&(ctx->c.idea_ks));
 	}
 
 static void idea_cfb_cipher(ctx,out,in,inl)
@@ -109,8 +114,8 @@ unsigned int inl;
 	{
 	idea_cfb64_encrypt(
 		in,out,(long)inl,
-		&(ctx->c.idea_cfb.ks),&(ctx->c.idea_cfb.iv[0]),
-		&ctx->c.idea_cfb.num,ctx->encrypt);
+		&(ctx->c.idea_ks),&(ctx->iv[0]),
+		&ctx->num,ctx->encrypt);
 	}
 
 #endif
diff --git a/crypto/evp/e_cfb_r2.c b/crypto/evp/e_cfb_r2.c
index a63c0f13f0..af5a39d1f4 100644
--- a/crypto/evp/e_cfb_r2.c
+++ b/crypto/evp/e_cfb_r2.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_cfb_r2.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,6 +79,11 @@ static EVP_CIPHER r2_cfb_cipher=
 	1,EVP_RC2_KEY_SIZE,8,
 	rc2_cfb_init_key,
 	rc2_cfb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_rc2_cfb()
@@ -92,13 +97,13 @@ unsigned char *key;
 unsigned char *iv;
 int enc;
 	{
-	ctx->c.rc2_cfb.num=0;
+	ctx->num=0;
 
 	if (iv != NULL)
-		memcpy(&(ctx->c.rc2_cfb.oiv[0]),iv,8);
-	memcpy(&(ctx->c.rc2_cfb.iv[0]),&(ctx->c.rc2_cfb.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
-		RC2_set_key(&(ctx->c.rc2_cfb.ks),EVP_RC2_KEY_SIZE,key,
+		RC2_set_key(&(ctx->c.rc2_ks),EVP_RC2_KEY_SIZE,key,
 			EVP_RC2_KEY_SIZE*8);
 	}
 
@@ -110,8 +115,8 @@ unsigned int inl;
 	{
 	RC2_cfb64_encrypt(
 		in,out,
-		(long)inl, &(ctx->c.rc2_cfb.ks),
-		&(ctx->c.rc2_cfb.iv[0]),
-		&ctx->c.rc2_cfb.num,ctx->encrypt);
+		(long)inl, &(ctx->c.rc2_ks),
+		&(ctx->iv[0]),
+		&ctx->num,ctx->encrypt);
 	}
 #endif
diff --git a/crypto/evp/e_cfb_r5.c b/crypto/evp/e_cfb_r5.c
new file mode 100644
index 0000000000..a2fddaedc0
--- /dev/null
+++ b/crypto/evp/e_cfb_r5.c
@@ -0,0 +1,122 @@
+/* crypto/evp/e_cfb_r5.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC5
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void rc5_32_12_16_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void rc5_32_12_16_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void rc5_32_12_16_cfb_init_key();
+static void rc5_32_12_16_cfb_cipher();
+#endif
+
+static EVP_CIPHER rc5_cfb_cipher=
+	{
+	NID_rc5_cfb64,
+	1,EVP_RC5_32_12_16_KEY_SIZE,8,
+	rc5_32_12_16_cfb_init_key,
+	rc5_32_12_16_cfb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc5_ks)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
+	};
+
+EVP_CIPHER *EVP_rc5_32_12_16_cfb()
+	{
+	return(&rc5_cfb_cipher);
+	}
+	
+static void rc5_32_12_16_cfb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
+	if (key != NULL)
+		RC5_32_set_key(&(ctx->c.rc5_ks),EVP_RC5_32_12_16_KEY_SIZE,key,
+			RC5_12_ROUNDS);
+	}
+
+static void rc5_32_12_16_cfb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	RC5_32_cfb64_encrypt(
+		in,out,
+		(long)inl, &(ctx->c.rc5_ks),
+		&(ctx->iv[0]),
+		&ctx->num,ctx->encrypt);
+	}
+#endif
diff --git a/crypto/evp/e_dsa.c b/crypto/evp/e_dsa.c
index f3dc78e06f..6715c3e95e 100644
--- a/crypto/evp/e_dsa.c
+++ b/crypto/evp/e_dsa.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_dsa.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/evp/e_ecb_3d.c b/crypto/evp/e_ecb_3d.c
index 0a19805f9f..908fc0760a 100644
--- a/crypto/evp/e_ecb_3d.c
+++ b/crypto/evp/e_ecb_3d.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_ecb_3d.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -80,6 +80,11 @@ static EVP_CIPHER d_ede_cipher2=
 	8,16,0,
 	des_ede_init_key,
 	des_ede_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
+	NULL,
+	NULL,
 	};
 
 static EVP_CIPHER d_ede3_cipher3=
@@ -88,6 +93,10 @@ static EVP_CIPHER d_ede3_cipher3=
 	8,24,0,
 	des_ede3_init_key,
 	des_ede_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
+	NULL,
 	};
 
 EVP_CIPHER *EVP_des_ede()
diff --git a/crypto/evp/e_ecb_bf.c b/crypto/evp/e_ecb_bf.c
index f625862e47..142a9d3123 100644
--- a/crypto/evp/e_ecb_bf.c
+++ b/crypto/evp/e_ecb_bf.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_ecb_bf.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,6 +79,11 @@ static EVP_CIPHER bfish_ecb_cipher=
 	8,EVP_BLOWFISH_KEY_SIZE,0,
 	bf_ecb_init_key,
 	bf_ecb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.bf_ks)),
+	NULL,
+	NULL,
 	};
 
 EVP_CIPHER *EVP_bf_ecb()
@@ -93,7 +98,7 @@ unsigned char *iv;
 int enc;
 	{
 	if (key != NULL)
-		BF_set_key(&(ctx->c.bf_ecb.ks),EVP_BLOWFISH_KEY_SIZE,key);
+		BF_set_key(&(ctx->c.bf_ks),EVP_BLOWFISH_KEY_SIZE,key);
 	}
 
 static void bf_ecb_cipher(ctx,out,in,inl)
@@ -110,7 +115,7 @@ unsigned int inl;
 		{
 		BF_ecb_encrypt(
 			&(in[i]),&(out[i]),
-			&(ctx->c.bf_ecb.ks),ctx->encrypt);
+			&(ctx->c.bf_ks),ctx->encrypt);
 		}
 	}
 
diff --git a/crypto/evp/e_ecb_c.c b/crypto/evp/e_ecb_c.c
new file mode 100644
index 0000000000..34e0c18296
--- /dev/null
+++ b/crypto/evp/e_ecb_c.c
@@ -0,0 +1,122 @@
+/* crypto/evp/e_ecb_c.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_CAST
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void cast_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void cast_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void cast_ecb_init_key();
+static void cast_ecb_cipher();
+#endif
+
+static EVP_CIPHER cast5_ecb_cipher=
+	{
+	NID_cast5_ecb,
+	8,EVP_CAST5_KEY_SIZE,0,
+	cast_ecb_init_key,
+	cast_ecb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.cast_ks)),
+	NULL,
+	NULL,
+	};
+
+EVP_CIPHER *EVP_cast5_ecb()
+	{
+	return(&cast5_ecb_cipher);
+	}
+	
+static void cast_ecb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (key != NULL)
+		CAST_set_key(&(ctx->c.cast_ks),EVP_CAST5_KEY_SIZE,key);
+	}
+
+static void cast_ecb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	unsigned int i;
+
+	if (inl < 8) return;
+	inl-=8;
+	for (i=0; i<=inl; i+=8)
+		{
+		CAST_ecb_encrypt(
+			&(in[i]),&(out[i]),
+			&(ctx->c.cast_ks),ctx->encrypt);
+		}
+	}
+
+#endif
diff --git a/crypto/evp/e_ecb_d.c b/crypto/evp/e_ecb_d.c
index b1b80e61dd..7a409d6459 100644
--- a/crypto/evp/e_ecb_d.c
+++ b/crypto/evp/e_ecb_d.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_ecb_d.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -77,6 +77,11 @@ static EVP_CIPHER d_ecb_cipher=
 	8,8,0,
 	des_ecb_init_key,
 	des_ecb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ks)),
+	NULL,
+	NULL,
 	};
 
 EVP_CIPHER *EVP_des_ecb()
@@ -91,7 +96,7 @@ unsigned char *iv;
 int enc;
 	{
 	if (key != NULL)
-		des_set_key((des_cblock *)key,ctx->c.des_ecb.ks);
+		des_set_key((des_cblock *)key,ctx->c.des_ks);
 	}
 
 static void des_ecb_cipher(ctx,out,in,inl)
@@ -108,6 +113,6 @@ unsigned int inl;
 		{
 		des_ecb_encrypt(
 			(des_cblock *)&(in[i]),(des_cblock *)&(out[i]),
-			ctx->c.des_ecb.ks,ctx->encrypt);
+			ctx->c.des_ks,ctx->encrypt);
 		}
 	}
diff --git a/crypto/evp/e_ecb_i.c b/crypto/evp/e_ecb_i.c
index 318c4c3afd..e24022a12c 100644
--- a/crypto/evp/e_ecb_i.c
+++ b/crypto/evp/e_ecb_i.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_ecb_i.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,6 +79,11 @@ static EVP_CIPHER i_ecb_cipher=
 	8,16,0,
 	idea_ecb_init_key,
 	idea_ecb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.idea_ks)),
+	NULL,
+	NULL,
 	};
 
 EVP_CIPHER *EVP_idea_ecb()
@@ -95,13 +100,13 @@ int enc;
 	if (key != NULL)
 		{
 		if (enc)
-			idea_set_encrypt_key(key,&(ctx->c.idea_ecb.ks));
+			idea_set_encrypt_key(key,&(ctx->c.idea_ks));
 		else
 			{
 			IDEA_KEY_SCHEDULE tmp;
 
 			idea_set_encrypt_key(key,&tmp);
-			idea_set_decrypt_key(&tmp, &(ctx->c.idea_ecb.ks));
+			idea_set_decrypt_key(&tmp, &(ctx->c.idea_ks));
 			memset((unsigned char *)&tmp,0,
 				sizeof(IDEA_KEY_SCHEDULE));
 			}
@@ -121,7 +126,7 @@ unsigned int inl;
 	for (i=0; i<=inl; i+=8)
 		{
 		idea_ecb_encrypt(
-			&(in[i]),&(out[i]),&(ctx->c.idea_ecb.ks));
+			&(in[i]),&(out[i]),&(ctx->c.idea_ks));
 		}
 	}
 
diff --git a/crypto/evp/e_ecb_r2.c b/crypto/evp/e_ecb_r2.c
index 66d25f6b5c..e35b06dc6d 100644
--- a/crypto/evp/e_ecb_r2.c
+++ b/crypto/evp/e_ecb_r2.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_ecb_r2.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,6 +79,11 @@ static EVP_CIPHER r2_ecb_cipher=
 	8,EVP_RC2_KEY_SIZE,0,
 	rc2_ecb_init_key,
 	rc2_ecb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
+	NULL,
+	NULL,
 	};
 
 EVP_CIPHER *EVP_rc2_ecb()
@@ -93,7 +98,7 @@ unsigned char *iv;
 int enc;
 	{
 	if (key != NULL)
-		RC2_set_key(&(ctx->c.rc2_ecb.ks),EVP_RC2_KEY_SIZE,key,
+		RC2_set_key(&(ctx->c.rc2_ks),EVP_RC2_KEY_SIZE,key,
 			EVP_RC2_KEY_SIZE*8);
 	}
 
@@ -111,7 +116,7 @@ unsigned int inl;
 		{
 		RC2_ecb_encrypt(
 			&(in[i]),&(out[i]),
-			&(ctx->c.rc2_ecb.ks),ctx->encrypt);
+			&(ctx->c.rc2_ks),ctx->encrypt);
 		}
 	}
 
diff --git a/crypto/evp/e_ecb_r5.c b/crypto/evp/e_ecb_r5.c
new file mode 100644
index 0000000000..08f4a82651
--- /dev/null
+++ b/crypto/evp/e_ecb_r5.c
@@ -0,0 +1,123 @@
+/* crypto/evp/e_ecb_r5.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC5
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void rc5_32_12_16_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void rc5_32_12_16_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void rc5_32_12_16_ecb_init_key();
+static void rc5_32_12_16_ecb_cipher();
+#endif
+
+static EVP_CIPHER rc5_ecb_cipher=
+	{
+	NID_rc5_ecb,
+	8,EVP_RC5_32_12_16_KEY_SIZE,0,
+	rc5_32_12_16_ecb_init_key,
+	rc5_32_12_16_ecb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc5_ks)),
+	NULL,
+	NULL,
+	};
+
+EVP_CIPHER *EVP_rc5_32_12_16_ecb()
+	{
+	return(&rc5_ecb_cipher);
+	}
+	
+static void rc5_32_12_16_ecb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (key != NULL)
+		RC5_32_set_key(&(ctx->c.rc5_ks),EVP_RC5_32_12_16_KEY_SIZE,key,
+			RC5_12_ROUNDS);
+	}
+
+static void rc5_32_12_16_ecb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	unsigned int i;
+
+	if (inl < 8) return;
+	inl-=8;
+	for (i=0; i<=inl; i+=8)
+		{
+		RC5_32_ecb_encrypt(
+			&(in[i]),&(out[i]),
+			&(ctx->c.rc5_ks),ctx->encrypt);
+		}
+	}
+
+#endif
diff --git a/crypto/evp/e_null.c b/crypto/evp/e_null.c
index c30e2736f2..e4e7ca7606 100644
--- a/crypto/evp/e_null.c
+++ b/crypto/evp/e_null.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_null.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -77,6 +77,10 @@ static EVP_CIPHER n_cipher=
 	1,0,0,
 	null_init_key,
 	null_cipher,
+	NULL,
+	0,
+	NULL,
+	NULL,
 	};
 
 EVP_CIPHER *EVP_enc_null()
diff --git a/crypto/evp/e_ofb_3d.c b/crypto/evp/e_ofb_3d.c
index 7dbe50f3d2..c3add18e93 100644
--- a/crypto/evp/e_ofb_3d.c
+++ b/crypto/evp/e_ofb_3d.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_ofb_3d.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -80,6 +80,11 @@ static EVP_CIPHER d_ede_ofb_cipher2=
 	1,16,8,
 	des_ede_ofb_init_key,
 	des_ede_ofb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
 	};
 
 static EVP_CIPHER d_ede3_ofb_cipher3=
@@ -88,6 +93,11 @@ static EVP_CIPHER d_ede3_ofb_cipher3=
 	1,24,8,
 	des_ede3_ofb_init_key,
 	des_ede_ofb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ede)),
+	EVP_CIPHER_set_asn1_iv,
+        EVP_CIPHER_get_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_des_ede_ofb()
@@ -106,18 +116,18 @@ unsigned char *key;
 unsigned char *iv;
 int enc;
 	{
-	ctx->c.des_cfb.num=0;
+	ctx->num=0;
 
 	if (iv != NULL)
-		memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
-	memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
 		{
-		des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
-		des_set_key((des_cblock *)&(key[8]),ctx->c.des_cfb.ks2);
-		memcpy( (char *)ctx->c.des_cfb.ks3,
-			(char *)ctx->c.des_cfb.ks,
-			sizeof(ctx->c.des_cfb.ks));
+		des_set_key((des_cblock *)key,ctx->c.des_ede.ks1);
+		des_set_key((des_cblock *)&(key[8]),ctx->c.des_ede.ks2);
+		memcpy( (char *)ctx->c.des_ede.ks3,
+			(char *)ctx->c.des_ede.ks1,
+			sizeof(ctx->c.des_ede.ks1));
 		}
 	}
 
@@ -127,16 +137,16 @@ unsigned char *key;
 unsigned char *iv;
 int enc;
 	{
-	ctx->c.des_cfb.num=0;
+	ctx->num=0;
 
 	if (iv != NULL)
-		memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
-	memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
 		{
-		des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
-		des_set_key((des_cblock *)&(key[8]),ctx->c.des_cfb.ks2);
-		des_set_key((des_cblock *)&(key[16]),ctx->c.des_cfb.ks3);
+		des_set_key((des_cblock *)key,ctx->c.des_ede.ks1);
+		des_set_key((des_cblock *)&(key[8]),ctx->c.des_ede.ks2);
+		des_set_key((des_cblock *)&(key[16]),ctx->c.des_ede.ks3);
 		}
 	}
 
@@ -149,7 +159,7 @@ unsigned int inl;
 	des_ede3_ofb64_encrypt(
 		in,out,
 		(long)inl,
-		ctx->c.des_cfb.ks, ctx->c.des_cfb.ks2, ctx->c.des_cfb.ks3,
-		(des_cblock *)&(ctx->c.des_cfb.iv[0]),
-		&ctx->c.des_cfb.num);
+		ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
+		(des_cblock *)&(ctx->iv[0]),
+		&ctx->num);
 	}
diff --git a/crypto/evp/e_ofb_bf.c b/crypto/evp/e_ofb_bf.c
index 078f171062..492f9b9082 100644
--- a/crypto/evp/e_ofb_bf.c
+++ b/crypto/evp/e_ofb_bf.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_ofb_bf.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,6 +79,11 @@ static EVP_CIPHER bfish_ofb_cipher=
 	1,EVP_BLOWFISH_KEY_SIZE,8,
 	bf_ofb_init_key,
 	bf_ofb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.bf_ks)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_bf_ofb()
@@ -92,13 +97,13 @@ unsigned char *key;
 unsigned char *iv;
 int enc;
 	{
-	ctx->c.bf_cfb.num=0;
+	ctx->num=0;
 
 	if (iv != NULL)
-		memcpy(&(ctx->c.bf_cfb.oiv[0]),iv,8);
-	memcpy(&(ctx->c.bf_cfb.iv[0]),&(ctx->c.bf_cfb.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
-		BF_set_key(&(ctx->c.bf_cfb.ks),EVP_BLOWFISH_KEY_SIZE,key);
+		BF_set_key(&(ctx->c.bf_ks),EVP_BLOWFISH_KEY_SIZE,key);
 	}
 
 static void bf_ofb_cipher(ctx,out,in,inl)
@@ -109,9 +114,9 @@ unsigned int inl;
 	{
 	BF_ofb64_encrypt(
 		in,out,
-		(long)inl, &(ctx->c.bf_cfb.ks),
-		&(ctx->c.bf_cfb.iv[0]),
-		&ctx->c.bf_cfb.num);
+		(long)inl, &(ctx->c.bf_ks),
+		&(ctx->iv[0]),
+		&ctx->num);
 	}
 
 #endif
diff --git a/crypto/evp/e_ofb_c.c b/crypto/evp/e_ofb_c.c
new file mode 100644
index 0000000000..f1eef4469c
--- /dev/null
+++ b/crypto/evp/e_ofb_c.c
@@ -0,0 +1,122 @@
+/* crypto/evp/e_ofb_c.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_CAST
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void cast_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void cast_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void cast_ofb_init_key();
+static void cast_ofb_cipher();
+#endif
+
+static EVP_CIPHER cast5_ofb_cipher=
+	{
+	NID_cast5_ofb64,
+	1,EVP_CAST5_KEY_SIZE,8,
+	cast_ofb_init_key,
+	cast_ofb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.cast_ks)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
+	};
+
+EVP_CIPHER *EVP_cast5_ofb()
+	{
+	return(&cast5_ofb_cipher);
+	}
+	
+static void cast_ofb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
+	if (key != NULL)
+		CAST_set_key(&(ctx->c.cast_ks),EVP_CAST5_KEY_SIZE,key);
+	}
+
+static void cast_ofb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	CAST_ofb64_encrypt(
+		in,out,
+		(long)inl, &(ctx->c.cast_ks),
+		&(ctx->iv[0]),
+		&ctx->num);
+	}
+
+#endif
diff --git a/crypto/evp/e_ofb_d.c b/crypto/evp/e_ofb_d.c
index a48af2e51b..09d4b4139d 100644
--- a/crypto/evp/e_ofb_d.c
+++ b/crypto/evp/e_ofb_d.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_ofb_d.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -77,6 +77,11 @@ static EVP_CIPHER d_ofb_cipher=
 	1,8,8,
 	des_ofb_init_key,
 	des_ofb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.des_ks)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_des_ofb()
@@ -90,13 +95,13 @@ unsigned char *key;
 unsigned char *iv;
 int enc;
 	{
-	ctx->c.des_cfb.num=0;
+	ctx->num=0;
 
 	if (iv != NULL)
-		memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
-	memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
-		des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
+		des_set_key((des_cblock *)key,ctx->c.des_ks);
 	}
 
 static void des_ofb_cipher(ctx,out,in,inl)
@@ -107,7 +112,7 @@ unsigned int inl;
 	{
 	des_ofb64_encrypt(
 		in,out,
-		(long)inl, ctx->c.des_cfb.ks,
-		(des_cblock *)&(ctx->c.des_cfb.iv[0]),
-		&ctx->c.des_cfb.num);
+		(long)inl, ctx->c.des_ks,
+		(des_cblock *)&(ctx->iv[0]),
+		&ctx->num);
 	}
diff --git a/crypto/evp/e_ofb_i.c b/crypto/evp/e_ofb_i.c
index dbf370b7b6..96c8afd9c8 100644
--- a/crypto/evp/e_ofb_i.c
+++ b/crypto/evp/e_ofb_i.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_ofb_i.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,6 +79,11 @@ static EVP_CIPHER i_ofb_cipher=
 	1,IDEA_KEY_LENGTH,IDEA_BLOCK,
 	idea_ofb_init_key,
 	idea_ofb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.idea_ks)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_idea_ofb()
@@ -92,13 +97,13 @@ unsigned char *key;
 unsigned char *iv;
 int enc;
 	{
-	ctx->c.idea_cfb.num=0;
+	ctx->num=0;
 
 	if (iv != NULL)
-		memcpy(&(ctx->c.idea_cfb.oiv[0]),iv,8);
-	memcpy(&(ctx->c.idea_cfb.iv[0]),&(ctx->c.idea_cfb.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
-		idea_set_encrypt_key(key,&(ctx->c.idea_cfb.ks));
+		idea_set_encrypt_key(key,&(ctx->c.idea_ks));
 	}
 
 static void idea_ofb_cipher(ctx,out,in,inl)
@@ -109,8 +114,8 @@ unsigned int inl;
 	{
 	idea_ofb64_encrypt(
 		in,out,(long)inl,
-		&(ctx->c.idea_cfb.ks),&(ctx->c.idea_cfb.iv[0]),
-		&ctx->c.idea_cfb.num);
+		&(ctx->c.idea_ks),&(ctx->iv[0]),
+		&ctx->num);
 	}
 
 #endif
diff --git a/crypto/evp/e_ofb_r2.c b/crypto/evp/e_ofb_r2.c
index 04e13b3592..0f6d729988 100644
--- a/crypto/evp/e_ofb_r2.c
+++ b/crypto/evp/e_ofb_r2.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_ofb_r2.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,6 +79,11 @@ static EVP_CIPHER r2_ofb_cipher=
 	1,EVP_RC2_KEY_SIZE,8,
 	rc2_ofb_init_key,
 	rc2_ofb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2_ks)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_rc2_ofb()
@@ -92,13 +97,13 @@ unsigned char *key;
 unsigned char *iv;
 int enc;
 	{
-	ctx->c.rc2_cfb.num=0;
+	ctx->num=0;
 
 	if (iv != NULL)
-		memcpy(&(ctx->c.rc2_cfb.oiv[0]),iv,8);
-	memcpy(&(ctx->c.rc2_cfb.iv[0]),&(ctx->c.rc2_cfb.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
-		RC2_set_key(&(ctx->c.rc2_cfb.ks),EVP_RC2_KEY_SIZE,key,
+		RC2_set_key(&(ctx->c.rc2_ks),EVP_RC2_KEY_SIZE,key,
 			EVP_RC2_KEY_SIZE*8);
 	}
 
@@ -110,9 +115,9 @@ unsigned int inl;
 	{
 	RC2_ofb64_encrypt(
 		in,out,
-		(long)inl, &(ctx->c.rc2_cfb.ks),
-		&(ctx->c.rc2_cfb.iv[0]),
-		&ctx->c.rc2_cfb.num);
+		(long)inl, &(ctx->c.rc2_ks),
+		&(ctx->iv[0]),
+		&ctx->num);
 	}
 
 #endif
diff --git a/crypto/evp/e_ofb_r5.c b/crypto/evp/e_ofb_r5.c
new file mode 100644
index 0000000000..db28d6c317
--- /dev/null
+++ b/crypto/evp/e_ofb_r5.c
@@ -0,0 +1,123 @@
+/* crypto/evp/e_ofb_r5.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC5
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void rc5_32_12_16_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void rc5_32_12_16_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void rc5_32_12_16_ofb_init_key();
+static void rc5_32_12_16_ofb_cipher();
+#endif
+
+static EVP_CIPHER rc5_ofb_cipher=
+	{
+	NID_rc5_ofb64,
+	1,EVP_RC5_32_12_16_KEY_SIZE,8,
+	rc5_32_12_16_ofb_init_key,
+	rc5_32_12_16_ofb_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc5_ks)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
+	};
+
+EVP_CIPHER *EVP_rc5_32_12_16_ofb()
+	{
+	return(&rc5_ofb_cipher);
+	}
+	
+static void rc5_32_12_16_ofb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
+	if (key != NULL)
+		RC5_32_set_key(&(ctx->c.rc5_ks),EVP_RC5_32_12_16_KEY_SIZE,key,
+			RC5_12_ROUNDS);
+	}
+
+static void rc5_32_12_16_ofb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	RC5_32_ofb64_encrypt(
+		in,out,
+		(long)inl, &(ctx->c.rc5_ks),
+		&(ctx->iv[0]),
+		&ctx->num);
+	}
+
+#endif
diff --git a/crypto/evp/e_rc4.c b/crypto/evp/e_rc4.c
index e1ffb5d95a..7e9790a94c 100644
--- a/crypto/evp/e_rc4.c
+++ b/crypto/evp/e_rc4.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_rc4.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,6 +79,19 @@ static EVP_CIPHER r4_cipher=
 	1,EVP_RC4_KEY_SIZE,0,
 	rc4_init_key,
 	rc4_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc4)),
+	NULL,
+	NULL,
+	};
+
+static EVP_CIPHER r4_40_cipher=
+	{
+	NID_rc4_40,
+	1,5 /* 40 bit */,0,
+	rc4_init_key,
+	rc4_cipher,
 	};
 
 EVP_CIPHER *EVP_rc4()
@@ -86,6 +99,11 @@ EVP_CIPHER *EVP_rc4()
 	return(&r4_cipher);
 	}
 
+EVP_CIPHER *EVP_rc4_40()
+	{
+	return(&r4_40_cipher);
+	}
+
 static void rc4_init_key(ctx,key,iv,enc)
 EVP_CIPHER_CTX *ctx;
 unsigned char *key;
diff --git a/crypto/evp/e_xcbc_d.c b/crypto/evp/e_xcbc_d.c
index 55fe0869d3..0d7fda0c47 100644
--- a/crypto/evp/e_xcbc_d.c
+++ b/crypto/evp/e_xcbc_d.c
@@ -1,5 +1,5 @@
 /* crypto/evp/e_xcbc_d.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -77,6 +77,11 @@ static EVP_CIPHER d_xcbc_cipher=
 	8,24,8,
 	desx_cbc_init_key,
 	desx_cbc_cipher,
+	NULL,
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.desx_cbc)),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
 	};
 
 EVP_CIPHER *EVP_desx_cbc()
@@ -91,8 +96,8 @@ unsigned char *iv;
 int enc;
 	{
 	if (iv != NULL)
-		memcpy(&(ctx->c.desx_cbc.oiv[0]),iv,8);
-	memcpy(&(ctx->c.desx_cbc.iv[0]),&(ctx->c.desx_cbc.oiv[0]),8);
+		memcpy(&(ctx->oiv[0]),iv,8);
+	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
 	if (key != NULL)
 		{
 		des_set_key((des_cblock *)key,ctx->c.desx_cbc.ks);
@@ -110,7 +115,7 @@ unsigned int inl;
 	des_xcbc_encrypt(
 		(des_cblock *)in,(des_cblock *)out,
 		(long)inl, ctx->c.desx_cbc.ks,
-		(des_cblock *)&(ctx->c.desx_cbc.iv[0]),
+		(des_cblock *)&(ctx->iv[0]),
 		(des_cblock *)&(ctx->c.desx_cbc.inw[0]),
 		(des_cblock *)&(ctx->c.desx_cbc.outw[0]),
 		ctx->encrypt);
diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c
index 7cd65244e6..14d47c1eed 100644
--- a/crypto/evp/encode.c
+++ b/crypto/evp/encode.c
@@ -1,5 +1,5 @@
 /* crypto/evp/encode.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -224,6 +224,7 @@ EVP_ENCODE_CTX *ctx;
 	ctx->length=30;
 	ctx->num=0;
 	ctx->line_num=0;
+	ctx->expect_nl=0;
 	}
 
 /* -1 for error
@@ -237,12 +238,13 @@ int *outl;
 unsigned char *in;
 int inl;
 	{
-	int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2;
+	int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl;
 	unsigned char *d;
 
 	n=ctx->num;
 	d=ctx->enc_data;
 	ln=ctx->line_num;
+	exp_nl=ctx->expect_nl;
 
 	/* last line of input. */
 	if ((inl == 0) || ((n == 0) && (conv_ascii2bin(in[0]) == B64_EOF)))
@@ -280,7 +282,16 @@ int inl;
 			}
 
 		/* eoln */
-		if (v == B64_EOLN) ln=0;
+		if (v == B64_EOLN)
+			{
+			ln=0;
+			if (exp_nl)
+				{
+				exp_nl=0;
+				continue;
+				}
+			}
+		exp_nl=0;
 
 		/* If we are at the end of input and it looks like a
 		 * line, process it. */
@@ -289,6 +300,10 @@ int inl;
 
 		if ((v == B64_EOF) || (n >= 64))
 			{
+			/* This is needed to work correctly on 64 byte input
+			 * lines.  We process the line and then need to
+			 * accept the '\n' */
+			if ((v != B64_EOF) && (n >= 64)) exp_nl=1;
 			tmp2=v;
 			if (n > 0)
 				{
@@ -322,6 +337,7 @@ end:
 	*outl=ret;
 	ctx->num=n;
 	ctx->line_num=ln;
+	ctx->expect_nl=exp_nl;
 	return(rv);
 	}
 
diff --git a/crypto/evp/evp.err b/crypto/evp/evp.err
index 0630b993a5..cfc17437bc 100644
--- a/crypto/evp/evp.err
+++ b/crypto/evp/evp.err
@@ -5,10 +5,11 @@
 #define EVP_F_EVP_DECRYPTFINAL				 101
 #define EVP_F_EVP_OPENINIT				 102
 #define EVP_F_EVP_PKEY_COPY_PARAMETERS			 103
-#define EVP_F_EVP_PKEY_NEW				 104
-#define EVP_F_EVP_SEALINIT				 105
-#define EVP_F_EVP_SIGNFINAL				 106
-#define EVP_F_EVP_VERIFYFINAL				 107
+#define EVP_F_EVP_PKEY_DECRYPT				 104
+#define EVP_F_EVP_PKEY_ENCRYPT				 105
+#define EVP_F_EVP_PKEY_NEW				 106
+#define EVP_F_EVP_SIGNFINAL				 107
+#define EVP_F_EVP_VERIFYFINAL				 108
 
 /* Reason codes. */
 #define EVP_R_BAD_DECRYPT				 100
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 3ece7fbd4f..b39fad93a4 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -1,5 +1,5 @@
 /* crypto/evp/evp.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -72,6 +72,9 @@ extern "C" {
 #if !defined(NO_SHA) || !defined(NO_SHA1)
 #include "sha.h"
 #endif
+#ifndef NO_RIPEMD
+#include "ripemd.h"
+#endif
 #ifndef NO_DES
 #include "des.h"
 #endif
@@ -81,9 +84,15 @@ extern "C" {
 #ifndef NO_RC2
 #include "rc2.h"
 #endif
+#ifndef NO_RC5
+#include "rc5.h"
+#endif
 #ifndef NO_BLOWFISH
 #include "blowfish.h"
 #endif
+#ifndef NO_CAST
+#include "cast.h"
+#endif
 #ifndef NO_IDEA
 #include "idea.h"
 #endif
@@ -91,12 +100,14 @@ extern "C" {
 #include "mdc2.h"
 #endif
 
-#define EVP_RC2_KEY_SIZE	16
-#define EVP_RC4_KEY_SIZE	16
-#define EVP_BLOWFISH_KEY_SIZE	16
-#define EVP_MAX_MD_SIZE		20
-#define EVP_MAX_KEY_LENGTH	24
-#define EVP_MAX_IV_LENGTH	8
+#define EVP_RC2_KEY_SIZE		16
+#define EVP_RC4_KEY_SIZE		16
+#define EVP_BLOWFISH_KEY_SIZE		16
+#define EVP_CAST5_KEY_SIZE		16
+#define EVP_RC5_32_12_16_KEY_SIZE	16
+#define EVP_MAX_MD_SIZE			(16+20) /* The SSLv3 md5+sha1 type */
+#define EVP_MAX_KEY_LENGTH		24
+#define EVP_MAX_IV_LENGTH		8
 
 #ifndef NO_RSA
 #include "rsa.h"
@@ -132,10 +143,15 @@ extern "C" {
 #define EVP_PKEY_RSA	NID_rsaEncryption
 #define EVP_PKEY_RSA2	NID_rsa
 #define EVP_PKEY_DSA	NID_dsa
+#define EVP_PKEY_DSA1	NID_dsa_2
 #define EVP_PKEY_DSA2	NID_dsaWithSHA
 #define EVP_PKEY_DSA3	NID_dsaWithSHA1
+#define EVP_PKEY_DSA4	NID_dsaWithSHA1_2
 #define EVP_PKEY_DH	NID_dhKeyAgreement
 
+/* Type needs to be a bit field
+ * Sub-type needs to be for variations on the method, as in, can it do
+ * arbitary encryption.... */
 typedef struct evp_pkey_st
 	{
 	int type;
@@ -155,6 +171,79 @@ typedef struct evp_pkey_st
 #endif
 	} EVP_PKEY;
 
+#define EVP_PKEY_MO_SIGN	0x0001
+#define EVP_PKEY_MO_VERIFY	0x0002
+#define EVP_PKEY_MO_ENCRYPT	0x0004
+#define EVP_PKEY_MO_DECRYPT	0x0008
+
+#if 0
+/* This structure is required to tie the message digest and signing together.
+ * The lookup can be done by md/pkey_method, oid, oid/pkey_method, or
+ * oid, md and pkey.
+ * This is required because for various smart-card perform the digest and
+ * signing/verification on-board.  To handle this case, the specific
+ * EVP_MD and EVP_PKEY_METHODs need to be closely associated.
+ * When a PKEY is created, it will have a EVP_PKEY_METHOD ossociated with it.
+ * This can either be software or a token to provide the required low level
+ * routines.
+ */
+typedef struct evp_pkey_md_st
+	{
+	int oid;
+	EVP_MD *md;
+	EVP_PKEY_METHOD *pkey;
+	} EVP_PKEY_MD;
+
+#define EVP_rsa_md2()
+		EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\
+			EVP_rsa_pkcs1(),EVP_md2())
+#define EVP_rsa_md5()
+		EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\
+			EVP_rsa_pkcs1(),EVP_md5())
+#define EVP_rsa_sha0()
+		EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\
+			EVP_rsa_pkcs1(),EVP_sha())
+#define EVP_rsa_sha1()
+		EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\
+			EVP_rsa_pkcs1(),EVP_sha1())
+#define EVP_rsa_ripemd160()
+		EVP_PKEY_MD_add(NID_ripemd160WithRSA,\
+			EVP_rsa_pkcs1(),EVP_ripemd160())
+#define EVP_rsa_mdc2()
+		EVP_PKEY_MD_add(NID_mdc2WithRSA,\
+			EVP_rsa_octet_string(),EVP_mdc2())
+#define EVP_dsa_sha()
+		EVP_PKEY_MD_add(NID_dsaWithSHA,\
+			EVP_dsa(),EVP_mdc2())
+#define EVP_dsa_sha1()
+		EVP_PKEY_MD_add(NID_dsaWithSHA1,\
+			EVP_dsa(),EVP_sha1())
+
+typedef struct evp_pkey_method_st
+	{
+	char *name;
+	int flags;
+	int type;		/* RSA, DSA, an SSLeay specific constant */
+	int oid;		/* For the pub-key type */
+	int encrypt_oid;	/* pub/priv key encryption */
+
+	int (*sign)();
+	int (*verify)();
+	struct	{
+		int
+		int (*set)();	/* get and/or set the underlying type */
+		int (*get)();
+		int (*encrypt)();
+		int (*decrypt)();
+		int (*i2d)();
+		int (*d2i)();
+		int (*dup)();
+		} pub,priv;
+	int (*set_asn1_parameters)();
+	int (*get_asn1_parameters)();
+	} EVP_PKEY_METHOD;
+#endif
+
 #ifndef EVP_MD
 typedef struct env_md_st
 	{
@@ -167,14 +256,17 @@ typedef struct env_md_st
 
 	int (*sign)();
 	int (*verify)();
-	int required_pkey_type[4]; /*EVP_PKEY_xxx */
+	int required_pkey_type[5]; /*EVP_PKEY_xxx */
+	int block_size;
+	int ctx_size; /* how big does the ctx need to be */
 	} EVP_MD;
 
 #define EVP_PKEY_NULL_method	NULL,NULL,{0,0,0,0}
 
 #ifndef NO_DSA
 #define EVP_PKEY_DSA_method	DSA_sign,DSA_verify, \
-				{EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3,0}
+				{EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
+					EVP_PKEY_DSA4,0}
 #else
 #define EVP_PKEY_DSA_method	EVP_PKEY_NULL_method
 #endif
@@ -204,6 +296,9 @@ typedef struct env_md_ctx_st
 #ifndef NO_MD5
 		MD5_CTX md5;
 #endif
+#ifndef NO_MD5
+		RIPEMD160_CTX ripemd160;
+#endif
 #if !defined(NO_SHA) || !defined(NO_SHA1)
 		SHA_CTX sha;
 #endif
@@ -222,6 +317,11 @@ typedef struct evp_cipher_st
 	void (*init)();		/* init for encryption */
 	void (*do_cipher)();	/* encrypt data */
 	void (*cleanup)();	/* used by cipher method */ 
+	int ctx_size;		/* how big the ctx needs to be */
+	/* int set_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */
+	int (*set_asn1_parameters)(); /* Populate a ASN1_TYPE with parameters */
+	/* int get_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */
+	int (*get_asn1_parameters)(); /* Get parameters from a ASN1_TYPE */
 	} EVP_CIPHER;
 
 typedef struct evp_cipher_info_st
@@ -235,7 +335,12 @@ typedef struct evp_cipher_ctx_st
 	EVP_CIPHER *cipher;
 	int encrypt;		/* encrypt or decrypt */
 	int buf_len;		/* number we have left */
-	unsigned char buf[8];
+
+	unsigned char  oiv[EVP_MAX_IV_LENGTH];	/* original iv */
+	unsigned char  iv[EVP_MAX_IV_LENGTH];	/* working iv */
+	unsigned char buf[EVP_MAX_IV_LENGTH];	/* saved partial block */
+	int num;				/* used by cfb/ofb mode */
+
 	char *app_data;		/* aplication stuff */
 	union	{
 #ifndef NO_RC4
@@ -246,102 +351,34 @@ typedef struct evp_cipher_ctx_st
 			} rc4;
 #endif
 #ifndef NO_DES
+		des_key_schedule des_ks;/* key schedule */
 		struct
 			{
 			des_key_schedule ks;/* key schedule */
-			} des_ecb;
-
-		struct
-			{
-			C_Block oiv;	/* original iv */
-			C_Block iv;	/* working iv */
-			des_key_schedule ks;/* key schedule */
-			} des_cbc;
-
-		struct
-			{
-			C_Block oiv;	/* original iv */
-			C_Block iv;	/* working iv */
 			C_Block inw;
 			C_Block outw;
-			des_key_schedule ks;/* key schedule */
 			} desx_cbc;
-
 		struct
 			{
-			C_Block oiv;	/* original iv */
-			C_Block iv;	/* working iv */
-			des_key_schedule ks;/* key schedule */
+			des_key_schedule ks1;/* key schedule */
 			des_key_schedule ks2;/* key schedule (for ede) */
 			des_key_schedule ks3;/* key schedule (for ede3) */
-			int num;	/* used by cfb mode */
-			} des_cfb;
-
-		struct
-			{
-			C_Block oiv;	/* original iv */
-			C_Block iv;	/* working iv */
-			des_key_schedule ks1;/* ksched 1 */
-			des_key_schedule ks2;/* ksched 2 */
-			des_key_schedule ks3;/* ksched 3 */
 			} des_ede;
 #endif
 #ifndef NO_IDEA
-		struct
-			{
-			IDEA_KEY_SCHEDULE ks;/* key schedule */
-			} idea_ecb;
-		struct
-			{
-			unsigned char oiv[8];/* original iv */
-			unsigned char iv[8]; /* working iv */
-			IDEA_KEY_SCHEDULE ks;/* key schedule */
-			} idea_cbc;
-		struct
-			{
-			unsigned char oiv[8];/* original iv */
-			unsigned char iv[8]; /* working iv */
-			IDEA_KEY_SCHEDULE ks;/* key schedule */
-			int num;	/* used by cfb mode */
-			} idea_cfb;
+		IDEA_KEY_SCHEDULE idea_ks;/* key schedule */
 #endif
 #ifndef NO_RC2
-		struct
-			{
-			RC2_KEY ks;/* key schedule */
-			} rc2_ecb;
-		struct
-			{
-			unsigned char oiv[8];/* original iv */
-			unsigned char iv[8]; /* working iv */
-			RC2_KEY ks;/* key schedule */
-			} rc2_cbc;
-		struct
-			{
-			unsigned char oiv[8];/* original iv */
-			unsigned char iv[8]; /* working iv */
-			RC2_KEY ks;/* key schedule */
-			int num;	/* used by cfb mode */
-			} rc2_cfb;
+		RC2_KEY rc2_ks;/* key schedule */
+#endif
+#ifndef NO_RC5
+		RC5_32_KEY rc5_ks;/* key schedule */
 #endif
 #ifndef NO_BLOWFISH
-		struct
-			{
-			BF_KEY ks;/* key schedule */
-			} bf_ecb;
-		struct
-			{
-			unsigned char oiv[8];/* original iv */
-			unsigned char iv[8]; /* working iv */
-			BF_KEY ks;/* key schedule */
-			} bf_cbc;
-		struct
-			{
-			unsigned char oiv[8];/* original iv */
-			unsigned char iv[8]; /* working iv */
-			BF_KEY ks;/* key schedule */
-			int num;	/* used by cfb mode */
-			} bf_cfb;
+		BF_KEY bf_ks;/* key schedule */
+#endif
+#ifndef NO_CAST
+		CAST_KEY cast_ks;/* key schedule */
 #endif
 		} c;
 	} EVP_CIPHER_CTX;
@@ -356,6 +393,7 @@ typedef struct evp_Encode_Ctx_st
 			 * line is decoded */
 	unsigned char enc_data[80];	/* data to encode */
 	int line_num;	/* number read on current line */
+	int expect_nl;
 	} EVP_ENCODE_CTX;
 
 #define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
@@ -374,7 +412,10 @@ typedef struct evp_Encode_Ctx_st
 #define EVP_MD_type(e)			((e)->type)
 #define EVP_MD_pkey_type(e)		((e)->pkey_type)
 #define EVP_MD_size(e)			((e)->md_size)
-#define EVP_MD_CTX_size(e)		((e)->digest->md_size)
+#define EVP_MD_block_size(e)		((e)->block_size)
+
+#define EVP_MD_CTX_size(e)		EVP_MD_size((e)->digest)
+#define EVP_MD_CTX_block_size(e)	EVP_MD_block_size((e)->digest)
 #define EVP_MD_CTX_type(e)		((e)->digest)
 
 #define EVP_CIPHER_nid(e)		((e)->nid)
@@ -471,6 +512,7 @@ int	EVP_DecodeBlock(unsigned char *t, unsigned
 
 void	ERR_load_EVP_strings(void );
 
+void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
 void EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
 
 #ifdef HEADER_BIO_H
@@ -489,6 +531,7 @@ EVP_MD *EVP_sha1(void);
 EVP_MD *EVP_dss(void);
 EVP_MD *EVP_dss1(void);
 EVP_MD *EVP_mdc2(void);
+EVP_MD *EVP_ripemd160(void);
 
 EVP_CIPHER *EVP_enc_null(void);		/* does nothing :-) */
 EVP_CIPHER *EVP_des_ecb(void);
@@ -505,18 +548,28 @@ EVP_CIPHER *EVP_des_ede_cbc(void);
 EVP_CIPHER *EVP_des_ede3_cbc(void);
 EVP_CIPHER *EVP_desx_cbc(void);
 EVP_CIPHER *EVP_rc4(void);
+EVP_CIPHER *EVP_rc4_40(void);
 EVP_CIPHER *EVP_idea_ecb(void);
 EVP_CIPHER *EVP_idea_cfb(void);
 EVP_CIPHER *EVP_idea_ofb(void);
 EVP_CIPHER *EVP_idea_cbc(void);
 EVP_CIPHER *EVP_rc2_ecb(void);
 EVP_CIPHER *EVP_rc2_cbc(void);
+EVP_CIPHER *EVP_rc2_40_cbc(void);
 EVP_CIPHER *EVP_rc2_cfb(void);
 EVP_CIPHER *EVP_rc2_ofb(void);
 EVP_CIPHER *EVP_bf_ecb(void);
 EVP_CIPHER *EVP_bf_cbc(void);
 EVP_CIPHER *EVP_bf_cfb(void);
 EVP_CIPHER *EVP_bf_ofb(void);
+EVP_CIPHER *EVP_cast5_ecb(void);
+EVP_CIPHER *EVP_cast5_cbc(void);
+EVP_CIPHER *EVP_cast5_cfb(void);
+EVP_CIPHER *EVP_cast5_ofb(void);
+EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
+EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
+EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
+EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
 
 void SSLeay_add_all_algorithms(void);
 void SSLeay_add_all_ciphers(void);
@@ -531,7 +584,12 @@ EVP_CIPHER *EVP_get_cipherbyname(char *name);
 EVP_MD *EVP_get_digestbyname(char *name);
 void EVP_cleanup(void);
 
+int		EVP_PKEY_decrypt(unsigned char *dec_key,unsigned char *enc_key,
+			int enc_key_len,EVP_PKEY *private_key);
+int		EVP_PKEY_encrypt(unsigned char *enc_key,
+			unsigned char *key,int key_len,EVP_PKEY *pub_key);
 int		EVP_PKEY_type(int type);
+int		EVP_PKEY_bits(EVP_PKEY *pkey);
 int		EVP_PKEY_size(EVP_PKEY *pkey);
 int 		EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
 EVP_PKEY *	EVP_PKEY_new(void);
@@ -547,6 +605,15 @@ int		i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
 int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from);
 int EVP_PKEY_missing_parameters(EVP_PKEY *pkey);
 int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode);
+int EVP_PKEY_cmp_parameters(EVP_PKEY *a,EVP_PKEY *b);
+
+/* calls methods */
+int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+
+/* These are used by EVP_CIPHER methods */
+int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
+int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
 
 #else
 
@@ -596,6 +663,7 @@ int	EVP_DecodeBlock();
 
 void	ERR_load_EVP_strings();
 
+void EVP_CIPHER_CTX_init();
 void EVP_CIPHER_CTX_cleanup();
 
 #ifdef HEADER_BIO_H
@@ -629,18 +697,28 @@ EVP_CIPHER *EVP_des_ede_cbc();
 EVP_CIPHER *EVP_des_ede3_cbc();
 EVP_CIPHER *EVP_desx_cbc();
 EVP_CIPHER *EVP_rc4();
+EVP_CIPHER *EVP_rc4_40();
 EVP_CIPHER *EVP_idea_ecb();
 EVP_CIPHER *EVP_idea_cfb();
 EVP_CIPHER *EVP_idea_ofb();
 EVP_CIPHER *EVP_idea_cbc();
 EVP_CIPHER *EVP_rc2_ecb();
 EVP_CIPHER *EVP_rc2_cbc();
+EVP_CIPHER *EVP_rc2_40_cbc();
 EVP_CIPHER *EVP_rc2_cfb();
 EVP_CIPHER *EVP_rc2_ofb();
 EVP_CIPHER *EVP_bf_ecb();
 EVP_CIPHER *EVP_bf_cbc();
 EVP_CIPHER *EVP_bf_cfb();
 EVP_CIPHER *EVP_bf_ofb();
+EVP_CIPHER *EVP_cast5_ecb();
+EVP_CIPHER *EVP_cast5_cbc();
+EVP_CIPHER *EVP_cast5_cfb();
+EVP_CIPHER *EVP_cast5_ofb();
+EVP_CIPHER *EVP_rc5_32_12_16_cbc();
+EVP_CIPHER *EVP_rc5_32_12_16_ecb();
+EVP_CIPHER *EVP_rc5_32_12_16_cfb();
+EVP_CIPHER *EVP_rc5_32_12_16_ofb();
 
 void SSLeay_add_all_algorithms();
 void SSLeay_add_all_ciphers();
@@ -655,7 +733,10 @@ EVP_CIPHER *EVP_get_cipherbyname();
 EVP_MD *EVP_get_digestbyname();
 void EVP_cleanup();
 
+int		EVP_PKEY_decrypt();
+int		EVP_PKEY_encrypt();
 int		EVP_PKEY_type();
+int		EVP_PKEY_bits();
 int		EVP_PKEY_size();
 int 		EVP_PKEY_assign();
 EVP_PKEY *	EVP_PKEY_new();
@@ -669,6 +750,13 @@ int		i2d_PrivateKey();
 int EVP_PKEY_copy_parameters();
 int EVP_PKEY_missing_parameters();
 int EVP_PKEY_save_parameters();
+int EVP_PKEY_cmp_parameters();
+
+int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+
+int EVP_CIPHER_set_asn1_iv();
+int EVP_CIPHER_get_asn1_iv();
 
 #endif
 
@@ -680,10 +768,11 @@ int EVP_PKEY_save_parameters();
 #define EVP_F_EVP_DECRYPTFINAL				 101
 #define EVP_F_EVP_OPENINIT				 102
 #define EVP_F_EVP_PKEY_COPY_PARAMETERS			 103
-#define EVP_F_EVP_PKEY_NEW				 104
-#define EVP_F_EVP_SEALINIT				 105
-#define EVP_F_EVP_SIGNFINAL				 106
-#define EVP_F_EVP_VERIFYFINAL				 107
+#define EVP_F_EVP_PKEY_DECRYPT				 104
+#define EVP_F_EVP_PKEY_ENCRYPT				 105
+#define EVP_F_EVP_PKEY_NEW				 106
+#define EVP_F_EVP_SIGNFINAL				 107
+#define EVP_F_EVP_VERIFYFINAL				 108
 
 /* Reason codes. */
 #define EVP_R_BAD_DECRYPT				 100
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 2015b5f892..93cc3a9464 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -1,5 +1,5 @@
 /* crypto/evp/evp_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -60,7 +60,14 @@
 #include "cryptlib.h"
 #include "evp.h"
 
-char *EVP_version="EVP part of SSLeay 0.8.1b 29-Jun-1998";
+char *EVP_version="EVP part of SSLeay 0.9.0b 29-Jun-1998";
+
+void EVP_CIPHER_CTX_init(ctx)
+EVP_CIPHER_CTX *ctx;
+	{
+	memset(ctx,0,sizeof(EVP_CIPHER_CTX));
+	/* ctx->cipher=NULL; */
+	}
 
 void EVP_CipherInit(ctx,data,key,iv,enc)
 EVP_CIPHER_CTX *ctx;
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index 326da1177e..2b0a0ab93f 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -60,14 +60,16 @@
 #include "evp.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA EVP_str_functs[]=
 	{
 {ERR_PACK(0,EVP_F_D2I_PKEY,0),	"D2I_PKEY"},
 {ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0),	"EVP_DecryptFinal"},
 {ERR_PACK(0,EVP_F_EVP_OPENINIT,0),	"EVP_OpenInit"},
 {ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0),	"EVP_PKEY_copy_parameters"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0),	"EVP_PKEY_decrypt"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0),	"EVP_PKEY_encrypt"},
 {ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0),	"EVP_PKEY_new"},
-{ERR_PACK(0,EVP_F_EVP_SEALINIT,0),	"EVP_SealInit"},
 {ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0),	"EVP_SignFinal"},
 {ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0),	"EVP_VerifyFinal"},
 {0,NULL},
@@ -88,14 +90,19 @@ static ERR_STRING_DATA EVP_str_reasons[]=
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_EVP_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_EVP,EVP_str_functs);
 		ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons);
+#endif
+
 		}
 	}
diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
index 0aa1dbb65a..dafa686f64 100644
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -1,5 +1,5 @@
 /* crypto/evp/evp_key.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -82,6 +82,10 @@ char *EVP_get_pw_prompt()
 		return(prompt_string);
 	}
 
+#ifdef NO_DES
+int des_read_pw_string(char *buf,int len,char *prompt,int verify);
+#endif
+
 int EVP_read_pw_string(buf,len,prompt,verify)
 char *buf;
 int len;
@@ -158,6 +162,6 @@ unsigned char *iv;
 		}
 	memset(&c,0,sizeof(c));
 	memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);
-	return(nkey);
+	return(type->key_len);
 	}
 
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
new file mode 100644
index 0000000000..69784eb555
--- /dev/null
+++ b/crypto/evp/evp_lib.c
@@ -0,0 +1,117 @@
+/* crypto/evp/evp_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+int EVP_CIPHER_param_to_asn1(c,type)
+EVP_CIPHER_CTX *c;
+ASN1_TYPE *type;
+	{
+	int ret;
+
+	if (c->cipher->set_asn1_parameters != NULL)
+		ret=c->cipher->set_asn1_parameters(c,type);
+	else
+		ret=1;
+	return(ret);
+	}
+
+int EVP_CIPHER_asn1_to_param(c,type)
+EVP_CIPHER_CTX *c;
+ASN1_TYPE *type;
+	{
+	int ret;
+
+	if (c->cipher->get_asn1_parameters != NULL)
+		ret=c->cipher->get_asn1_parameters(c,type);
+	else
+		ret=1;
+	return(ret);
+	}
+
+int EVP_CIPHER_get_asn1_iv(c,type)
+EVP_CIPHER_CTX *c;
+ASN1_TYPE *type;
+	{
+	int i=0,l;
+
+	if (type != NULL) 
+		{
+		l=EVP_CIPHER_CTX_iv_length(c);
+		i=ASN1_TYPE_get_octetstring(type,c->oiv,l);
+		memcpy(c->iv,c->oiv,l);
+		}
+	return(i);
+	}
+
+int EVP_CIPHER_set_asn1_iv(c,type)
+EVP_CIPHER_CTX *c;
+ASN1_TYPE *type;
+	{
+	int i=0,j;
+
+	if (type != NULL)
+		{
+		j=EVP_CIPHER_CTX_iv_length(c);
+		i=ASN1_TYPE_set_octetstring(type,c->oiv,j);
+		}
+	return(i);
+	}
diff --git a/crypto/evp/m_dss.c b/crypto/evp/m_dss.c
index 743beacc5b..3549b1699c 100644
--- a/crypto/evp/m_dss.c
+++ b/crypto/evp/m_dss.c
@@ -1,5 +1,5 @@
 /* crypto/evp/m_dss.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -67,10 +67,12 @@ static EVP_MD dsa_md=
 	NID_dsaWithSHA,
 	NID_dsaWithSHA,
 	SHA_DIGEST_LENGTH,
-	SHA_Init,
-	SHA_Update,
-	SHA_Final,
+	SHA1_Init,
+	SHA1_Update,
+	SHA1_Final,
 	EVP_PKEY_DSA_method,
+	SHA_CBLOCK,
+	sizeof(EVP_MD *)+sizeof(SHA_CTX),
 	};
 
 EVP_MD *EVP_dss()
diff --git a/crypto/evp/m_dss1.c b/crypto/evp/m_dss1.c
index a14e8590b1..ff256b7b20 100644
--- a/crypto/evp/m_dss1.c
+++ b/crypto/evp/m_dss1.c
@@ -1,5 +1,5 @@
 /* crypto/evp/m_dss1.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -71,6 +71,8 @@ static EVP_MD dss1_md=
 	SHA1_Update,
 	SHA1_Final,
 	EVP_PKEY_DSA_method,
+	SHA_CBLOCK,
+	sizeof(EVP_MD *)+sizeof(SHA_CTX),
 	};
 
 EVP_MD *EVP_dss1()
diff --git a/crypto/evp/m_md2.c b/crypto/evp/m_md2.c
index 17360c100e..2209416142 100644
--- a/crypto/evp/m_md2.c
+++ b/crypto/evp/m_md2.c
@@ -1,5 +1,5 @@
 /* crypto/evp/m_md2.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -71,6 +71,8 @@ static EVP_MD md2_md=
 	MD2_Update,
 	MD2_Final,
 	EVP_PKEY_RSA_method,
+	MD2_BLOCK,
+	sizeof(EVP_MD *)+sizeof(MD2_CTX),
 	};
 
 EVP_MD *EVP_md2()
diff --git a/crypto/evp/m_md5.c b/crypto/evp/m_md5.c
index f7b4eb1eae..d65db9aa1d 100644
--- a/crypto/evp/m_md5.c
+++ b/crypto/evp/m_md5.c
@@ -1,5 +1,5 @@
 /* crypto/evp/m_md5.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -71,6 +71,8 @@ static EVP_MD md5_md=
 	MD5_Update,
 	MD5_Final,
 	EVP_PKEY_RSA_method,
+	MD5_CBLOCK,
+	sizeof(EVP_MD *)+sizeof(MD5_CTX),
 	};
 
 EVP_MD *EVP_md5()
diff --git a/crypto/evp/m_mdc2.c b/crypto/evp/m_mdc2.c
index da70f689b8..64a853eb7f 100644
--- a/crypto/evp/m_mdc2.c
+++ b/crypto/evp/m_mdc2.c
@@ -1,5 +1,5 @@
 /* crypto/evp/m_mdc2.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -71,6 +71,8 @@ static EVP_MD mdc2_md=
 	MDC2_Update,
 	MDC2_Final,
 	EVP_PKEY_RSA_ASN1_OCTET_STRING_method,
+	MDC2_BLOCK,
+	sizeof(EVP_MD *)+sizeof(MDC2_CTX),
 	};
 
 EVP_MD *EVP_mdc2()
diff --git a/crypto/evp/m_null.c b/crypto/evp/m_null.c
index 47db2c5258..6d80560df2 100644
--- a/crypto/evp/m_null.c
+++ b/crypto/evp/m_null.c
@@ -1,5 +1,5 @@
 /* crypto/evp/m_null.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -75,7 +75,9 @@ static EVP_MD null_md=
 	function,
 	function,
 	
-	EVP_PKEY_NULL_method
+	EVP_PKEY_NULL_method,
+	0,
+	sizeof(EVP_MD *),
 	};
 
 EVP_MD *EVP_md_null()
diff --git a/crypto/evp/m_ripemd.c b/crypto/evp/m_ripemd.c
new file mode 100644
index 0000000000..04c5d8897b
--- /dev/null
+++ b/crypto/evp/m_ripemd.c
@@ -0,0 +1,81 @@
+/* crypto/evp/m_ripemd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD ripemd160_md=
+	{
+	NID_ripemd160,
+	NID_ripemd160WithRSA,
+	RIPEMD160_DIGEST_LENGTH,
+	RIPEMD160_Init,
+	RIPEMD160_Update,
+	RIPEMD160_Final,
+	EVP_PKEY_RSA_method,
+	RIPEMD160_CBLOCK,
+	sizeof(EVP_MD *)+sizeof(RIPEMD160_CTX),
+	};
+
+EVP_MD *EVP_ripemd160()
+	{
+	return(&ripemd160_md);
+	}
diff --git a/crypto/evp/m_sha.c b/crypto/evp/m_sha.c
index d723ac76a3..af4e434a22 100644
--- a/crypto/evp/m_sha.c
+++ b/crypto/evp/m_sha.c
@@ -1,5 +1,5 @@
 /* crypto/evp/m_sha.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -71,6 +71,8 @@ static EVP_MD sha_md=
 	SHA_Update,
 	SHA_Final,
 	EVP_PKEY_RSA_method,
+	SHA_CBLOCK,
+	sizeof(EVP_MD *)+sizeof(SHA_CTX),
 	};
 
 EVP_MD *EVP_sha()
diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c
index 30037ffcd8..87135a9cf2 100644
--- a/crypto/evp/m_sha1.c
+++ b/crypto/evp/m_sha1.c
@@ -1,5 +1,5 @@
 /* crypto/evp/m_sha1.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -71,6 +71,8 @@ static EVP_MD sha1_md=
 	SHA1_Update,
 	SHA1_Final,
 	EVP_PKEY_RSA_method,
+	SHA_CBLOCK,
+	sizeof(EVP_MD *)+sizeof(SHA_CTX),
 	};
 
 EVP_MD *EVP_sha1()
diff --git a/crypto/evp/names.c b/crypto/evp/names.c
index 49fd34f27f..e0774da20d 100644
--- a/crypto/evp/names.c
+++ b/crypto/evp/names.c
@@ -1,5 +1,5 @@
 /* crypto/evp/names.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -158,7 +158,9 @@ char *aname;
 		}
 
 	if ((i=sk_find(aliases,(char *)a)) >= 0)
+		{
 		Free(sk_delete(aliases,i));
+		}
 	if (!sk_push(aliases,(char *)a)) goto err;
 	return(1);
 err:
@@ -207,6 +209,7 @@ char *name;
 			}
 
 		nid=OBJ_txt2nid(name);
+		if (nid == NID_undef) return(NULL);
 		c.nid=nid;
 		i=sk_find(ciphers,(char *)&c);
 		if (i >= 0)
@@ -245,6 +248,7 @@ char *name;
 			}
 
 		nid=OBJ_txt2nid(name);
+		if (nid == NID_undef) return(NULL);
 		c.pkey_type=nid;
 		i=sk_find(digests,(char *)&c);
 		if (i >= 0)
diff --git a/crypto/evp/p_dec.c b/crypto/evp/p_dec.c
new file mode 100644
index 0000000000..e845ce70c7
--- /dev/null
+++ b/crypto/evp/p_dec.c
@@ -0,0 +1,84 @@
+/* crypto/evp/p_dec.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "rand.h"
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int EVP_PKEY_decrypt(key,ek,ekl,priv)
+unsigned char *key;
+unsigned char *ek;
+int ekl;
+EVP_PKEY *priv;
+	{
+	int ret= -1;
+	
+	if (priv->type != EVP_PKEY_RSA)
+		{
+		EVPerr(EVP_F_EVP_PKEY_DECRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
+		goto err;
+                }
+
+	ret=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING);
+err:
+	return(ret);
+	}
diff --git a/crypto/evp/p_enc.c b/crypto/evp/p_enc.c
new file mode 100644
index 0000000000..a26bfad02a
--- /dev/null
+++ b/crypto/evp/p_enc.c
@@ -0,0 +1,83 @@
+/* crypto/evp/p_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "rand.h"
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int EVP_PKEY_encrypt(ek,key,key_len,pubk)
+unsigned char *ek;
+unsigned char *key;
+int key_len;
+EVP_PKEY *pubk;
+	{
+	int ret=0;
+	
+	if (pubk->type != EVP_PKEY_RSA)
+		{
+		EVPerr(EVP_F_EVP_PKEY_ENCRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
+		goto err;
+		}
+	ret=RSA_public_encrypt(key_len,key,ek,pubk->pkey.rsa,RSA_PKCS1_PADDING);
+err:
+	return(ret);
+	}
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 11369048e7..395351b373 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -1,5 +1,5 @@
 /* crypto/evp/p_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -72,6 +72,21 @@ static void EVP_PKEY_free_it(EVP_PKEY *x);
 static void EVP_PKEY_free_it();
 #endif
 
+int EVP_PKEY_bits(pkey)
+EVP_PKEY *pkey;
+	{
+#ifndef NO_RSA
+	if (pkey->type == EVP_PKEY_RSA)
+		return(BN_num_bits(pkey->pkey.rsa->n));
+	else
+#endif
+#ifndef NO_DSA
+		if (pkey->type == EVP_PKEY_DSA)
+		return(BN_num_bits(pkey->pkey.dsa->p));
+#endif
+	return(0);
+	}
+
 int EVP_PKEY_size(pkey)
 EVP_PKEY *pkey;
 	{
@@ -110,13 +125,13 @@ EVP_PKEY *to,*from;
 	if (to->type != from->type)
 		{
 		EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES);
-		return(0);
+		goto err;
 		}
 
 	if (EVP_PKEY_missing_parameters(from))
 		{
 		EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARMATERS);
-		return(0);
+		goto err;
 		}
 #ifndef NO_DSA
 	if (to->type == EVP_PKEY_DSA)
@@ -157,6 +172,23 @@ EVP_PKEY *pkey;
 	return(0);
 	}
 
+int EVP_PKEY_cmp_parameters(a,b)
+EVP_PKEY *a,*b;
+	{
+#ifndef NO_DSA
+	if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
+		{
+		if (	BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
+			BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) ||
+			BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g))
+			return(0);
+		else
+			return(1);
+		}
+#endif
+	return(-1);
+	}
+
 EVP_PKEY *EVP_PKEY_new()
 	{
 	EVP_PKEY *ret;
@@ -198,8 +230,10 @@ int type;
 	case EVP_PKEY_RSA2:
 		return(EVP_PKEY_RSA);
 	case EVP_PKEY_DSA:
+	case EVP_PKEY_DSA1:
 	case EVP_PKEY_DSA2:
 	case EVP_PKEY_DSA3:
+	case EVP_PKEY_DSA4:
 		return(EVP_PKEY_DSA);
 	case EVP_PKEY_DH:
 		return(EVP_PKEY_DH);
@@ -216,6 +250,9 @@ EVP_PKEY *x;
 	if (x == NULL) return;
 
 	i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+	REF_PRINT("EVP_PKEY",x);
+#endif
 	if (i > 0) return;
 #ifdef REF_CHECK
 	if (i < 0)
@@ -243,6 +280,7 @@ EVP_PKEY *x;
 	case EVP_PKEY_DSA:
 	case EVP_PKEY_DSA2:
 	case EVP_PKEY_DSA3:
+	case EVP_PKEY_DSA4:
 		DSA_free(x->pkey.dsa);
 		break;
 #endif
diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c
index 46434051ae..28a8e02252 100644
--- a/crypto/evp/p_open.c
+++ b/crypto/evp/p_open.c
@@ -1,5 +1,5 @@
 /* crypto/evp/p_open.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -75,7 +75,7 @@ EVP_PKEY *priv;
 	
 	if (priv->type != EVP_PKEY_RSA)
 		{
-                EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
+		EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
 		ret= -1;
 		goto err;
                 }
@@ -90,13 +90,14 @@ EVP_PKEY *priv;
 		goto err;
 		}
 
-	i=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING);
+	i=EVP_PKEY_decrypt(key,ek,ekl,priv);
 	if (i != type->key_len)
 		{
 		/* ERROR */
 		goto err;
 		}
 
+	EVP_CIPHER_CTX_init(ctx);
 	EVP_DecryptInit(ctx,type,key,iv);
 	ret=1;
 err:
diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c
index b059c59e8a..09a408de35 100644
--- a/crypto/evp/p_seal.c
+++ b/crypto/evp/p_seal.c
@@ -1,5 +1,5 @@
 /* crypto/evp/p_seal.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -74,30 +74,23 @@ EVP_PKEY **pubk;
 int npubk;
 	{
 	unsigned char key[EVP_MAX_KEY_LENGTH];
-	int i,ret=0,n;
+	int i;
 	
 	if (npubk <= 0) return(0);
 	RAND_bytes(key,EVP_MAX_KEY_LENGTH);
 	if (type->iv_len > 0)
 		RAND_bytes(iv,type->iv_len);
 
+	EVP_CIPHER_CTX_init(ctx);
 	EVP_EncryptInit(ctx,type,key,iv);
+
 	for (i=0; i<npubk; i++)
 		{
-		if (pubk[i]->type != EVP_PKEY_RSA)
-			{
-			EVPerr(EVP_F_EVP_SEALINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
-			goto err;
-			}
-		n=RSA_public_encrypt(type->key_len,key,ek[i],pubk[i]->pkey.rsa,
-			RSA_PKCS1_PADDING);
-		if (n <= 0) goto err;
-		ekl[i]=n;
+		ekl[i]=EVP_PKEY_encrypt(ek[i],key,EVP_CIPHER_key_length(type),
+			pubk[i]);
+		if (ekl[i] <= 0) return(-1);
 		}
-	ret=npubk;
-err:
-	memset(key,0,EVP_MAX_KEY_LENGTH);
-	return(ret);
+	return(npubk);
 	}
 
 /* MACRO
diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c
index ad5bcd8ba8..073270ce31 100644
--- a/crypto/evp/p_sign.c
+++ b/crypto/evp/p_sign.c
@@ -1,5 +1,5 @@
 /* crypto/evp/p_sign.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -88,9 +88,11 @@ EVP_PKEY *pkey;
 	unsigned char m[EVP_MAX_MD_SIZE];
 	unsigned int m_len;
 	int i,ok=0,v;
+	MS_STATIC EVP_MD_CTX tmp_ctx;
 
 	*siglen=0;
-	EVP_DigestFinal(ctx,&(m[0]),&m_len);
+	memcpy(&tmp_ctx,ctx,sizeof(EVP_MD_CTX));
+	EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len);
 	for (i=0; i<4; i++)
 		{
 		v=ctx->digest->required_pkey_type[i];
diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c
index 4dbaf1ea26..8d727d8f02 100644
--- a/crypto/evp/p_verify.c
+++ b/crypto/evp/p_verify.c
@@ -1,5 +1,5 @@
 /* crypto/evp/p_verify.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -71,6 +71,7 @@ EVP_PKEY *pkey;
 	unsigned char m[EVP_MAX_MD_SIZE];
 	unsigned int m_len;
 	int i,ok=0,v;
+	MS_STATIC EVP_MD_CTX tmp_ctx;
 
 	for (i=0; i<4; i++)
 		{
@@ -87,7 +88,8 @@ EVP_PKEY *pkey;
 		EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
 		return(-1);
 		}
-	EVP_DigestFinal(ctx,&(m[0]),&m_len);
+	memcpy(&tmp_ctx,ctx,sizeof(EVP_MD_CTX));
+	EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len);
         if (ctx->digest->verify == NULL)
                 {
 		EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
@@ -97,3 +99,4 @@ EVP_PKEY *pkey;
 	return(ctx->digest->verify(ctx->digest->type,m,m_len,
 		sigbuf,siglen,pkey->pkey.ptr));
 	}
+
diff --git a/crypto/evp/pk_lib.c b/crypto/evp/pk_lib.c
new file mode 100644
index 0000000000..08f9fabbae
--- /dev/null
+++ b/crypto/evp/pk_lib.c
@@ -0,0 +1,82 @@
+/* crypto/evp/pk_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+static LHASH *pk_md=NULL;
+
+static LHASH *pk_md=NULL;
+
+int EVP_add_pkey_md(oid,pkm,md)
+int oid;
+EVP_PKEY_METHOD *pkm;
+EVP_MD *md;
+	{
+	}
+
+EVP_add_pkey(pkm)
+EVP_PKEY_METHOD *pkm;
+	{
+	}
+
+EVP_PKEY_METHOD:q
+
+
diff --git a/crypto/ex_data.c b/crypto/ex_data.c
new file mode 100644
index 0000000000..c858b518ff
--- /dev/null
+++ b/crypto/ex_data.c
@@ -0,0 +1,236 @@
+/* crypto/ex_data.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "buffer.h"
+#include "bio.h"
+#include "lhash.h"
+#include "cryptlib.h"
+
+int CRYPTO_get_ex_new_index(idx,skp,argl,argp,new_func,dup_func,free_func)
+int idx;
+STACK **skp;
+long argl;
+char *argp;
+int (*new_func)();
+int (*dup_func)();
+void (*free_func)();
+	{
+	CRYPTO_EX_DATA_FUNCS *a;
+
+	if (*skp == NULL)
+		*skp=sk_new_null();
+	if (*skp == NULL)
+		{
+		CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE);
+		return(-1);
+		}
+	a=(CRYPTO_EX_DATA_FUNCS *)Malloc(sizeof(CRYPTO_EX_DATA_FUNCS));
+	if (a == NULL)
+		{
+		CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE);
+		return(-1);
+		}
+	a->argl=argl;
+	a->argp=argp;
+	a->new_func=new_func;
+	a->dup_func=dup_func;
+	a->free_func=free_func;
+	while (sk_num(*skp) <= idx)
+		{
+		if (!sk_push(*skp,NULL))
+			{
+			CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE);
+			Free(a);
+			return(-1);
+			}
+		}
+	sk_value(*skp,idx)=(char *)a;
+	return(idx);
+	}
+
+int CRYPTO_set_ex_data(ad,idx,val)
+CRYPTO_EX_DATA *ad;
+int idx;
+char *val;
+	{
+	int i;
+
+	if (ad->sk == NULL)
+		{
+		if ((ad->sk=sk_new_null()) == NULL)
+			{
+			CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE);
+			return(0);
+			}
+		}
+	i=sk_num(ad->sk);
+
+	while (i <= idx)
+		{
+		if (!sk_push(ad->sk,NULL))
+			{
+			CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE);
+			return(0);
+			}
+		i++;
+		}
+	sk_value(ad->sk,idx)=val;
+	return(1);
+	}
+
+char *CRYPTO_get_ex_data(ad,idx)
+CRYPTO_EX_DATA *ad;
+int idx;
+	{
+	if (ad->sk == NULL)
+		return(0);
+	else if (idx >= sk_num(ad->sk))
+		return(0);
+	else
+		return(sk_value(ad->sk,idx));
+	}
+
+/* The callback is called with the 'object', which is the origional data object
+ * being duplicated, a pointer to the
+ * 'new' object to be inserted, the index, and the argi/argp
+ */
+int CRYPTO_dup_ex_data(meth,to,from)
+STACK *meth;
+CRYPTO_EX_DATA *to,*from;
+	{
+	int i,j,m,r;
+	CRYPTO_EX_DATA_FUNCS *mm;
+	char *from_d;
+
+	if (meth == NULL) return(1);
+	if (from->sk == NULL) return(1);
+	m=sk_num(meth);
+	j=sk_num(from->sk);
+	for (i=0; i<j; i++)
+		{
+		from_d=CRYPTO_get_ex_data(from,i);
+		if (i < m)
+			{
+			mm=(CRYPTO_EX_DATA_FUNCS *)sk_value(meth,i);
+			if (mm->dup_func != NULL)
+				r=mm->dup_func(to,from,(char **)&from_d,i,
+					mm->argl,mm->argp);
+			}
+		CRYPTO_set_ex_data(to,i,from_d);
+		}
+	return(1);
+	}
+
+/* Call each free callback */
+void CRYPTO_free_ex_data(meth,obj,ad)
+STACK *meth;
+char *obj;
+CRYPTO_EX_DATA *ad;
+	{
+	CRYPTO_EX_DATA_FUNCS *m;
+	char *ptr;
+	int i,max;
+
+	if (meth != NULL)
+		{
+		max=sk_num(meth);
+		for (i=0; i<max; i++)
+			{
+			m=(CRYPTO_EX_DATA_FUNCS *)sk_value(meth,i);
+			if ((m != NULL) && (m->free_func != NULL))
+				{
+				ptr=CRYPTO_get_ex_data(ad,i);
+				m->free_func(obj,ptr,ad,i,m->argl,m->argp);
+				}
+			}
+		}
+	if (ad->sk != NULL)
+		{
+		sk_free(ad->sk);
+		ad->sk=NULL;
+		}
+	}
+
+void CRYPTO_new_ex_data(meth,obj,ad)
+STACK *meth;
+char *obj;
+CRYPTO_EX_DATA *ad;
+	{
+	CRYPTO_EX_DATA_FUNCS *m;
+	char *ptr;
+	int i,max;
+
+	ad->sk=NULL;
+	if (meth != NULL)
+		{
+		max=sk_num(meth);
+		for (i=0; i<max; i++)
+			{
+			m=(CRYPTO_EX_DATA_FUNCS *)sk_value(meth,i);
+			if ((m != NULL) && (m->new_func != NULL))
+				{
+				ptr=CRYPTO_get_ex_data(ad,i);
+				m->new_func(obj,ptr,ad,i,m->argl,m->argp);
+				}
+			}
+		}
+	}
+
+
diff --git a/crypto/hmac/Makefile.ssl b/crypto/hmac/Makefile.ssl
new file mode 100644
index 0000000000..7a042b7261
--- /dev/null
+++ b/crypto/hmac/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/md/Makefile
+#
+
+DIR=	hmac
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=hmactest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=hmac.c
+LIBOBJ=hmac.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= hmac.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
new file mode 100644
index 0000000000..fb09129963
--- /dev/null
+++ b/crypto/hmac/hmac.c
@@ -0,0 +1,165 @@
+/* crypto/hmac/hmac.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "hmac.h"
+
+void HMAC_Init(ctx,key,len,md)
+HMAC_CTX *ctx;
+unsigned char *key;
+int len;
+EVP_MD *md;
+	{
+	int i,j,reset=0;
+	unsigned char pad[HMAC_MAX_MD_CBLOCK];
+
+	if (md != NULL)
+		{
+		reset=1;
+		ctx->md=md;
+		}
+	else
+		md=ctx->md;
+
+	if (key != NULL)
+		{
+		reset=1;
+		j=EVP_MD_block_size(md);
+		if (j < len)
+			{
+			EVP_DigestInit(&ctx->md_ctx,md);
+			EVP_DigestUpdate(&ctx->md_ctx,key,len);
+			EVP_DigestFinal(&(ctx->md_ctx),ctx->key,
+				&ctx->key_length);
+			}
+		else
+			{
+			memcpy(ctx->key,key,len);
+			memset(&(ctx->key[len]),0,sizeof(ctx->key)-len);
+			ctx->key_length=len;
+			}
+		}
+
+	if (reset)	
+		{
+		for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
+			pad[i]=0x36^ctx->key[i];
+		EVP_DigestInit(&ctx->i_ctx,md);
+		EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md));
+
+		for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
+			pad[i]=0x5c^ctx->key[i];
+		EVP_DigestInit(&ctx->o_ctx,md);
+		EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md));
+		}
+
+	memcpy(&ctx->md_ctx,&ctx->i_ctx,sizeof(ctx->i_ctx));
+	}
+
+void HMAC_Update(ctx,data,len)
+HMAC_CTX *ctx;
+unsigned char *data;
+int len;
+	{
+	EVP_DigestUpdate(&(ctx->md_ctx),data,len);
+	}
+
+void HMAC_Final(ctx,md,len)
+HMAC_CTX *ctx;
+unsigned char *md;
+unsigned int *len;
+	{
+	int j;
+	unsigned int i;
+	unsigned char buf[EVP_MAX_MD_SIZE];
+
+	j=EVP_MD_block_size(ctx->md);
+
+	EVP_DigestFinal(&(ctx->md_ctx),buf,&i);
+	memcpy(&(ctx->md_ctx),&(ctx->o_ctx),sizeof(ctx->o_ctx));
+	EVP_DigestUpdate(&(ctx->md_ctx),buf,i);
+	EVP_DigestFinal(&(ctx->md_ctx),md,len);
+	}
+
+void HMAC_cleanup(ctx)
+HMAC_CTX *ctx;
+	{
+	memset(ctx,0,sizeof(HMAC_CTX));
+	}
+
+unsigned char *HMAC(evp_md,key,key_len,d,n,md,md_len)
+EVP_MD *evp_md;
+unsigned char *key;
+int key_len;
+unsigned char *d;
+int n;
+unsigned char *md;
+unsigned int *md_len;
+	{
+	HMAC_CTX c;
+	static unsigned char m[EVP_MAX_MD_SIZE];
+
+	if (md == NULL) md=m;
+	HMAC_Init(&c,key,key_len,evp_md);
+	HMAC_Update(&c,d,n);
+	HMAC_Final(&c,md,md_len);
+	HMAC_cleanup(&c);
+	return(md);
+	}
+
diff --git a/crypto/hmac/hmac.h b/crypto/hmac/hmac.h
new file mode 100644
index 0000000000..e6b43f52c4
--- /dev/null
+++ b/crypto/hmac/hmac.h
@@ -0,0 +1,106 @@
+/* crypto/hmac/hmac.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#ifndef HEADER_HMAC_H
+#define HEADER_HMAC_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include "evp.h"
+
+#define HMAC_MAX_MD_CBLOCK	64
+
+typedef struct hmac_ctx_st
+	{
+	EVP_MD *md;
+	EVP_MD_CTX md_ctx;
+	EVP_MD_CTX i_ctx;
+	EVP_MD_CTX o_ctx;
+	unsigned int key_length;
+	unsigned char key[HMAC_MAX_MD_CBLOCK];
+	} HMAC_CTX;
+
+#define HMAC_size(e)	(EVP_MD_size((e)->md))
+
+#ifndef NOPROTO
+
+void HMAC_Init(HMAC_CTX *ctx, unsigned char *key, int len,
+	EVP_MD *md);
+void HMAC_Update(HMAC_CTX *ctx,unsigned char *key, int len);
+void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+void HMAC_cleanup(HMAC_CTX *ctx);
+unsigned char *HMAC(EVP_MD *evp_md, unsigned char *key, int key_len,
+	unsigned char *d, int n, unsigned char *md, unsigned int *md_len);
+
+
+#else
+
+void HMAC_Init();
+void HMAC_Update();
+void HMAC_Final();
+void HMAC_cleanup();
+unsigned char *HMAC();
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/hmac/hmactest.c b/crypto/hmac/hmactest.c
new file mode 100644
index 0000000000..5938e375dc
--- /dev/null
+++ b/crypto/hmac/hmactest.c
@@ -0,0 +1,147 @@
+/* crypto/hmac/hmactest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "hmac.h"
+
+struct test_st
+	{
+	unsigned char key[16];
+	int key_len;
+	unsigned char data[64];
+	int data_len;
+	unsigned char *digest;
+	} test[4]={
+	{	"",
+		0,
+		"More text test vectors to stuff up EBCDIC machines :-)",
+		54,
+		(unsigned char *)"e9139d1e6ee064ef8cf514fc7dc83e86",
+	},{	{0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,
+		 0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,},
+		16,
+		"Hi There",
+		8,
+		(unsigned char *)"9294727a3638bb1c13f48ef8158bfc9d",
+	},{	"Jefe",
+		4,
+		"what do ya want for nothing?",
+		28,
+		(unsigned char *)"750c783e6ab0b503eaa86e310a5db738",
+	},{
+		{0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,
+		 0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,},
+		16,
+		{0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+		 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+		 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+		 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+		 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+		 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+		 0xdd,0xdd},
+		50,
+		(unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6",
+	},
+	};
+
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int i,err=0;
+	char *p;
+
+	for (i=0; i<4; i++)
+		{
+		p=pt(HMAC(EVP_md5(),
+			test[i].key, test[i].key_len,
+			test[i].data, test[i].data_len,
+			NULL,NULL));
+
+		if (strcmp(p,(char *)test[i].digest) != 0)
+			{
+			printf("error calculating HMAC on %d entry'\n",i);
+			printf("got %s instead of %s\n",p,test[i].digest);
+			err++;
+			}
+		else
+			printf("test %d ok\n",i);
+		}
+	exit(err);
+	return(0);
+	}
+
+static char *pt(md)
+unsigned char *md;
+	{
+	int i;
+	static char buf[80];
+
+	for (i=0; i<MD5_DIGEST_LENGTH; i++)
+		sprintf(&(buf[i*2]),"%02x",md[i]);
+	return(buf);
+	}
diff --git a/crypto/idea/Makefile.uni b/crypto/idea/Makefile.uni
new file mode 100644
index 0000000000..354123dac8
--- /dev/null
+++ b/crypto/idea/Makefile.uni
@@ -0,0 +1,72 @@
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+
+DIR=    cast
+TOP=    .
+CC=     gcc
+CFLAG=	-O3 -fomit-frame-pointer
+
+CPP=    $(CC) -E
+INCLUDES=
+INSTALLTOP=/usr/local/lib
+MAKE=           make
+MAKEDEPEND=     makedepend
+MAKEFILE=       Makefile.uni
+AR=             ar r
+
+IDEA_ENC=i_cbc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=ideatest
+APPS=idea_spd
+
+LIB=libidea.a
+LIBSRC=i_skey.c i_ecb.c i_cbc.c i_cfb64.c i_ofb64.c
+LIBOBJ=i_skey.o i_ecb.o $(IDEA_ENC) i_cfb64.o i_ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= idea.h
+HEADER= idea_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+all:    $(LIB) $(TEST) $(APPS)
+
+$(LIB):    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/ranlib.sh $(LIB)
+
+test:	$(TEST)
+	./$(TEST)
+
+$(TEST): $(TEST).c $(LIB)
+	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
+
+$(APPS): $(APPS).c $(LIB)
+	$(CC) -o $(APPS) $(CFLAGS) $(APPS).c $(LIB)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+cc:
+	$(MAKE) CC="cc" CFLAG="-O" all
+
+gcc:
+	$(MAKE) CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/idea/i_cbc.c b/crypto/idea/i_cbc.c
index d17e9f29e0..716ea3f474 100644
--- a/crypto/idea/i_cbc.c
+++ b/crypto/idea/i_cbc.c
@@ -1,5 +1,5 @@
 /* crypto/idea/i_cbc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -138,3 +138,38 @@ int encrypt;
 	tin[0]=tin[1]=0;
 	}
 
+void idea_encrypt(d,key)
+unsigned long *d;
+IDEA_KEY_SCHEDULE *key;
+	{
+	register IDEA_INT *p;
+	register unsigned long x1,x2,x3,x4,t0,t1,ul;
+
+	x2=d[0];
+	x1=(x2>>16);
+	x4=d[1];
+	x3=(x4>>16);
+
+	p= &(key->data[0][0]);
+
+	E_IDEA(0);
+	E_IDEA(1);
+	E_IDEA(2);
+	E_IDEA(3);
+	E_IDEA(4);
+	E_IDEA(5);
+	E_IDEA(6);
+	E_IDEA(7);
+
+	x1&=0xffff;
+	idea_mul(x1,x1,*p,ul); p++;
+
+	t0= x3+ *(p++);
+	t1= x2+ *(p++);
+
+	x4&=0xffff;
+	idea_mul(x4,x4,*p,ul);
+
+	d[0]=(t0&0xffff)|((x1&0xffff)<<16);
+	d[1]=(x4&0xffff)|((t1&0xffff)<<16);
+	}
diff --git a/crypto/idea/i_cfb64.c b/crypto/idea/i_cfb64.c
index 366f2d19cf..8dfa7ece48 100644
--- a/crypto/idea/i_cfb64.c
+++ b/crypto/idea/i_cfb64.c
@@ -1,5 +1,5 @@
 /* crypto/idea/i_cfb64.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/idea/i_ecb.c b/crypto/idea/i_ecb.c
index b3b694b0c6..6721126db1 100644
--- a/crypto/idea/i_ecb.c
+++ b/crypto/idea/i_ecb.c
@@ -1,5 +1,5 @@
 /* crypto/idea/i_ecb.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -59,7 +59,7 @@
 #include "idea.h"
 #include "idea_lcl.h"
 
-char *IDEA_version="IDEA part of SSLeay 0.8.1b 29-Jun-1998";
+char *IDEA_version="IDEA part of SSLeay 0.9.0b 29-Jun-1998";
 
 char *idea_options()
 	{
@@ -84,55 +84,3 @@ IDEA_KEY_SCHEDULE *ks;
 	l0=l1=d[0]=d[1]=0;
 	}
 
-void idea_encrypt(d,key)
-unsigned long *d;
-IDEA_KEY_SCHEDULE *key;
-	{
-	int i;
-	register IDEA_INT *p;
-	register unsigned long x1,x2,x3,x4,t0,t1,ul;
-
-	x2=d[0];
-	x1=(x2>>16);
-	x4=d[1];
-	x3=(x4>>16);
-
-	p= &(key->data[0][0]);
-	for (i=0; i<8; i++)
-		{
-		x1&=0xffff;
-		idea_mul(x1,x1,*p,ul); p++;
-
-		x2+= *(p++);
-		x3+= *(p++);
-
-		x4&=0xffff;
-		idea_mul(x4,x4,*p,ul); p++;
-
-		t0=(x1^x3)&0xffff;
-		idea_mul(t0,t0,*p,ul); p++;
-
-		t1=(t0+(x2^x4))&0xffff;
-		idea_mul(t1,t1,*p,ul); p++;
-
-		t0+=t1;
-
-		x1^=t1;
-		x4^=t0;
-		ul=x2^t0;		/* do the swap to x3 */
-		x2=x3^t1;
-		x3=ul;
-		}
-
-	x1&=0xffff;
-	idea_mul(x1,x1,*p,ul); p++;
-
-	t0= x3+ *(p++);
-	t1= x2+ *(p++);
-
-	x4&=0xffff;
-	idea_mul(x4,x4,*p,ul);
-
-	d[0]=(t0&0xffff)|((x1&0xffff)<<16);
-	d[1]=(x4&0xffff)|((t1&0xffff)<<16);
-	}
diff --git a/crypto/idea/i_ofb64.c b/crypto/idea/i_ofb64.c
index 43a9584a37..d687adb22d 100644
--- a/crypto/idea/i_ofb64.c
+++ b/crypto/idea/i_ofb64.c
@@ -1,5 +1,5 @@
 /* crypto/idea/i_ofb64.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/idea/i_skey.c b/crypto/idea/i_skey.c
index fcbdb691e2..00fcc1e586 100644
--- a/crypto/idea/i_skey.c
+++ b/crypto/idea/i_skey.c
@@ -1,5 +1,5 @@
 /* crypto/idea/i_skey.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/idea/idea_lcl.h b/crypto/idea/idea_lcl.h
index fcd007f2b4..4cf256ae87 100644
--- a/crypto/idea/idea_lcl.h
+++ b/crypto/idea/idea_lcl.h
@@ -1,5 +1,5 @@
 /* crypto/idea/idea_lcl.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -65,7 +65,6 @@ if (ul != 0) \
 	{ \
 	r=(ul&0xffff)-(ul>>16); \
 	r-=((r)>>16); \
-/*	if (r&0xffff0000L) r=(r+0x10001); */ \
 	} \
 else \
 	r=(-(int)a-b+1); /* assuming a or b is 0 and in range */ \
@@ -195,3 +194,22 @@ else	{ \
 			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
 			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
 #endif
+
+#define E_IDEA(num) \
+	x1&=0xffff; \
+	idea_mul(x1,x1,*p,ul); p++; \
+	x2+= *(p++); \
+	x3+= *(p++); \
+	x4&=0xffff; \
+	idea_mul(x4,x4,*p,ul); p++; \
+	t0=(x1^x3)&0xffff; \
+	idea_mul(t0,t0,*p,ul); p++; \
+	t1=(t0+(x2^x4))&0xffff; \
+	idea_mul(t1,t1,*p,ul); p++; \
+	t0+=t1; \
+	x1^=t1; \
+	x4^=t0; \
+	ul=x2^t0; /* do the swap to x3 */ \
+	x2=x3^t1; \
+	x3=ul;
+
diff --git a/crypto/idea/idea_spd.c b/crypto/idea/idea_spd.c
new file mode 100644
index 0000000000..4b3eec5123
--- /dev/null
+++ b/crypto/idea/idea_spd.c
@@ -0,0 +1,315 @@
+/* crypto/idea/idea_spd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+	time_t tms_utime;
+	time_t tms_stime;
+	time_t tms_uchild;	/* I dunno...  */
+	time_t tms_uchildsys;	/* so these names are a guess :-) */
+	}
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "idea.h"
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ	100.0
+#else /* VMS */
+#define HZ	100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE	((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+	{
+	signal(SIGALRM,sig_done);
+	run=0;
+#ifdef LINT
+	sig=sig;
+#endif
+	}
+#endif
+
+#define START	0
+#define STOP	1
+
+double Time_F(s)
+int s;
+	{
+	double ret;
+#ifdef TIMES
+	static struct tms tstart,tend;
+
+	if (s == START)
+		{
+		times(&tstart);
+		return(0);
+		}
+	else
+		{
+		times(&tend);
+		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#else /* !times() */
+	static struct timeb tstart,tend;
+	long i;
+
+	if (s == START)
+		{
+		ftime(&tstart);
+		return(0);
+		}
+	else
+		{
+		ftime(&tend);
+		i=(long)tend.millitm-(long)tstart.millitm;
+		ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#endif
+	}
+
+int main(argc,argv)
+int argc;
+char **argv;
+	{
+	long count;
+	static unsigned char buf[BUFSIZE];
+	static unsigned char key[] ={
+			0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+			0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+			};
+	IDEA_KEY_SCHEDULE sch;
+	double a,aa,b,c,d;
+#ifndef SIGALRM
+	long ca,cca,cb,cc;
+#endif
+
+#ifndef TIMES
+	printf("To get the most acurate results, try to run this\n");
+	printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+	printf("First we calculate the approximate speed ...\n");
+	idea_set_encrypt_key(key,&sch);
+	count=10;
+	do	{
+		long i;
+		IDEA_INT data[2];
+
+		count*=2;
+		Time_F(START);
+		for (i=count; i; i--)
+			idea_encrypt(data,&sch);
+		d=Time_F(STOP);
+		} while (d < 3.0);
+	ca=count/4;
+	cca=count/200;
+	cb=count;
+	cc=count*8/BUFSIZE+1;
+	printf("idea_set_encrypt_key %ld times\n",ca);
+#define COND(d)	(count <= (d))
+#define COUNT(d) (d)
+#else
+#define COND(c)	(run)
+#define COUNT(d) (count)
+	signal(SIGALRM,sig_done);
+	printf("Doing idea_set_encrypt_key for 10 seconds\n");
+	alarm(10);
+#endif
+
+	Time_F(START);
+	for (count=0,run=1; COND(ca); count+=4)
+		{
+		idea_set_encrypt_key(key,&sch);
+		idea_set_encrypt_key(key,&sch);
+		idea_set_encrypt_key(key,&sch);
+		idea_set_encrypt_key(key,&sch);
+		}
+	d=Time_F(STOP);
+	printf("%ld idea idea_set_encrypt_key's in %.2f seconds\n",count,d);
+	a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+	printf("Doing idea_set_decrypt_key for 10 seconds\n");
+	alarm(10);
+#else
+	printf("Doing idea_set_decrypt_key %ld times\n",cca);
+#endif
+
+	Time_F(START);
+	for (count=0,run=1; COND(cca); count+=4)
+		{
+		idea_set_decrypt_key(&sch,&sch);
+		idea_set_decrypt_key(&sch,&sch);
+		idea_set_decrypt_key(&sch,&sch);
+		idea_set_decrypt_key(&sch,&sch);
+		}
+	d=Time_F(STOP);
+	printf("%ld idea idea_set_decrypt_key's in %.2f seconds\n",count,d);
+	aa=((double)COUNT(cca))/d;
+
+#ifdef SIGALRM
+	printf("Doing idea_encrypt's for 10 seconds\n");
+	alarm(10);
+#else
+	printf("Doing idea_encrypt %ld times\n",cb);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(cb); count+=4)
+		{
+		unsigned long data[2];
+
+		idea_encrypt(data,&sch);
+		idea_encrypt(data,&sch);
+		idea_encrypt(data,&sch);
+		idea_encrypt(data,&sch);
+		}
+	d=Time_F(STOP);
+	printf("%ld idea_encrypt's in %.2f second\n",count,d);
+	b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+	printf("Doing idea_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+		BUFSIZE);
+	alarm(10);
+#else
+	printf("Doing idea_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+		BUFSIZE);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(cc); count++)
+		idea_cbc_encrypt(buf,buf,BUFSIZE,&sch,
+			&(key[0]),IDEA_ENCRYPT);
+	d=Time_F(STOP);
+	printf("%ld idea_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+		count,BUFSIZE,d);
+	c=((double)COUNT(cc)*BUFSIZE)/d;
+
+	printf("IDEA set_encrypt_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+	printf("IDEA set_decrypt_key per sec = %12.2f (%9.3fuS)\n",aa,1.0e6/aa);
+	printf("IDEA raw ecb bytes   per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
+	printf("IDEA cbc     bytes   per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+	exit(0);
+#if defined(LINT) || defined(MSDOS)
+	return(0);
+#endif
+	}
+
diff --git a/crypto/idea/ideatest.c b/crypto/idea/ideatest.c
index ee01ba5b2c..6eff9029cc 100644
--- a/crypto/idea/ideatest.c
+++ b/crypto/idea/ideatest.c
@@ -1,5 +1,5 @@
 /* crypto/idea/ideatest.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/lhash/lh_stats.c b/crypto/lhash/lh_stats.c
index 824eb6215c..23fe82f777 100644
--- a/crypto/lhash/lh_stats.c
+++ b/crypto/lhash/lh_stats.c
@@ -1,5 +1,5 @@
 /* crypto/lhash/lh_stats.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -59,9 +59,9 @@
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
-/* If you wish to build this outside of SSLeay, remove the following line
+/* If you wish to build this outside of SSLeay, remove the following lines
  * and things should work as expected */
-#include "bio.h"
+#include "cryptlib.h"
 
 #include "lhash.h"
 
@@ -141,7 +141,7 @@ FILE *out;
 
 #else
 
-#ifndef WIN16
+#ifndef NO_FP_API
 void lh_stats(lh,fp)
 LHASH *lh;
 FILE *fp;
diff --git a/crypto/lhash/lh_test.c b/crypto/lhash/lh_test.c
index f90b3bbd24..294b42bc82 100644
--- a/crypto/lhash/lh_test.c
+++ b/crypto/lhash/lh_test.c
@@ -1,5 +1,5 @@
 /* crypto/lhash/lh_test.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c
index 3e61248946..6dfb5c9ccc 100644
--- a/crypto/lhash/lhash.c
+++ b/crypto/lhash/lhash.c
@@ -1,5 +1,5 @@
 /* crypto/lhash/lhash.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
-char *lh_version="lhash part of SSLeay 0.8.1b 29-Jun-1998";
+char *lh_version="lhash part of SSLeay 0.9.0b 29-Jun-1998";
 
 /* Code for dynamic hash table routines
  * Author - Eric Young v 2.0
diff --git a/crypto/lhash/lhash.h b/crypto/lhash/lhash.h
index 66678cf393..70cbc6dfe7 100644
--- a/crypto/lhash/lhash.h
+++ b/crypto/lhash/lhash.h
@@ -1,5 +1,5 @@
 /* crypto/lhash/lhash.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -116,7 +116,7 @@ void lh_doall(LHASH *lh, void (*func)(/* char *b */));
 void lh_doall_arg(LHASH *lh, void (*func)(/*char *a,char *b*/),char *arg);
 unsigned long lh_strhash(char *c);
 
-#ifndef WIN16
+#ifndef NO_FP_API
 void lh_stats(LHASH *lh, FILE *out);
 void lh_node_stats(LHASH *lh, FILE *out);
 void lh_node_usage_stats(LHASH *lh, FILE *out);
@@ -137,7 +137,7 @@ void lh_doall();
 void lh_doall_arg();
 unsigned long lh_strhash();
 
-#ifndef WIN16
+#ifndef NO_FP_API
 void lh_stats();
 void lh_node_stats();
 void lh_node_usage_stats();
diff --git a/crypto/md2/Makefile.ssl b/crypto/md2/Makefile.ssl
new file mode 100644
index 0000000000..d8e7200c83
--- /dev/null
+++ b/crypto/md2/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/md/Makefile
+#
+
+DIR=	md
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=md2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md2_dgst.c md5_one.c
+LIBOBJ=md2_dgst.o md2_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= md2.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/md2/md2.c b/crypto/md2/md2.c
new file mode 100644
index 0000000000..7f3ab64a43
--- /dev/null
+++ b/crypto/md2/md2.c
@@ -0,0 +1,136 @@
+/* crypto/md2/md2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "md2.h"
+
+#define BUFSIZE	1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+void exit(int);
+#else
+void do_fp();
+void pt();
+int read();
+void exit();
+#endif
+
+int main(argc, argv)
+int argc;
+char *argv[];
+	{
+	int i,err=0;
+	FILE *IN;
+
+	if (argc == 1)
+		{
+		do_fp(stdin);
+		}
+	else
+		{
+		for (i=1; i<argc; i++)
+			{
+			IN=fopen(argv[i],"r");
+			if (IN == NULL)
+				{
+				perror(argv[i]);
+				err++;
+				continue;
+				}
+			printf("MD2(%s)= ",argv[i]);
+			do_fp(IN);
+			fclose(IN);
+			}
+		}
+	exit(err);
+	return(err);
+	}
+
+void do_fp(f)
+FILE *f;
+	{
+	MD2_CTX c;
+	unsigned char md[MD2_DIGEST_LENGTH];
+	int fd,i;
+	static unsigned char buf[BUFSIZE];
+
+	fd=fileno(f);
+	MD2_Init(&c);
+	for (;;)
+		{
+		i=read(fd,buf,BUFSIZE);
+		if (i <= 0) break;
+		MD2_Update(&c,buf,(unsigned long)i);
+		}
+	MD2_Final(&(md[0]),&c);
+	pt(md);
+	}
+
+void pt(md)
+unsigned char *md;
+	{
+	int i;
+
+	for (i=0; i<MD2_DIGEST_LENGTH; i++)
+		printf("%02x",md[i]);
+	printf("\n");
+	}
diff --git a/crypto/md2/md2.h b/crypto/md2/md2.h
new file mode 100644
index 0000000000..9f39933790
--- /dev/null
+++ b/crypto/md2/md2.h
@@ -0,0 +1,106 @@
+/* crypto/md/md2.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify md2.org since md2.h is automatically generated from 
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+
+#ifndef HEADER_MD2_H
+#define HEADER_MD2_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define MD2_DIGEST_LENGTH	16
+#define MD2_BLOCK       	16
+
+#define MD2_INT unsigned int
+
+typedef struct MD2state_st
+	{
+	int num;
+	unsigned char data[MD2_BLOCK];
+	MD2_INT cksm[MD2_BLOCK];
+	MD2_INT state[MD2_BLOCK];
+	} MD2_CTX;
+
+#ifndef NOPROTO
+char *MD2_options(void);
+void MD2_Init(MD2_CTX *c);
+void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len);
+void MD2_Final(unsigned char *md, MD2_CTX *c);
+unsigned char *MD2(unsigned char *d, unsigned long n,unsigned char *md);
+#else
+char *MD2_options();
+void MD2_Init();
+void MD2_Update();
+void MD2_Final();
+unsigned char *MD2();
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/md2/md2.org b/crypto/md2/md2.org
new file mode 100644
index 0000000000..9f39933790
--- /dev/null
+++ b/crypto/md2/md2.org
@@ -0,0 +1,106 @@
+/* crypto/md/md2.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify md2.org since md2.h is automatically generated from 
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+
+#ifndef HEADER_MD2_H
+#define HEADER_MD2_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define MD2_DIGEST_LENGTH	16
+#define MD2_BLOCK       	16
+
+#define MD2_INT unsigned int
+
+typedef struct MD2state_st
+	{
+	int num;
+	unsigned char data[MD2_BLOCK];
+	MD2_INT cksm[MD2_BLOCK];
+	MD2_INT state[MD2_BLOCK];
+	} MD2_CTX;
+
+#ifndef NOPROTO
+char *MD2_options(void);
+void MD2_Init(MD2_CTX *c);
+void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len);
+void MD2_Final(unsigned char *md, MD2_CTX *c);
+unsigned char *MD2(unsigned char *d, unsigned long n,unsigned char *md);
+#else
+char *MD2_options();
+void MD2_Init();
+void MD2_Update();
+void MD2_Final();
+unsigned char *MD2();
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/md2/md2_dgst.c b/crypto/md2/md2_dgst.c
new file mode 100644
index 0000000000..5cbd36f3fe
--- /dev/null
+++ b/crypto/md2/md2_dgst.c
@@ -0,0 +1,235 @@
+/* crypto/md2/md2_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "md2.h"
+
+char *MD2_version="MD2 part of SSLeay 0.9.0b 29-Jun-1998";
+
+/* Implemented from RFC1319 The MD2 Message-Digest Algorithm
+ */
+
+#define UCHAR	unsigned char
+
+#ifndef NOPROTO
+static void md2_block(MD2_CTX *c, unsigned char *d);
+#else
+static void md2_block();
+#endif
+
+/* The magic S table - I have converted it to hex since it is
+ * basicaly just a random byte string. */
+static MD2_INT S[256]={
+	0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
+	0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
+	0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
+	0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, 0x82, 0xCA,
+	0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
+	0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12,
+	0xBE, 0x4E, 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49,
+	0xA0, 0xFB, 0xF5, 0x8E, 0xBB, 0x2F, 0xEE, 0x7A,
+	0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, 0x07, 0x3F,
+	0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
+	0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27,
+	0x35, 0x3E, 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03,
+	0xFF, 0x19, 0x30, 0xB3, 0x48, 0xA5, 0xB5, 0xD1,
+	0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, 0xAA, 0xC6,
+	0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
+	0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1,
+	0x45, 0x9D, 0x70, 0x59, 0x64, 0x71, 0x87, 0x20,
+	0x86, 0x5B, 0xCF, 0x65, 0xE6, 0x2D, 0xA8, 0x02,
+	0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, 0xB9, 0xF6,
+	0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
+	0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A,
+	0xC3, 0x5C, 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26,
+	0x2C, 0x53, 0x0D, 0x6E, 0x85, 0x28, 0x84, 0x09,
+	0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, 0x4D, 0x52,
+	0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
+	0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A,
+	0x78, 0x88, 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D,
+	0xE9, 0xCB, 0xD5, 0xFE, 0x3B, 0x00, 0x1D, 0x39,
+	0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4,
+	0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
+	0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A,
+	0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14,
+	};
+
+char *MD2_options()
+	{
+	if (sizeof(MD2_INT) == 1)
+		return("md2(char)");
+	else
+		return("md2(int)");
+	}
+
+void MD2_Init(c)
+MD2_CTX *c;
+	{
+	c->num=0;
+	memset(c->state,0,MD2_BLOCK*sizeof(MD2_INT));
+	memset(c->cksm,0,MD2_BLOCK*sizeof(MD2_INT));
+	memset(c->data,0,MD2_BLOCK);
+	}
+
+void MD2_Update(c, data, len)
+MD2_CTX *c;
+register unsigned char *data;
+unsigned long len;
+	{
+	register UCHAR *p;
+
+	if (len == 0) return;
+
+	p=c->data;
+	if (c->num != 0)
+		{
+		if ((c->num+len) >= MD2_BLOCK)
+			{
+			memcpy(&(p[c->num]),data,MD2_BLOCK-c->num);
+			md2_block(c,c->data);
+			data+=(MD2_BLOCK - c->num);
+			len-=(MD2_BLOCK - c->num);
+			c->num=0;
+			/* drop through and do the rest */
+			}
+		else
+			{
+			memcpy(&(p[c->num]),data,(int)len);
+			/* data+=len; */
+			c->num+=(int)len;
+			return;
+			}
+		}
+	/* we now can process the input data in blocks of MD2_BLOCK
+	 * chars and save the leftovers to c->data. */
+	while (len >= MD2_BLOCK)
+		{
+		md2_block(c,data);
+		data+=MD2_BLOCK;
+		len-=MD2_BLOCK;
+		}
+	memcpy(p,data,(int)len);
+	c->num=(int)len;
+	}
+
+static void md2_block(c, d)
+MD2_CTX *c;
+unsigned char *d;
+	{
+	register MD2_INT t,*sp1,*sp2;
+	register int i,j;
+	MD2_INT state[48];
+
+	sp1=c->state;
+	sp2=c->cksm;
+	j=sp2[MD2_BLOCK-1];
+	for (i=0; i<16; i++)
+		{
+		state[i]=sp1[i];
+		state[i+16]=t=d[i];
+		state[i+32]=(t^sp1[i]);
+		j=sp2[i]^=S[t^j];
+		}
+	t=0;
+	for (i=0; i<18; i++)
+		{
+		for (j=0; j<48; j+=8)
+			{
+			t= state[j+ 0]^=S[t];
+			t= state[j+ 1]^=S[t];
+			t= state[j+ 2]^=S[t];
+			t= state[j+ 3]^=S[t];
+			t= state[j+ 4]^=S[t];
+			t= state[j+ 5]^=S[t];
+			t= state[j+ 6]^=S[t];
+			t= state[j+ 7]^=S[t];
+			}
+		t=(t+i)&0xff;
+		}
+	memcpy(sp1,state,16*sizeof(MD2_INT));
+	memset(state,0,48*sizeof(MD2_INT));
+	}
+
+void MD2_Final(md, c)
+unsigned char *md;
+MD2_CTX *c;
+	{
+	int i,v;
+	register UCHAR *cp;
+	register MD2_INT *p1,*p2;
+
+	cp=c->data;
+	p1=c->state;
+	p2=c->cksm;
+	v=MD2_BLOCK-c->num;
+	for (i=c->num; i<MD2_BLOCK; i++)
+		cp[i]=(UCHAR)v;
+
+	md2_block(c,cp);
+
+	for (i=0; i<MD2_BLOCK; i++)
+		cp[i]=(UCHAR)p2[i];
+	md2_block(c,cp);
+
+	for (i=0; i<16; i++)
+		md[i]=(UCHAR)(p1[i]&0xff);
+	memset((char *)&c,0,sizeof(c));
+	}
+
diff --git a/crypto/md2/md2_one.c b/crypto/md2/md2_one.c
new file mode 100644
index 0000000000..513bf62fdb
--- /dev/null
+++ b/crypto/md2/md2_one.c
@@ -0,0 +1,80 @@
+/* crypto/md2/md2_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "md2.h"
+
+/* This is a separate file so that #defines in cryptlib.h can
+ * map my MD functions to different names */
+
+unsigned char *MD2(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+	{
+	MD2_CTX c;
+	static unsigned char m[MD2_DIGEST_LENGTH];
+
+	if (md == NULL) md=m;
+	MD2_Init(&c);
+	MD2_Update(&c,d,n);
+	MD2_Final(md,&c);
+	memset(&c,0,sizeof(c));	/* Security consideration */
+	return(md);
+	}
diff --git a/crypto/md2/md2test.c b/crypto/md2/md2test.c
new file mode 100644
index 0000000000..55924d44cd
--- /dev/null
+++ b/crypto/md2/md2test.c
@@ -0,0 +1,130 @@
+/* crypto/md2/md2test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "md2.h"
+
+char *test[]={
+	"",
+	"a",
+	"abc",
+	"message digest",
+	"abcdefghijklmnopqrstuvwxyz",
+	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+	"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+	NULL,
+	};
+
+char *ret[]={
+	"8350e5a3e24c153df2275c9f80692773",
+	"32ec01ec4a6dac72c0ab96fb34c0b5d1",
+	"da853b0d3f88d99b30283a69e6ded6bb",
+	"ab4f496bfb2a530b219ff33031fe06b0",
+	"4e8ddff3650292ab5a4108c3aa47940b",
+	"da33def2a42df13975352846c30338cd",
+	"d5976f79d83d3a0dc9806c3c66f3efd8",
+	};
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int i,err=0;
+	char **P,**R;
+	char *p;
+
+	P=test;
+	R=ret;
+	i=1;
+	while (*P != NULL)
+		{
+		p=pt(MD2((unsigned char *)*P,(unsigned long)strlen(*P),NULL));
+		if (strcmp(p,*R) != 0)
+			{
+			printf("error calculating MD2 on '%s'\n",*P);
+			printf("got %s instead of %s\n",p,*R);
+			err++;
+			}
+		else
+			printf("test %d ok\n",i);
+		i++;
+		R++;
+		P++;
+		}
+	exit(err);
+	return(0);
+	}
+
+static char *pt(md)
+unsigned char *md;
+	{
+	int i;
+	static char buf[80];
+
+	for (i=0; i<MD2_DIGEST_LENGTH; i++)
+		sprintf(&(buf[i*2]),"%02x",md[i]);
+	return(buf);
+	}
diff --git a/crypto/md5/Makefile.ssl b/crypto/md5/Makefile.ssl
new file mode 100644
index 0000000000..47e1ce05ca
--- /dev/null
+++ b/crypto/md5/Makefile.ssl
@@ -0,0 +1,104 @@
+#
+# SSLeay/crypto/md5/Makefile
+#
+
+DIR=    md5
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPEND=     makedepend -f Makefile.ssl
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+MD5_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=md5test.c
+APPS=md5.c
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md5_dgst.c md5_one.c
+LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= md5.h
+HEADER= md5_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+# elf
+asm/mx86-elf.o: asm/mx86unix.cpp
+	$(CPP) -DELF asm/mx86unix.cpp | as -o asm/mx86-elf.o
+
+# solaris
+asm/mx86-sol.o: asm/mx86unix.cpp
+	$(CC) -E -DSOL asm/mx86unix.cpp | sed 's/^#.*//' > asm/mx86-sol.s
+	as -o asm/mx86-sol.o asm/mx86-sol.s
+	rm -f asm/mx86-sol.s
+
+# a.out
+asm/mx86-out.o: asm/mx86unix.cpp
+	$(CPP) -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o
+
+# bsdi
+asm/mx86bsdi.o: asm/mx86unix.cpp
+	$(CPP) -DBSDI asm/mx86unix.cpp | as -o asm/mx86bsdi.o
+
+asm/mx86unix.cpp:
+	(cd asm; perl md5-586.pl cpp >mx86unix.cpp)
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/md5/Makefile.uni b/crypto/md5/Makefile.uni
new file mode 100644
index 0000000000..54685712db
--- /dev/null
+++ b/crypto/md5/Makefile.uni
@@ -0,0 +1,109 @@
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+# make x86-elf  - linux-elf etc
+# make x86-out  - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+DIR=    md5
+TOP=    .
+CC=     gcc
+CFLAG=	-O3 -fomit-frame-pointer
+
+CPP=    $(CC) -E
+INCLUDES=
+INSTALLTOP=/usr/local/lib
+MAKE=           make
+MAKEDEPEND=     makedepend
+MAKEFILE=       Makefile.uni
+AR=             ar r
+
+MD5_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=md5test
+APPS=md5
+
+LIB=libmd5.a
+LIBSRC=md5_dgst.c md5_one.c
+LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= md5.h
+HEADER= md5_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+all:    $(LIB) $(TEST) $(APPS)
+
+$(LIB):    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/ranlib.sh $(LIB)
+
+# elf
+asm/mx86-elf.o: asm/mx86unix.cpp
+	$(CPP) -DELF asm/mx86unix.cpp | as -o asm/mx86-elf.o
+
+# solaris
+asm/mx86-sol.o: asm/mx86unix.cpp
+	$(CC) -E -DSOL asm/mx86unix.cpp | sed 's/^#.*//' > asm/mx86-sol.s
+	as -o asm/mx86-sol.o asm/mx86-sol.s
+	rm -f asm/mx86-sol.s
+
+# a.out
+asm/mx86-out.o: asm/mx86unix.cpp
+	$(CPP) -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o
+
+# bsdi
+asm/mx86bsdi.o: asm/mx86unix.cpp
+	$(CPP) -DBSDI asm/mx86unix.cpp | as -o asm/mx86bsdi.o
+
+asm/mx86unix.cpp:
+	(cd asm; perl md5-586.pl cpp >mx86unix.cpp)
+
+test:	$(TEST)
+	./$(TEST)
+
+$(TEST): $(TEST).c $(LIB)
+	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
+
+$(APPS): $(APPS).c $(LIB)
+	$(CC) -o $(APPS) $(CFLAGS) $(APPS).c $(LIB)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+cc:
+	$(MAKE) MD5_ASM_OBJ="" CC="cc" CFLAG="-O" all
+
+gcc:
+	$(MAKE) MD5_ASM_OBJ="" CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
+
+x86-elf:
+	$(MAKE) MD5_ASM_OBJ="asm/mx86-elf.o" CFLAG="-DELF -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
+
+x86-out:
+	$(MAKE) MD5_ASM_OBJ="asm/mx86-out.o" CFLAG="-DOUT -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
+
+x86-solaris:
+	$(MAKE) MD5_ASM_OBJ="asm/mx86-sol.o" CFLAG="-DSOL -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
+
+x86-bdsi:
+	$(MAKE) MD5_ASM_OBJ="asm/mx86-bdsi.o" CFLAG="-DBDSI -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/md5/asm/m5-win32.asm b/crypto/md5/asm/m5-win32.asm
new file mode 100644
index 0000000000..c2081da746
--- /dev/null
+++ b/crypto/md5/asm/m5-win32.asm
@@ -0,0 +1,686 @@
+	; Don't even think of reading this code
+	; It was automatically generated by md5-586.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, BSDI,Win32, or Solaris
+	; eric <eay@cryptsoft.com>
+	; 
+	TITLE	md5-586.asm
+        .386
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_md5_block_x86
+
+_md5_block_x86 PROC NEAR
+	push	esi
+	push	edi
+	mov	edi,		DWORD PTR 12[esp]
+	mov	esi,		DWORD PTR 16[esp]
+	mov	ecx,		DWORD PTR 20[esp]
+	push	ebp
+	push	ebx
+	add	ecx,		esi
+	sub	ecx,		64
+	mov	eax,		DWORD PTR [edi]
+	push	ecx
+	mov	ebx,		DWORD PTR 4[edi]
+	mov	ecx,		DWORD PTR 8[edi]
+	mov	edx,		DWORD PTR 12[edi]
+L000start:
+	; 
+	; R0 section
+	mov	edi,		ecx
+	mov	ebp,		DWORD PTR [esi]
+	; R0 0
+	xor	edi,		edx
+	and	edi,		ebx
+	lea	eax,		DWORD PTR 3614090360[ebp*1+eax]
+	mov	ebp,		DWORD PTR 4[esi]
+	xor	edi,		edx
+	add	eax,		edi
+	mov	edi,		ebx
+	rol	eax,		7
+	add	eax,		ebx
+	; R0 1
+	xor	edi,		ecx
+	and	edi,		eax
+	lea	edx,		DWORD PTR 3905402710[ebp*1+edx]
+	mov	ebp,		DWORD PTR 8[esi]
+	xor	edi,		ecx
+	add	edx,		edi
+	mov	edi,		eax
+	rol	edx,		12
+	add	edx,		eax
+	; R0 2
+	xor	edi,		ebx
+	and	edi,		edx
+	lea	ecx,		DWORD PTR 606105819[ebp*1+ecx]
+	mov	ebp,		DWORD PTR 12[esi]
+	xor	edi,		ebx
+	add	ecx,		edi
+	mov	edi,		edx
+	rol	ecx,		17
+	add	ecx,		edx
+	; R0 3
+	xor	edi,		eax
+	and	edi,		ecx
+	lea	ebx,		DWORD PTR 3250441966[ebp*1+ebx]
+	mov	ebp,		DWORD PTR 16[esi]
+	xor	edi,		eax
+	add	ebx,		edi
+	mov	edi,		ecx
+	rol	ebx,		22
+	add	ebx,		ecx
+	; R0 4
+	xor	edi,		edx
+	and	edi,		ebx
+	lea	eax,		DWORD PTR 4118548399[ebp*1+eax]
+	mov	ebp,		DWORD PTR 20[esi]
+	xor	edi,		edx
+	add	eax,		edi
+	mov	edi,		ebx
+	rol	eax,		7
+	add	eax,		ebx
+	; R0 5
+	xor	edi,		ecx
+	and	edi,		eax
+	lea	edx,		DWORD PTR 1200080426[ebp*1+edx]
+	mov	ebp,		DWORD PTR 24[esi]
+	xor	edi,		ecx
+	add	edx,		edi
+	mov	edi,		eax
+	rol	edx,		12
+	add	edx,		eax
+	; R0 6
+	xor	edi,		ebx
+	and	edi,		edx
+	lea	ecx,		DWORD PTR 2821735955[ebp*1+ecx]
+	mov	ebp,		DWORD PTR 28[esi]
+	xor	edi,		ebx
+	add	ecx,		edi
+	mov	edi,		edx
+	rol	ecx,		17
+	add	ecx,		edx
+	; R0 7
+	xor	edi,		eax
+	and	edi,		ecx
+	lea	ebx,		DWORD PTR 4249261313[ebp*1+ebx]
+	mov	ebp,		DWORD PTR 32[esi]
+	xor	edi,		eax
+	add	ebx,		edi
+	mov	edi,		ecx
+	rol	ebx,		22
+	add	ebx,		ecx
+	; R0 8
+	xor	edi,		edx
+	and	edi,		ebx
+	lea	eax,		DWORD PTR 1770035416[ebp*1+eax]
+	mov	ebp,		DWORD PTR 36[esi]
+	xor	edi,		edx
+	add	eax,		edi
+	mov	edi,		ebx
+	rol	eax,		7
+	add	eax,		ebx
+	; R0 9
+	xor	edi,		ecx
+	and	edi,		eax
+	lea	edx,		DWORD PTR 2336552879[ebp*1+edx]
+	mov	ebp,		DWORD PTR 40[esi]
+	xor	edi,		ecx
+	add	edx,		edi
+	mov	edi,		eax
+	rol	edx,		12
+	add	edx,		eax
+	; R0 10
+	xor	edi,		ebx
+	and	edi,		edx
+	lea	ecx,		DWORD PTR 4294925233[ebp*1+ecx]
+	mov	ebp,		DWORD PTR 44[esi]
+	xor	edi,		ebx
+	add	ecx,		edi
+	mov	edi,		edx
+	rol	ecx,		17
+	add	ecx,		edx
+	; R0 11
+	xor	edi,		eax
+	and	edi,		ecx
+	lea	ebx,		DWORD PTR 2304563134[ebp*1+ebx]
+	mov	ebp,		DWORD PTR 48[esi]
+	xor	edi,		eax
+	add	ebx,		edi
+	mov	edi,		ecx
+	rol	ebx,		22
+	add	ebx,		ecx
+	; R0 12
+	xor	edi,		edx
+	and	edi,		ebx
+	lea	eax,		DWORD PTR 1804603682[ebp*1+eax]
+	mov	ebp,		DWORD PTR 52[esi]
+	xor	edi,		edx
+	add	eax,		edi
+	mov	edi,		ebx
+	rol	eax,		7
+	add	eax,		ebx
+	; R0 13
+	xor	edi,		ecx
+	and	edi,		eax
+	lea	edx,		DWORD PTR 4254626195[ebp*1+edx]
+	mov	ebp,		DWORD PTR 56[esi]
+	xor	edi,		ecx
+	add	edx,		edi
+	mov	edi,		eax
+	rol	edx,		12
+	add	edx,		eax
+	; R0 14
+	xor	edi,		ebx
+	and	edi,		edx
+	lea	ecx,		DWORD PTR 2792965006[ebp*1+ecx]
+	mov	ebp,		DWORD PTR 60[esi]
+	xor	edi,		ebx
+	add	ecx,		edi
+	mov	edi,		edx
+	rol	ecx,		17
+	add	ecx,		edx
+	; R0 15
+	xor	edi,		eax
+	and	edi,		ecx
+	lea	ebx,		DWORD PTR 1236535329[ebp*1+ebx]
+	mov	ebp,		DWORD PTR 4[esi]
+	xor	edi,		eax
+	add	ebx,		edi
+	mov	edi,		ecx
+	rol	ebx,		22
+	add	ebx,		ecx
+	; 
+	; R1 section
+	; R1 16
+	lea	eax,		DWORD PTR 4129170786[ebp*1+eax]
+	xor	edi,		ebx
+	and	edi,		edx
+	mov	ebp,		DWORD PTR 24[esi]
+	xor	edi,		ecx
+	add	eax,		edi
+	mov	edi,		ebx
+	rol	eax,		5
+	add	eax,		ebx
+	; R1 17
+	lea	edx,		DWORD PTR 3225465664[ebp*1+edx]
+	xor	edi,		eax
+	and	edi,		ecx
+	mov	ebp,		DWORD PTR 44[esi]
+	xor	edi,		ebx
+	add	edx,		edi
+	mov	edi,		eax
+	rol	edx,		9
+	add	edx,		eax
+	; R1 18
+	lea	ecx,		DWORD PTR 643717713[ebp*1+ecx]
+	xor	edi,		edx
+	and	edi,		ebx
+	mov	ebp,		DWORD PTR [esi]
+	xor	edi,		eax
+	add	ecx,		edi
+	mov	edi,		edx
+	rol	ecx,		14
+	add	ecx,		edx
+	; R1 19
+	lea	ebx,		DWORD PTR 3921069994[ebp*1+ebx]
+	xor	edi,		ecx
+	and	edi,		eax
+	mov	ebp,		DWORD PTR 20[esi]
+	xor	edi,		edx
+	add	ebx,		edi
+	mov	edi,		ecx
+	rol	ebx,		20
+	add	ebx,		ecx
+	; R1 20
+	lea	eax,		DWORD PTR 3593408605[ebp*1+eax]
+	xor	edi,		ebx
+	and	edi,		edx
+	mov	ebp,		DWORD PTR 40[esi]
+	xor	edi,		ecx
+	add	eax,		edi
+	mov	edi,		ebx
+	rol	eax,		5
+	add	eax,		ebx
+	; R1 21
+	lea	edx,		DWORD PTR 38016083[ebp*1+edx]
+	xor	edi,		eax
+	and	edi,		ecx
+	mov	ebp,		DWORD PTR 60[esi]
+	xor	edi,		ebx
+	add	edx,		edi
+	mov	edi,		eax
+	rol	edx,		9
+	add	edx,		eax
+	; R1 22
+	lea	ecx,		DWORD PTR 3634488961[ebp*1+ecx]
+	xor	edi,		edx
+	and	edi,		ebx
+	mov	ebp,		DWORD PTR 16[esi]
+	xor	edi,		eax
+	add	ecx,		edi
+	mov	edi,		edx
+	rol	ecx,		14
+	add	ecx,		edx
+	; R1 23
+	lea	ebx,		DWORD PTR 3889429448[ebp*1+ebx]
+	xor	edi,		ecx
+	and	edi,		eax
+	mov	ebp,		DWORD PTR 36[esi]
+	xor	edi,		edx
+	add	ebx,		edi
+	mov	edi,		ecx
+	rol	ebx,		20
+	add	ebx,		ecx
+	; R1 24
+	lea	eax,		DWORD PTR 568446438[ebp*1+eax]
+	xor	edi,		ebx
+	and	edi,		edx
+	mov	ebp,		DWORD PTR 56[esi]
+	xor	edi,		ecx
+	add	eax,		edi
+	mov	edi,		ebx
+	rol	eax,		5
+	add	eax,		ebx
+	; R1 25
+	lea	edx,		DWORD PTR 3275163606[ebp*1+edx]
+	xor	edi,		eax
+	and	edi,		ecx
+	mov	ebp,		DWORD PTR 12[esi]
+	xor	edi,		ebx
+	add	edx,		edi
+	mov	edi,		eax
+	rol	edx,		9
+	add	edx,		eax
+	; R1 26
+	lea	ecx,		DWORD PTR 4107603335[ebp*1+ecx]
+	xor	edi,		edx
+	and	edi,		ebx
+	mov	ebp,		DWORD PTR 32[esi]
+	xor	edi,		eax
+	add	ecx,		edi
+	mov	edi,		edx
+	rol	ecx,		14
+	add	ecx,		edx
+	; R1 27
+	lea	ebx,		DWORD PTR 1163531501[ebp*1+ebx]
+	xor	edi,		ecx
+	and	edi,		eax
+	mov	ebp,		DWORD PTR 52[esi]
+	xor	edi,		edx
+	add	ebx,		edi
+	mov	edi,		ecx
+	rol	ebx,		20
+	add	ebx,		ecx
+	; R1 28
+	lea	eax,		DWORD PTR 2850285829[ebp*1+eax]
+	xor	edi,		ebx
+	and	edi,		edx
+	mov	ebp,		DWORD PTR 8[esi]
+	xor	edi,		ecx
+	add	eax,		edi
+	mov	edi,		ebx
+	rol	eax,		5
+	add	eax,		ebx
+	; R1 29
+	lea	edx,		DWORD PTR 4243563512[ebp*1+edx]
+	xor	edi,		eax
+	and	edi,		ecx
+	mov	ebp,		DWORD PTR 28[esi]
+	xor	edi,		ebx
+	add	edx,		edi
+	mov	edi,		eax
+	rol	edx,		9
+	add	edx,		eax
+	; R1 30
+	lea	ecx,		DWORD PTR 1735328473[ebp*1+ecx]
+	xor	edi,		edx
+	and	edi,		ebx
+	mov	ebp,		DWORD PTR 48[esi]
+	xor	edi,		eax
+	add	ecx,		edi
+	mov	edi,		edx
+	rol	ecx,		14
+	add	ecx,		edx
+	; R1 31
+	lea	ebx,		DWORD PTR 2368359562[ebp*1+ebx]
+	xor	edi,		ecx
+	and	edi,		eax
+	mov	ebp,		DWORD PTR 20[esi]
+	xor	edi,		edx
+	add	ebx,		edi
+	mov	edi,		ecx
+	rol	ebx,		20
+	add	ebx,		ecx
+	; 
+	; R2 section
+	; R2 32
+	xor	edi,		edx
+	xor	edi,		ebx
+	lea	eax,		DWORD PTR 4294588738[ebp*1+eax]
+	add	eax,		edi
+	mov	ebp,		DWORD PTR 32[esi]
+	rol	eax,		4
+	mov	edi,		ebx
+	; R2 33
+	lea	edx,		DWORD PTR 2272392833[ebp*1+edx]
+	add	eax,		ebx
+	xor	edi,		ecx
+	xor	edi,		eax
+	mov	ebp,		DWORD PTR 44[esi]
+	add	edx,		edi
+	mov	edi,		eax
+	rol	edx,		11
+	add	edx,		eax
+	; R2 34
+	xor	edi,		ebx
+	xor	edi,		edx
+	lea	ecx,		DWORD PTR 1839030562[ebp*1+ecx]
+	add	ecx,		edi
+	mov	ebp,		DWORD PTR 56[esi]
+	rol	ecx,		16
+	mov	edi,		edx
+	; R2 35
+	lea	ebx,		DWORD PTR 4259657740[ebp*1+ebx]
+	add	ecx,		edx
+	xor	edi,		eax
+	xor	edi,		ecx
+	mov	ebp,		DWORD PTR 4[esi]
+	add	ebx,		edi
+	mov	edi,		ecx
+	rol	ebx,		23
+	add	ebx,		ecx
+	; R2 36
+	xor	edi,		edx
+	xor	edi,		ebx
+	lea	eax,		DWORD PTR 2763975236[ebp*1+eax]
+	add	eax,		edi
+	mov	ebp,		DWORD PTR 16[esi]
+	rol	eax,		4
+	mov	edi,		ebx
+	; R2 37
+	lea	edx,		DWORD PTR 1272893353[ebp*1+edx]
+	add	eax,		ebx
+	xor	edi,		ecx
+	xor	edi,		eax
+	mov	ebp,		DWORD PTR 28[esi]
+	add	edx,		edi
+	mov	edi,		eax
+	rol	edx,		11
+	add	edx,		eax
+	; R2 38
+	xor	edi,		ebx
+	xor	edi,		edx
+	lea	ecx,		DWORD PTR 4139469664[ebp*1+ecx]
+	add	ecx,		edi
+	mov	ebp,		DWORD PTR 40[esi]
+	rol	ecx,		16
+	mov	edi,		edx
+	; R2 39
+	lea	ebx,		DWORD PTR 3200236656[ebp*1+ebx]
+	add	ecx,		edx
+	xor	edi,		eax
+	xor	edi,		ecx
+	mov	ebp,		DWORD PTR 52[esi]
+	add	ebx,		edi
+	mov	edi,		ecx
+	rol	ebx,		23
+	add	ebx,		ecx
+	; R2 40
+	xor	edi,		edx
+	xor	edi,		ebx
+	lea	eax,		DWORD PTR 681279174[ebp*1+eax]
+	add	eax,		edi
+	mov	ebp,		DWORD PTR [esi]
+	rol	eax,		4
+	mov	edi,		ebx
+	; R2 41
+	lea	edx,		DWORD PTR 3936430074[ebp*1+edx]
+	add	eax,		ebx
+	xor	edi,		ecx
+	xor	edi,		eax
+	mov	ebp,		DWORD PTR 12[esi]
+	add	edx,		edi
+	mov	edi,		eax
+	rol	edx,		11
+	add	edx,		eax
+	; R2 42
+	xor	edi,		ebx
+	xor	edi,		edx
+	lea	ecx,		DWORD PTR 3572445317[ebp*1+ecx]
+	add	ecx,		edi
+	mov	ebp,		DWORD PTR 24[esi]
+	rol	ecx,		16
+	mov	edi,		edx
+	; R2 43
+	lea	ebx,		DWORD PTR 76029189[ebp*1+ebx]
+	add	ecx,		edx
+	xor	edi,		eax
+	xor	edi,		ecx
+	mov	ebp,		DWORD PTR 36[esi]
+	add	ebx,		edi
+	mov	edi,		ecx
+	rol	ebx,		23
+	add	ebx,		ecx
+	; R2 44
+	xor	edi,		edx
+	xor	edi,		ebx
+	lea	eax,		DWORD PTR 3654602809[ebp*1+eax]
+	add	eax,		edi
+	mov	ebp,		DWORD PTR 48[esi]
+	rol	eax,		4
+	mov	edi,		ebx
+	; R2 45
+	lea	edx,		DWORD PTR 3873151461[ebp*1+edx]
+	add	eax,		ebx
+	xor	edi,		ecx
+	xor	edi,		eax
+	mov	ebp,		DWORD PTR 60[esi]
+	add	edx,		edi
+	mov	edi,		eax
+	rol	edx,		11
+	add	edx,		eax
+	; R2 46
+	xor	edi,		ebx
+	xor	edi,		edx
+	lea	ecx,		DWORD PTR 530742520[ebp*1+ecx]
+	add	ecx,		edi
+	mov	ebp,		DWORD PTR 8[esi]
+	rol	ecx,		16
+	mov	edi,		edx
+	; R2 47
+	lea	ebx,		DWORD PTR 3299628645[ebp*1+ebx]
+	add	ecx,		edx
+	xor	edi,		eax
+	xor	edi,		ecx
+	mov	ebp,		DWORD PTR [esi]
+	add	ebx,		edi
+	mov	edi,		-1
+	rol	ebx,		23
+	add	ebx,		ecx
+	; 
+	; R3 section
+	; R3 48
+	xor	edi,		edx
+	or	edi,		ebx
+	lea	eax,		DWORD PTR 4096336452[ebp*1+eax]
+	xor	edi,		ecx
+	mov	ebp,		DWORD PTR 28[esi]
+	add	eax,		edi
+	mov	edi,		-1
+	rol	eax,		6
+	xor	edi,		ecx
+	add	eax,		ebx
+	; R3 49
+	or	edi,		eax
+	lea	edx,		DWORD PTR 1126891415[ebp*1+edx]
+	xor	edi,		ebx
+	mov	ebp,		DWORD PTR 56[esi]
+	add	edx,		edi
+	mov	edi,		-1
+	rol	edx,		10
+	xor	edi,		ebx
+	add	edx,		eax
+	; R3 50
+	or	edi,		edx
+	lea	ecx,		DWORD PTR 2878612391[ebp*1+ecx]
+	xor	edi,		eax
+	mov	ebp,		DWORD PTR 20[esi]
+	add	ecx,		edi
+	mov	edi,		-1
+	rol	ecx,		15
+	xor	edi,		eax
+	add	ecx,		edx
+	; R3 51
+	or	edi,		ecx
+	lea	ebx,		DWORD PTR 4237533241[ebp*1+ebx]
+	xor	edi,		edx
+	mov	ebp,		DWORD PTR 48[esi]
+	add	ebx,		edi
+	mov	edi,		-1
+	rol	ebx,		21
+	xor	edi,		edx
+	add	ebx,		ecx
+	; R3 52
+	or	edi,		ebx
+	lea	eax,		DWORD PTR 1700485571[ebp*1+eax]
+	xor	edi,		ecx
+	mov	ebp,		DWORD PTR 12[esi]
+	add	eax,		edi
+	mov	edi,		-1
+	rol	eax,		6
+	xor	edi,		ecx
+	add	eax,		ebx
+	; R3 53
+	or	edi,		eax
+	lea	edx,		DWORD PTR 2399980690[ebp*1+edx]
+	xor	edi,		ebx
+	mov	ebp,		DWORD PTR 40[esi]
+	add	edx,		edi
+	mov	edi,		-1
+	rol	edx,		10
+	xor	edi,		ebx
+	add	edx,		eax
+	; R3 54
+	or	edi,		edx
+	lea	ecx,		DWORD PTR 4293915773[ebp*1+ecx]
+	xor	edi,		eax
+	mov	ebp,		DWORD PTR 4[esi]
+	add	ecx,		edi
+	mov	edi,		-1
+	rol	ecx,		15
+	xor	edi,		eax
+	add	ecx,		edx
+	; R3 55
+	or	edi,		ecx
+	lea	ebx,		DWORD PTR 2240044497[ebp*1+ebx]
+	xor	edi,		edx
+	mov	ebp,		DWORD PTR 32[esi]
+	add	ebx,		edi
+	mov	edi,		-1
+	rol	ebx,		21
+	xor	edi,		edx
+	add	ebx,		ecx
+	; R3 56
+	or	edi,		ebx
+	lea	eax,		DWORD PTR 1873313359[ebp*1+eax]
+	xor	edi,		ecx
+	mov	ebp,		DWORD PTR 60[esi]
+	add	eax,		edi
+	mov	edi,		-1
+	rol	eax,		6
+	xor	edi,		ecx
+	add	eax,		ebx
+	; R3 57
+	or	edi,		eax
+	lea	edx,		DWORD PTR 4264355552[ebp*1+edx]
+	xor	edi,		ebx
+	mov	ebp,		DWORD PTR 24[esi]
+	add	edx,		edi
+	mov	edi,		-1
+	rol	edx,		10
+	xor	edi,		ebx
+	add	edx,		eax
+	; R3 58
+	or	edi,		edx
+	lea	ecx,		DWORD PTR 2734768916[ebp*1+ecx]
+	xor	edi,		eax
+	mov	ebp,		DWORD PTR 52[esi]
+	add	ecx,		edi
+	mov	edi,		-1
+	rol	ecx,		15
+	xor	edi,		eax
+	add	ecx,		edx
+	; R3 59
+	or	edi,		ecx
+	lea	ebx,		DWORD PTR 1309151649[ebp*1+ebx]
+	xor	edi,		edx
+	mov	ebp,		DWORD PTR 16[esi]
+	add	ebx,		edi
+	mov	edi,		-1
+	rol	ebx,		21
+	xor	edi,		edx
+	add	ebx,		ecx
+	; R3 60
+	or	edi,		ebx
+	lea	eax,		DWORD PTR 4149444226[ebp*1+eax]
+	xor	edi,		ecx
+	mov	ebp,		DWORD PTR 44[esi]
+	add	eax,		edi
+	mov	edi,		-1
+	rol	eax,		6
+	xor	edi,		ecx
+	add	eax,		ebx
+	; R3 61
+	or	edi,		eax
+	lea	edx,		DWORD PTR 3174756917[ebp*1+edx]
+	xor	edi,		ebx
+	mov	ebp,		DWORD PTR 8[esi]
+	add	edx,		edi
+	mov	edi,		-1
+	rol	edx,		10
+	xor	edi,		ebx
+	add	edx,		eax
+	; R3 62
+	or	edi,		edx
+	lea	ecx,		DWORD PTR 718787259[ebp*1+ecx]
+	xor	edi,		eax
+	mov	ebp,		DWORD PTR 36[esi]
+	add	ecx,		edi
+	mov	edi,		-1
+	rol	ecx,		15
+	xor	edi,		eax
+	add	ecx,		edx
+	; R3 63
+	or	edi,		ecx
+	lea	ebx,		DWORD PTR 3951481745[ebp*1+ebx]
+	xor	edi,		edx
+	mov	ebp,		DWORD PTR 24[esp]
+	add	ebx,		edi
+	add	esi,		64
+	rol	ebx,		21
+	mov	edi,		DWORD PTR [ebp]
+	add	ebx,		ecx
+	add	eax,		edi
+	mov	edi,		DWORD PTR 4[ebp]
+	add	ebx,		edi
+	mov	edi,		DWORD PTR 8[ebp]
+	add	ecx,		edi
+	mov	edi,		DWORD PTR 12[ebp]
+	add	edx,		edi
+	mov	DWORD PTR [ebp],eax
+	mov	DWORD PTR 4[ebp],ebx
+	mov	edi,		DWORD PTR [esp]
+	mov	DWORD PTR 8[ebp],ecx
+	mov	DWORD PTR 12[ebp],edx
+	cmp	edi,		esi
+	jge	L000start
+	pop	eax
+	pop	ebx
+	pop	ebp
+	pop	edi
+	pop	esi
+	ret
+_md5_block_x86 ENDP
+_TEXT	ENDS
+END
diff --git a/crypto/md5/asm/md5-586.pl b/crypto/md5/asm/md5-586.pl
new file mode 100644
index 0000000000..b1238e0385
--- /dev/null
+++ b/crypto/md5/asm/md5-586.pl
@@ -0,0 +1,304 @@
+#!/usr/local/bin/perl
+
+# Normal is the
+# md5_block_x86(MD5_CTX *c, ULONG *X);
+# version, non-normal is the
+# md5_block_x86(MD5_CTX *c, ULONG *X,int blocks);
+
+$normal=0;
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+$A="eax";
+$B="ebx";
+$C="ecx";
+$D="edx";
+$tmp1="edi";
+$tmp2="ebp";
+$X="esi";
+
+# What we need to load into $tmp for the next round
+%Ltmp1=("R0",&Np($C), "R1",&Np($C), "R2",&Np($C), "R3",&Np($D));
+@xo=(
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,	# R0
+ 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12,	# R1
+ 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2,	# R2
+ 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9,	# R3
+ );
+
+&md5_block("md5_block_x86");
+&asm_finish();
+
+sub Np
+	{
+	local($p)=@_;
+	local(%n)=($A,$D,$B,$A,$C,$B,$D,$C);
+	return($n{$p});
+	}
+
+sub R0
+	{
+	local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
+
+	&mov($tmp1,$C)  if $pos < 0;
+	 &mov($tmp2,&DWP($xo[$ki]*4,$K,"",0)) if $pos < 0; # very first one 
+
+	# body proper
+
+	&comment("R0 $ki");
+	&xor($tmp1,$d); # F function - part 2
+
+	&and($tmp1,$b); # F function - part 3
+	&lea($a,&DWP($t,$a,$tmp2,1));
+
+	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
+	&xor($tmp1,$d); # F function - part 4
+
+	&add($a,$tmp1);
+	&mov($tmp1,&Np($c)) if $pos < 1;	# next tmp1 for R0
+	&mov($tmp1,&Np($c)) if $pos == 1;	# next tmp1 for R1
+
+	&rotl($a,$s);
+	&add($a,$b);
+
+	}
+
+sub R1
+	{
+	local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
+
+	&comment("R1 $ki");
+
+	&lea($a,&DWP($t,$a,$tmp2,1));
+
+	&xor($tmp1,$b); # G function - part 2
+	&and($tmp1,$d); # G function - part 3
+
+	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
+	&xor($tmp1,$c);			# G function - part 4
+
+	&add($a,$tmp1);
+	&mov($tmp1,&Np($c)) if $pos < 1;	# G function - part 1
+	&mov($tmp1,&Np($c)) if $pos == 1;	# G function - part 1
+
+	&rotl($a,$s);
+
+	&add($a,$b);
+	}
+
+sub R2
+	{
+	local($n,$pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
+	# This one is different, only 3 logical operations
+
+if (($n & 1) == 0)
+	{
+	&comment("R2 $ki");
+	# make sure to do 'D' first, not 'B', else we clash with
+	# the last add from the previous round.
+
+	 &xor($tmp1,$d); # H function - part 2
+
+	&xor($tmp1,$b); # H function - part 3
+	 &lea($a,&DWP($t,$a,$tmp2,1));
+
+	&add($a,$tmp1);
+	 &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0));
+
+	&rotl($a,$s);
+
+	&mov($tmp1,&Np($c));
+	}
+else
+	{
+	&comment("R2 $ki");
+	# make sure to do 'D' first, not 'B', else we clash with
+	# the last add from the previous round.
+
+	 &lea($a,&DWP($t,$a,$tmp2,1));
+
+	&add($b,$c);			# MOVED FORWARD
+	 &xor($tmp1,$d); # H function - part 2
+
+	&xor($tmp1,$b); # H function - part 3
+	 &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
+
+	&add($a,$tmp1);
+	 &mov($tmp1,&Np($c)) if $pos < 1;	# H function - part 1
+	 &mov($tmp1,-1) if $pos == 1;		# I function - part 1
+
+	&rotl($a,$s);
+
+	&add($a,$b);
+	}
+	}
+
+sub R3
+	{
+	local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
+
+	&comment("R3 $ki");
+
+	# &not($tmp1)
+	&xor($tmp1,$d) if $pos < 0; 	# I function - part 2
+
+	&or($tmp1,$b);				# I function - part 3
+	 &lea($a,&DWP($t,$a,$tmp2,1));
+
+	&xor($tmp1,$c); 			# I function - part 4
+	 &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0))	if $pos != 2; # load X/k value
+	 &mov($tmp2,&wparam(0)) if $pos == 2;
+
+	&add($a,$tmp1);
+	 &mov($tmp1,-1) if $pos < 1;	# H function - part 1
+	 &add($K,64) if $pos >=1 && !$normal;
+
+	&rotl($a,$s);
+
+	&xor($tmp1,&Np($d)) if $pos <= 0; 	# I function - part = first time
+	&mov($tmp1,&DWP( 0,$tmp2,"",0)) if $pos > 0;
+	 &add($a,$b);
+	}
+
+
+sub md5_block
+	{
+	local($name)=@_;
+
+	&function_begin_B($name,"",3);
+
+	# parameter 1 is the MD5_CTX structure.
+	# A	0
+	# B	4
+	# C	8
+	# D 	12
+
+	&push("esi");
+	 &push("edi");
+	&mov($tmp1,	&wparam(0)); # edi
+	 &mov($X,	&wparam(1)); # esi
+	&mov($C,	&wparam(2));
+	 &push("ebp");
+	&push("ebx");
+	 &add($C,	$X); # offset we end at
+	&sub($C,	64);
+	 &mov($A,	&DWP( 0,$tmp1,"",0));
+	&push($C);	# Put on the TOS
+	 &mov($B,	&DWP( 4,$tmp1,"",0));
+	&mov($C,	&DWP( 8,$tmp1,"",0));
+	 &mov($D,	&DWP(12,$tmp1,"",0));
+
+	&set_label("start") unless $normal;
+	&comment("");
+	&comment("R0 section");
+
+	&R0(-2,$A,$B,$C,$D,$X, 0, 7,0xd76aa478);
+	&R0( 0,$D,$A,$B,$C,$X, 1,12,0xe8c7b756);
+	&R0( 0,$C,$D,$A,$B,$X, 2,17,0x242070db);
+	&R0( 0,$B,$C,$D,$A,$X, 3,22,0xc1bdceee);
+	&R0( 0,$A,$B,$C,$D,$X, 4, 7,0xf57c0faf);
+	&R0( 0,$D,$A,$B,$C,$X, 5,12,0x4787c62a);
+	&R0( 0,$C,$D,$A,$B,$X, 6,17,0xa8304613);
+	&R0( 0,$B,$C,$D,$A,$X, 7,22,0xfd469501);
+	&R0( 0,$A,$B,$C,$D,$X, 8, 7,0x698098d8);
+	&R0( 0,$D,$A,$B,$C,$X, 9,12,0x8b44f7af);
+	&R0( 0,$C,$D,$A,$B,$X,10,17,0xffff5bb1);
+	&R0( 0,$B,$C,$D,$A,$X,11,22,0x895cd7be);
+	&R0( 0,$A,$B,$C,$D,$X,12, 7,0x6b901122);
+	&R0( 0,$D,$A,$B,$C,$X,13,12,0xfd987193);
+	&R0( 0,$C,$D,$A,$B,$X,14,17,0xa679438e);
+	&R0( 1,$B,$C,$D,$A,$X,15,22,0x49b40821);
+
+	&comment("");
+	&comment("R1 section");
+	&R1(-1,$A,$B,$C,$D,$X,16, 5,0xf61e2562);
+	&R1( 0,$D,$A,$B,$C,$X,17, 9,0xc040b340);
+	&R1( 0,$C,$D,$A,$B,$X,18,14,0x265e5a51);
+	&R1( 0,$B,$C,$D,$A,$X,19,20,0xe9b6c7aa);
+	&R1( 0,$A,$B,$C,$D,$X,20, 5,0xd62f105d);
+	&R1( 0,$D,$A,$B,$C,$X,21, 9,0x02441453);
+	&R1( 0,$C,$D,$A,$B,$X,22,14,0xd8a1e681);
+	&R1( 0,$B,$C,$D,$A,$X,23,20,0xe7d3fbc8);
+	&R1( 0,$A,$B,$C,$D,$X,24, 5,0x21e1cde6);
+	&R1( 0,$D,$A,$B,$C,$X,25, 9,0xc33707d6);
+	&R1( 0,$C,$D,$A,$B,$X,26,14,0xf4d50d87);
+	&R1( 0,$B,$C,$D,$A,$X,27,20,0x455a14ed);
+	&R1( 0,$A,$B,$C,$D,$X,28, 5,0xa9e3e905);
+	&R1( 0,$D,$A,$B,$C,$X,29, 9,0xfcefa3f8);
+	&R1( 0,$C,$D,$A,$B,$X,30,14,0x676f02d9);
+	&R1( 1,$B,$C,$D,$A,$X,31,20,0x8d2a4c8a);
+
+	&comment("");
+	&comment("R2 section");
+	&R2( 0,-1,$A,$B,$C,$D,$X,32, 4,0xfffa3942);
+	&R2( 1, 0,$D,$A,$B,$C,$X,33,11,0x8771f681);
+	&R2( 2, 0,$C,$D,$A,$B,$X,34,16,0x6d9d6122);
+	&R2( 3, 0,$B,$C,$D,$A,$X,35,23,0xfde5380c);
+	&R2( 4, 0,$A,$B,$C,$D,$X,36, 4,0xa4beea44);
+	&R2( 5, 0,$D,$A,$B,$C,$X,37,11,0x4bdecfa9);
+	&R2( 6, 0,$C,$D,$A,$B,$X,38,16,0xf6bb4b60);
+	&R2( 7, 0,$B,$C,$D,$A,$X,39,23,0xbebfbc70);
+	&R2( 8, 0,$A,$B,$C,$D,$X,40, 4,0x289b7ec6);
+	&R2( 9, 0,$D,$A,$B,$C,$X,41,11,0xeaa127fa);
+	&R2(10, 0,$C,$D,$A,$B,$X,42,16,0xd4ef3085);
+	&R2(11, 0,$B,$C,$D,$A,$X,43,23,0x04881d05);
+	&R2(12, 0,$A,$B,$C,$D,$X,44, 4,0xd9d4d039);
+	&R2(13, 0,$D,$A,$B,$C,$X,45,11,0xe6db99e5);
+	&R2(14, 0,$C,$D,$A,$B,$X,46,16,0x1fa27cf8);
+	&R2(15, 1,$B,$C,$D,$A,$X,47,23,0xc4ac5665);
+
+	&comment("");
+	&comment("R3 section");
+	&R3(-1,$A,$B,$C,$D,$X,48, 6,0xf4292244);
+	&R3( 0,$D,$A,$B,$C,$X,49,10,0x432aff97);
+	&R3( 0,$C,$D,$A,$B,$X,50,15,0xab9423a7);
+	&R3( 0,$B,$C,$D,$A,$X,51,21,0xfc93a039);
+	&R3( 0,$A,$B,$C,$D,$X,52, 6,0x655b59c3);
+	&R3( 0,$D,$A,$B,$C,$X,53,10,0x8f0ccc92);
+	&R3( 0,$C,$D,$A,$B,$X,54,15,0xffeff47d);
+	&R3( 0,$B,$C,$D,$A,$X,55,21,0x85845dd1);
+	&R3( 0,$A,$B,$C,$D,$X,56, 6,0x6fa87e4f);
+	&R3( 0,$D,$A,$B,$C,$X,57,10,0xfe2ce6e0);
+	&R3( 0,$C,$D,$A,$B,$X,58,15,0xa3014314);
+	&R3( 0,$B,$C,$D,$A,$X,59,21,0x4e0811a1);
+	&R3( 0,$A,$B,$C,$D,$X,60, 6,0xf7537e82);
+	&R3( 0,$D,$A,$B,$C,$X,61,10,0xbd3af235);
+	&R3( 0,$C,$D,$A,$B,$X,62,15,0x2ad7d2bb);
+	&R3( 2,$B,$C,$D,$A,$X,63,21,0xeb86d391);
+
+	# &mov($tmp2,&wparam(0));	# done in the last R3
+	# &mov($tmp1,	&DWP( 0,$tmp2,"",0)); # done is the last R3
+
+	&add($A,$tmp1);
+	 &mov($tmp1,	&DWP( 4,$tmp2,"",0));
+
+	&add($B,$tmp1);
+	&mov($tmp1,	&DWP( 8,$tmp2,"",0));
+
+	&add($C,$tmp1);
+	&mov($tmp1,	&DWP(12,$tmp2,"",0));
+
+	&add($D,$tmp1);
+	&mov(&DWP( 0,$tmp2,"",0),$A);
+
+	&mov(&DWP( 4,$tmp2,"",0),$B);
+	&mov($tmp1,&swtmp(0)) unless $normal;
+
+	&mov(&DWP( 8,$tmp2,"",0),$C);
+	 &mov(&DWP(12,$tmp2,"",0),$D);
+
+	&cmp($tmp1,$X) unless $normal;			# check count
+	 &jge(&label("start")) unless $normal;
+
+	&pop("eax"); # pop the temp variable off the stack
+	 &pop("ebx");
+	&pop("ebp");
+	 &pop("edi");
+	&pop("esi");
+	 &ret();
+	&function_end_B($name);
+	}
+
diff --git a/crypto/md5/asm/mx86unix.cpp b/crypto/md5/asm/mx86unix.cpp
new file mode 100644
index 0000000000..5d399122b6
--- /dev/null
+++ b/crypto/md5/asm/mx86unix.cpp
@@ -0,0 +1,730 @@
+/* Run the C pre-processor over this file with one of the following defined
+ * ELF - elf object files,
+ * OUT - a.out object files,
+ * BSDI - BSDI style a.out object files
+ * SOL - Solaris style elf
+ */
+
+#define TYPE(a,b)       .type   a,b
+#define SIZE(a,b)       .size   a,b
+
+#if defined(OUT) || defined(BSDI)
+#define md5_block_x86 _md5_block_x86
+
+#endif
+
+#ifdef OUT
+#define OK	1
+#define ALIGN	4
+#endif
+
+#ifdef BSDI
+#define OK              1
+#define ALIGN           4
+#undef SIZE
+#undef TYPE
+#define SIZE(a,b)
+#define TYPE(a,b)
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK              1
+#define ALIGN           16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+/* Let the Assembler begin :-) */
+	/* Don't even think of reading this code */
+	/* It was automatically generated by md5-586.pl */
+	/* Which is a perl program used to generate the x86 assember for */
+	/* any of elf, a.out, BSDI,Win32, or Solaris */
+	/* eric <eay@cryptsoft.com> */
+
+	.file	"md5-586.s"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align ALIGN
+.globl md5_block_x86
+	TYPE(md5_block_x86,@function)
+md5_block_x86:
+	pushl	%esi
+	pushl	%edi
+	movl	12(%esp),	%edi
+	movl	16(%esp),	%esi
+	movl	20(%esp),	%ecx
+	pushl	%ebp
+	pushl	%ebx
+	addl	%esi,		%ecx
+	subl	$64,		%ecx
+	movl	(%edi),		%eax
+	pushl	%ecx
+	movl	4(%edi),	%ebx
+	movl	8(%edi),	%ecx
+	movl	12(%edi),	%edx
+.L000start:
+
+	/* R0 section */
+	movl	%ecx,		%edi
+	movl	(%esi),		%ebp
+	/* R0 0 */
+	xorl	%edx,		%edi
+	andl	%ebx,		%edi
+	leal	3614090360(%eax,%ebp,1),%eax
+	movl	4(%esi),	%ebp
+	xorl	%edx,		%edi
+	addl	%edi,		%eax
+	movl	%ebx,		%edi
+	roll	$7,		%eax
+	addl	%ebx,		%eax
+	/* R0 1 */
+	xorl	%ecx,		%edi
+	andl	%eax,		%edi
+	leal	3905402710(%edx,%ebp,1),%edx
+	movl	8(%esi),	%ebp
+	xorl	%ecx,		%edi
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	roll	$12,		%edx
+	addl	%eax,		%edx
+	/* R0 2 */
+	xorl	%ebx,		%edi
+	andl	%edx,		%edi
+	leal	606105819(%ecx,%ebp,1),%ecx
+	movl	12(%esi),	%ebp
+	xorl	%ebx,		%edi
+	addl	%edi,		%ecx
+	movl	%edx,		%edi
+	roll	$17,		%ecx
+	addl	%edx,		%ecx
+	/* R0 3 */
+	xorl	%eax,		%edi
+	andl	%ecx,		%edi
+	leal	3250441966(%ebx,%ebp,1),%ebx
+	movl	16(%esi),	%ebp
+	xorl	%eax,		%edi
+	addl	%edi,		%ebx
+	movl	%ecx,		%edi
+	roll	$22,		%ebx
+	addl	%ecx,		%ebx
+	/* R0 4 */
+	xorl	%edx,		%edi
+	andl	%ebx,		%edi
+	leal	4118548399(%eax,%ebp,1),%eax
+	movl	20(%esi),	%ebp
+	xorl	%edx,		%edi
+	addl	%edi,		%eax
+	movl	%ebx,		%edi
+	roll	$7,		%eax
+	addl	%ebx,		%eax
+	/* R0 5 */
+	xorl	%ecx,		%edi
+	andl	%eax,		%edi
+	leal	1200080426(%edx,%ebp,1),%edx
+	movl	24(%esi),	%ebp
+	xorl	%ecx,		%edi
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	roll	$12,		%edx
+	addl	%eax,		%edx
+	/* R0 6 */
+	xorl	%ebx,		%edi
+	andl	%edx,		%edi
+	leal	2821735955(%ecx,%ebp,1),%ecx
+	movl	28(%esi),	%ebp
+	xorl	%ebx,		%edi
+	addl	%edi,		%ecx
+	movl	%edx,		%edi
+	roll	$17,		%ecx
+	addl	%edx,		%ecx
+	/* R0 7 */
+	xorl	%eax,		%edi
+	andl	%ecx,		%edi
+	leal	4249261313(%ebx,%ebp,1),%ebx
+	movl	32(%esi),	%ebp
+	xorl	%eax,		%edi
+	addl	%edi,		%ebx
+	movl	%ecx,		%edi
+	roll	$22,		%ebx
+	addl	%ecx,		%ebx
+	/* R0 8 */
+	xorl	%edx,		%edi
+	andl	%ebx,		%edi
+	leal	1770035416(%eax,%ebp,1),%eax
+	movl	36(%esi),	%ebp
+	xorl	%edx,		%edi
+	addl	%edi,		%eax
+	movl	%ebx,		%edi
+	roll	$7,		%eax
+	addl	%ebx,		%eax
+	/* R0 9 */
+	xorl	%ecx,		%edi
+	andl	%eax,		%edi
+	leal	2336552879(%edx,%ebp,1),%edx
+	movl	40(%esi),	%ebp
+	xorl	%ecx,		%edi
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	roll	$12,		%edx
+	addl	%eax,		%edx
+	/* R0 10 */
+	xorl	%ebx,		%edi
+	andl	%edx,		%edi
+	leal	4294925233(%ecx,%ebp,1),%ecx
+	movl	44(%esi),	%ebp
+	xorl	%ebx,		%edi
+	addl	%edi,		%ecx
+	movl	%edx,		%edi
+	roll	$17,		%ecx
+	addl	%edx,		%ecx
+	/* R0 11 */
+	xorl	%eax,		%edi
+	andl	%ecx,		%edi
+	leal	2304563134(%ebx,%ebp,1),%ebx
+	movl	48(%esi),	%ebp
+	xorl	%eax,		%edi
+	addl	%edi,		%ebx
+	movl	%ecx,		%edi
+	roll	$22,		%ebx
+	addl	%ecx,		%ebx
+	/* R0 12 */
+	xorl	%edx,		%edi
+	andl	%ebx,		%edi
+	leal	1804603682(%eax,%ebp,1),%eax
+	movl	52(%esi),	%ebp
+	xorl	%edx,		%edi
+	addl	%edi,		%eax
+	movl	%ebx,		%edi
+	roll	$7,		%eax
+	addl	%ebx,		%eax
+	/* R0 13 */
+	xorl	%ecx,		%edi
+	andl	%eax,		%edi
+	leal	4254626195(%edx,%ebp,1),%edx
+	movl	56(%esi),	%ebp
+	xorl	%ecx,		%edi
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	roll	$12,		%edx
+	addl	%eax,		%edx
+	/* R0 14 */
+	xorl	%ebx,		%edi
+	andl	%edx,		%edi
+	leal	2792965006(%ecx,%ebp,1),%ecx
+	movl	60(%esi),	%ebp
+	xorl	%ebx,		%edi
+	addl	%edi,		%ecx
+	movl	%edx,		%edi
+	roll	$17,		%ecx
+	addl	%edx,		%ecx
+	/* R0 15 */
+	xorl	%eax,		%edi
+	andl	%ecx,		%edi
+	leal	1236535329(%ebx,%ebp,1),%ebx
+	movl	4(%esi),	%ebp
+	xorl	%eax,		%edi
+	addl	%edi,		%ebx
+	movl	%ecx,		%edi
+	roll	$22,		%ebx
+	addl	%ecx,		%ebx
+
+	/* R1 section */
+	/* R1 16 */
+	leal	4129170786(%eax,%ebp,1),%eax
+	xorl	%ebx,		%edi
+	andl	%edx,		%edi
+	movl	24(%esi),	%ebp
+	xorl	%ecx,		%edi
+	addl	%edi,		%eax
+	movl	%ebx,		%edi
+	roll	$5,		%eax
+	addl	%ebx,		%eax
+	/* R1 17 */
+	leal	3225465664(%edx,%ebp,1),%edx
+	xorl	%eax,		%edi
+	andl	%ecx,		%edi
+	movl	44(%esi),	%ebp
+	xorl	%ebx,		%edi
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	roll	$9,		%edx
+	addl	%eax,		%edx
+	/* R1 18 */
+	leal	643717713(%ecx,%ebp,1),%ecx
+	xorl	%edx,		%edi
+	andl	%ebx,		%edi
+	movl	(%esi),		%ebp
+	xorl	%eax,		%edi
+	addl	%edi,		%ecx
+	movl	%edx,		%edi
+	roll	$14,		%ecx
+	addl	%edx,		%ecx
+	/* R1 19 */
+	leal	3921069994(%ebx,%ebp,1),%ebx
+	xorl	%ecx,		%edi
+	andl	%eax,		%edi
+	movl	20(%esi),	%ebp
+	xorl	%edx,		%edi
+	addl	%edi,		%ebx
+	movl	%ecx,		%edi
+	roll	$20,		%ebx
+	addl	%ecx,		%ebx
+	/* R1 20 */
+	leal	3593408605(%eax,%ebp,1),%eax
+	xorl	%ebx,		%edi
+	andl	%edx,		%edi
+	movl	40(%esi),	%ebp
+	xorl	%ecx,		%edi
+	addl	%edi,		%eax
+	movl	%ebx,		%edi
+	roll	$5,		%eax
+	addl	%ebx,		%eax
+	/* R1 21 */
+	leal	38016083(%edx,%ebp,1),%edx
+	xorl	%eax,		%edi
+	andl	%ecx,		%edi
+	movl	60(%esi),	%ebp
+	xorl	%ebx,		%edi
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	roll	$9,		%edx
+	addl	%eax,		%edx
+	/* R1 22 */
+	leal	3634488961(%ecx,%ebp,1),%ecx
+	xorl	%edx,		%edi
+	andl	%ebx,		%edi
+	movl	16(%esi),	%ebp
+	xorl	%eax,		%edi
+	addl	%edi,		%ecx
+	movl	%edx,		%edi
+	roll	$14,		%ecx
+	addl	%edx,		%ecx
+	/* R1 23 */
+	leal	3889429448(%ebx,%ebp,1),%ebx
+	xorl	%ecx,		%edi
+	andl	%eax,		%edi
+	movl	36(%esi),	%ebp
+	xorl	%edx,		%edi
+	addl	%edi,		%ebx
+	movl	%ecx,		%edi
+	roll	$20,		%ebx
+	addl	%ecx,		%ebx
+	/* R1 24 */
+	leal	568446438(%eax,%ebp,1),%eax
+	xorl	%ebx,		%edi
+	andl	%edx,		%edi
+	movl	56(%esi),	%ebp
+	xorl	%ecx,		%edi
+	addl	%edi,		%eax
+	movl	%ebx,		%edi
+	roll	$5,		%eax
+	addl	%ebx,		%eax
+	/* R1 25 */
+	leal	3275163606(%edx,%ebp,1),%edx
+	xorl	%eax,		%edi
+	andl	%ecx,		%edi
+	movl	12(%esi),	%ebp
+	xorl	%ebx,		%edi
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	roll	$9,		%edx
+	addl	%eax,		%edx
+	/* R1 26 */
+	leal	4107603335(%ecx,%ebp,1),%ecx
+	xorl	%edx,		%edi
+	andl	%ebx,		%edi
+	movl	32(%esi),	%ebp
+	xorl	%eax,		%edi
+	addl	%edi,		%ecx
+	movl	%edx,		%edi
+	roll	$14,		%ecx
+	addl	%edx,		%ecx
+	/* R1 27 */
+	leal	1163531501(%ebx,%ebp,1),%ebx
+	xorl	%ecx,		%edi
+	andl	%eax,		%edi
+	movl	52(%esi),	%ebp
+	xorl	%edx,		%edi
+	addl	%edi,		%ebx
+	movl	%ecx,		%edi
+	roll	$20,		%ebx
+	addl	%ecx,		%ebx
+	/* R1 28 */
+	leal	2850285829(%eax,%ebp,1),%eax
+	xorl	%ebx,		%edi
+	andl	%edx,		%edi
+	movl	8(%esi),	%ebp
+	xorl	%ecx,		%edi
+	addl	%edi,		%eax
+	movl	%ebx,		%edi
+	roll	$5,		%eax
+	addl	%ebx,		%eax
+	/* R1 29 */
+	leal	4243563512(%edx,%ebp,1),%edx
+	xorl	%eax,		%edi
+	andl	%ecx,		%edi
+	movl	28(%esi),	%ebp
+	xorl	%ebx,		%edi
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	roll	$9,		%edx
+	addl	%eax,		%edx
+	/* R1 30 */
+	leal	1735328473(%ecx,%ebp,1),%ecx
+	xorl	%edx,		%edi
+	andl	%ebx,		%edi
+	movl	48(%esi),	%ebp
+	xorl	%eax,		%edi
+	addl	%edi,		%ecx
+	movl	%edx,		%edi
+	roll	$14,		%ecx
+	addl	%edx,		%ecx
+	/* R1 31 */
+	leal	2368359562(%ebx,%ebp,1),%ebx
+	xorl	%ecx,		%edi
+	andl	%eax,		%edi
+	movl	20(%esi),	%ebp
+	xorl	%edx,		%edi
+	addl	%edi,		%ebx
+	movl	%ecx,		%edi
+	roll	$20,		%ebx
+	addl	%ecx,		%ebx
+
+	/* R2 section */
+	/* R2 32 */
+	xorl	%edx,		%edi
+	xorl	%ebx,		%edi
+	leal	4294588738(%eax,%ebp,1),%eax
+	addl	%edi,		%eax
+	movl	32(%esi),	%ebp
+	roll	$4,		%eax
+	movl	%ebx,		%edi
+	/* R2 33 */
+	leal	2272392833(%edx,%ebp,1),%edx
+	addl	%ebx,		%eax
+	xorl	%ecx,		%edi
+	xorl	%eax,		%edi
+	movl	44(%esi),	%ebp
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	roll	$11,		%edx
+	addl	%eax,		%edx
+	/* R2 34 */
+	xorl	%ebx,		%edi
+	xorl	%edx,		%edi
+	leal	1839030562(%ecx,%ebp,1),%ecx
+	addl	%edi,		%ecx
+	movl	56(%esi),	%ebp
+	roll	$16,		%ecx
+	movl	%edx,		%edi
+	/* R2 35 */
+	leal	4259657740(%ebx,%ebp,1),%ebx
+	addl	%edx,		%ecx
+	xorl	%eax,		%edi
+	xorl	%ecx,		%edi
+	movl	4(%esi),	%ebp
+	addl	%edi,		%ebx
+	movl	%ecx,		%edi
+	roll	$23,		%ebx
+	addl	%ecx,		%ebx
+	/* R2 36 */
+	xorl	%edx,		%edi
+	xorl	%ebx,		%edi
+	leal	2763975236(%eax,%ebp,1),%eax
+	addl	%edi,		%eax
+	movl	16(%esi),	%ebp
+	roll	$4,		%eax
+	movl	%ebx,		%edi
+	/* R2 37 */
+	leal	1272893353(%edx,%ebp,1),%edx
+	addl	%ebx,		%eax
+	xorl	%ecx,		%edi
+	xorl	%eax,		%edi
+	movl	28(%esi),	%ebp
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	roll	$11,		%edx
+	addl	%eax,		%edx
+	/* R2 38 */
+	xorl	%ebx,		%edi
+	xorl	%edx,		%edi
+	leal	4139469664(%ecx,%ebp,1),%ecx
+	addl	%edi,		%ecx
+	movl	40(%esi),	%ebp
+	roll	$16,		%ecx
+	movl	%edx,		%edi
+	/* R2 39 */
+	leal	3200236656(%ebx,%ebp,1),%ebx
+	addl	%edx,		%ecx
+	xorl	%eax,		%edi
+	xorl	%ecx,		%edi
+	movl	52(%esi),	%ebp
+	addl	%edi,		%ebx
+	movl	%ecx,		%edi
+	roll	$23,		%ebx
+	addl	%ecx,		%ebx
+	/* R2 40 */
+	xorl	%edx,		%edi
+	xorl	%ebx,		%edi
+	leal	681279174(%eax,%ebp,1),%eax
+	addl	%edi,		%eax
+	movl	(%esi),		%ebp
+	roll	$4,		%eax
+	movl	%ebx,		%edi
+	/* R2 41 */
+	leal	3936430074(%edx,%ebp,1),%edx
+	addl	%ebx,		%eax
+	xorl	%ecx,		%edi
+	xorl	%eax,		%edi
+	movl	12(%esi),	%ebp
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	roll	$11,		%edx
+	addl	%eax,		%edx
+	/* R2 42 */
+	xorl	%ebx,		%edi
+	xorl	%edx,		%edi
+	leal	3572445317(%ecx,%ebp,1),%ecx
+	addl	%edi,		%ecx
+	movl	24(%esi),	%ebp
+	roll	$16,		%ecx
+	movl	%edx,		%edi
+	/* R2 43 */
+	leal	76029189(%ebx,%ebp,1),%ebx
+	addl	%edx,		%ecx
+	xorl	%eax,		%edi
+	xorl	%ecx,		%edi
+	movl	36(%esi),	%ebp
+	addl	%edi,		%ebx
+	movl	%ecx,		%edi
+	roll	$23,		%ebx
+	addl	%ecx,		%ebx
+	/* R2 44 */
+	xorl	%edx,		%edi
+	xorl	%ebx,		%edi
+	leal	3654602809(%eax,%ebp,1),%eax
+	addl	%edi,		%eax
+	movl	48(%esi),	%ebp
+	roll	$4,		%eax
+	movl	%ebx,		%edi
+	/* R2 45 */
+	leal	3873151461(%edx,%ebp,1),%edx
+	addl	%ebx,		%eax
+	xorl	%ecx,		%edi
+	xorl	%eax,		%edi
+	movl	60(%esi),	%ebp
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	roll	$11,		%edx
+	addl	%eax,		%edx
+	/* R2 46 */
+	xorl	%ebx,		%edi
+	xorl	%edx,		%edi
+	leal	530742520(%ecx,%ebp,1),%ecx
+	addl	%edi,		%ecx
+	movl	8(%esi),	%ebp
+	roll	$16,		%ecx
+	movl	%edx,		%edi
+	/* R2 47 */
+	leal	3299628645(%ebx,%ebp,1),%ebx
+	addl	%edx,		%ecx
+	xorl	%eax,		%edi
+	xorl	%ecx,		%edi
+	movl	(%esi),		%ebp
+	addl	%edi,		%ebx
+	movl	$-1,		%edi
+	roll	$23,		%ebx
+	addl	%ecx,		%ebx
+
+	/* R3 section */
+	/* R3 48 */
+	xorl	%edx,		%edi
+	orl	%ebx,		%edi
+	leal	4096336452(%eax,%ebp,1),%eax
+	xorl	%ecx,		%edi
+	movl	28(%esi),	%ebp
+	addl	%edi,		%eax
+	movl	$-1,		%edi
+	roll	$6,		%eax
+	xorl	%ecx,		%edi
+	addl	%ebx,		%eax
+	/* R3 49 */
+	orl	%eax,		%edi
+	leal	1126891415(%edx,%ebp,1),%edx
+	xorl	%ebx,		%edi
+	movl	56(%esi),	%ebp
+	addl	%edi,		%edx
+	movl	$-1,		%edi
+	roll	$10,		%edx
+	xorl	%ebx,		%edi
+	addl	%eax,		%edx
+	/* R3 50 */
+	orl	%edx,		%edi
+	leal	2878612391(%ecx,%ebp,1),%ecx
+	xorl	%eax,		%edi
+	movl	20(%esi),	%ebp
+	addl	%edi,		%ecx
+	movl	$-1,		%edi
+	roll	$15,		%ecx
+	xorl	%eax,		%edi
+	addl	%edx,		%ecx
+	/* R3 51 */
+	orl	%ecx,		%edi
+	leal	4237533241(%ebx,%ebp,1),%ebx
+	xorl	%edx,		%edi
+	movl	48(%esi),	%ebp
+	addl	%edi,		%ebx
+	movl	$-1,		%edi
+	roll	$21,		%ebx
+	xorl	%edx,		%edi
+	addl	%ecx,		%ebx
+	/* R3 52 */
+	orl	%ebx,		%edi
+	leal	1700485571(%eax,%ebp,1),%eax
+	xorl	%ecx,		%edi
+	movl	12(%esi),	%ebp
+	addl	%edi,		%eax
+	movl	$-1,		%edi
+	roll	$6,		%eax
+	xorl	%ecx,		%edi
+	addl	%ebx,		%eax
+	/* R3 53 */
+	orl	%eax,		%edi
+	leal	2399980690(%edx,%ebp,1),%edx
+	xorl	%ebx,		%edi
+	movl	40(%esi),	%ebp
+	addl	%edi,		%edx
+	movl	$-1,		%edi
+	roll	$10,		%edx
+	xorl	%ebx,		%edi
+	addl	%eax,		%edx
+	/* R3 54 */
+	orl	%edx,		%edi
+	leal	4293915773(%ecx,%ebp,1),%ecx
+	xorl	%eax,		%edi
+	movl	4(%esi),	%ebp
+	addl	%edi,		%ecx
+	movl	$-1,		%edi
+	roll	$15,		%ecx
+	xorl	%eax,		%edi
+	addl	%edx,		%ecx
+	/* R3 55 */
+	orl	%ecx,		%edi
+	leal	2240044497(%ebx,%ebp,1),%ebx
+	xorl	%edx,		%edi
+	movl	32(%esi),	%ebp
+	addl	%edi,		%ebx
+	movl	$-1,		%edi
+	roll	$21,		%ebx
+	xorl	%edx,		%edi
+	addl	%ecx,		%ebx
+	/* R3 56 */
+	orl	%ebx,		%edi
+	leal	1873313359(%eax,%ebp,1),%eax
+	xorl	%ecx,		%edi
+	movl	60(%esi),	%ebp
+	addl	%edi,		%eax
+	movl	$-1,		%edi
+	roll	$6,		%eax
+	xorl	%ecx,		%edi
+	addl	%ebx,		%eax
+	/* R3 57 */
+	orl	%eax,		%edi
+	leal	4264355552(%edx,%ebp,1),%edx
+	xorl	%ebx,		%edi
+	movl	24(%esi),	%ebp
+	addl	%edi,		%edx
+	movl	$-1,		%edi
+	roll	$10,		%edx
+	xorl	%ebx,		%edi
+	addl	%eax,		%edx
+	/* R3 58 */
+	orl	%edx,		%edi
+	leal	2734768916(%ecx,%ebp,1),%ecx
+	xorl	%eax,		%edi
+	movl	52(%esi),	%ebp
+	addl	%edi,		%ecx
+	movl	$-1,		%edi
+	roll	$15,		%ecx
+	xorl	%eax,		%edi
+	addl	%edx,		%ecx
+	/* R3 59 */
+	orl	%ecx,		%edi
+	leal	1309151649(%ebx,%ebp,1),%ebx
+	xorl	%edx,		%edi
+	movl	16(%esi),	%ebp
+	addl	%edi,		%ebx
+	movl	$-1,		%edi
+	roll	$21,		%ebx
+	xorl	%edx,		%edi
+	addl	%ecx,		%ebx
+	/* R3 60 */
+	orl	%ebx,		%edi
+	leal	4149444226(%eax,%ebp,1),%eax
+	xorl	%ecx,		%edi
+	movl	44(%esi),	%ebp
+	addl	%edi,		%eax
+	movl	$-1,		%edi
+	roll	$6,		%eax
+	xorl	%ecx,		%edi
+	addl	%ebx,		%eax
+	/* R3 61 */
+	orl	%eax,		%edi
+	leal	3174756917(%edx,%ebp,1),%edx
+	xorl	%ebx,		%edi
+	movl	8(%esi),	%ebp
+	addl	%edi,		%edx
+	movl	$-1,		%edi
+	roll	$10,		%edx
+	xorl	%ebx,		%edi
+	addl	%eax,		%edx
+	/* R3 62 */
+	orl	%edx,		%edi
+	leal	718787259(%ecx,%ebp,1),%ecx
+	xorl	%eax,		%edi
+	movl	36(%esi),	%ebp
+	addl	%edi,		%ecx
+	movl	$-1,		%edi
+	roll	$15,		%ecx
+	xorl	%eax,		%edi
+	addl	%edx,		%ecx
+	/* R3 63 */
+	orl	%ecx,		%edi
+	leal	3951481745(%ebx,%ebp,1),%ebx
+	xorl	%edx,		%edi
+	movl	24(%esp),	%ebp
+	addl	%edi,		%ebx
+	addl	$64,		%esi
+	roll	$21,		%ebx
+	movl	(%ebp),		%edi
+	addl	%ecx,		%ebx
+	addl	%edi,		%eax
+	movl	4(%ebp),	%edi
+	addl	%edi,		%ebx
+	movl	8(%ebp),	%edi
+	addl	%edi,		%ecx
+	movl	12(%ebp),	%edi
+	addl	%edi,		%edx
+	movl	%eax,		(%ebp)
+	movl	%ebx,		4(%ebp)
+	movl	(%esp),		%edi
+	movl	%ecx,		8(%ebp)
+	movl	%edx,		12(%ebp)
+	cmpl	%esi,		%edi
+	jge	.L000start
+	popl	%eax
+	popl	%ebx
+	popl	%ebp
+	popl	%edi
+	popl	%esi
+	ret
+.md5_block_x86_end:
+	SIZE(md5_block_x86,.md5_block_x86_end-md5_block_x86)
+.ident	"desasm.pl"
diff --git a/crypto/md5/md5.c b/crypto/md5/md5.c
new file mode 100644
index 0000000000..9d6f5a6003
--- /dev/null
+++ b/crypto/md5/md5.c
@@ -0,0 +1,135 @@
+/* crypto/md5/md5.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "md5.h"
+
+#define BUFSIZE	1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+	{
+	int i,err=0;
+	FILE *IN;
+
+	if (argc == 1)
+		{
+		do_fp(stdin);
+		}
+	else
+		{
+		for (i=1; i<argc; i++)
+			{
+			IN=fopen(argv[i],"r");
+			if (IN == NULL)
+				{
+				perror(argv[i]);
+				err++;
+				continue;
+				}
+			printf("MD5(%s)= ",argv[i]);
+			do_fp(IN);
+			fclose(IN);
+			}
+		}
+	exit(err);
+	}
+
+void do_fp(f)
+FILE *f;
+	{
+	MD5_CTX c;
+	unsigned char md[MD5_DIGEST_LENGTH];
+	int fd;
+	int i;
+	static unsigned char buf[BUFSIZE];
+
+	fd=fileno(f);
+	MD5_Init(&c);
+	for (;;)
+		{
+		i=read(fd,buf,BUFSIZE);
+		if (i <= 0) break;
+		MD5_Update(&c,buf,(unsigned long)i);
+		}
+	MD5_Final(&(md[0]),&c);
+	pt(md);
+	}
+
+void pt(md)
+unsigned char *md;
+	{
+	int i;
+
+	for (i=0; i<MD5_DIGEST_LENGTH; i++)
+		printf("%02x",md[i]);
+	printf("\n");
+	}
+
diff --git a/crypto/md5/md5.h b/crypto/md5/md5.h
new file mode 100644
index 0000000000..357c6c625d
--- /dev/null
+++ b/crypto/md5/md5.h
@@ -0,0 +1,99 @@
+/* crypto/md5/md5.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MD5_H
+#define HEADER_MD5_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define MD5_CBLOCK	64
+#define MD5_LBLOCK	16
+#define MD5_BLOCK	16
+#define MD5_LAST_BLOCK  56
+#define MD5_LENGTH_BLOCK 8
+#define MD5_DIGEST_LENGTH 16
+
+typedef struct MD5state_st
+	{
+	unsigned long A,B,C,D;
+	unsigned long Nl,Nh;
+	unsigned long data[MD5_LBLOCK];
+	int num;
+	} MD5_CTX;
+
+#ifndef NOPROTO
+void MD5_Init(MD5_CTX *c);
+void MD5_Update(MD5_CTX *c, unsigned char *data, unsigned long len);
+void MD5_Final(unsigned char *md, MD5_CTX *c);
+unsigned char *MD5(unsigned char *d, unsigned long n, unsigned char *md);
+void MD5_Transform(MD5_CTX *c, unsigned char *b);
+#else
+void MD5_Init();
+void MD5_Update();
+void MD5_Final();
+unsigned char *MD5();
+void MD5_Transform();
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/md5/md5_dgst.c b/crypto/md5/md5_dgst.c
new file mode 100644
index 0000000000..43b3498d92
--- /dev/null
+++ b/crypto/md5/md5_dgst.c
@@ -0,0 +1,440 @@
+/* crypto/md5/md5_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "md5_locl.h"
+
+char *MD5_version="MD5 part of SSLeay 0.9.0b 29-Jun-1998";
+
+/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
+ */
+
+#define INIT_DATA_A (unsigned long)0x67452301L
+#define INIT_DATA_B (unsigned long)0xefcdab89L
+#define INIT_DATA_C (unsigned long)0x98badcfeL
+#define INIT_DATA_D (unsigned long)0x10325476L
+
+#ifndef NOPROTO
+#  ifdef MD5_ASM
+     void md5_block_x86(MD5_CTX *c, unsigned long *p,int num);
+#    define md5_block md5_block_x86
+#  else
+     static void md5_block(MD5_CTX *c, unsigned long *p,int num);
+#  endif
+#else
+#  ifdef MD5_ASM
+     void md5_block_x86();
+#    define md5_block md5_block_x86
+#  else
+     static void md5_block();
+#  endif
+#endif
+
+void MD5_Init(c)
+MD5_CTX *c;
+	{
+	c->A=INIT_DATA_A;
+	c->B=INIT_DATA_B;
+	c->C=INIT_DATA_C;
+	c->D=INIT_DATA_D;
+	c->Nl=0;
+	c->Nh=0;
+	c->num=0;
+	}
+
+void MD5_Update(c, data, len)
+MD5_CTX *c;
+register unsigned char *data;
+unsigned long len;
+	{
+	register ULONG *p;
+	int sw,sc;
+	ULONG l;
+
+	if (len == 0) return;
+
+	l=(c->Nl+(len<<3))&0xffffffffL;
+	/* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
+	 * Wei Dai <weidai@eskimo.com> for pointing it out. */
+	if (l < c->Nl) /* overflow */
+		c->Nh++;
+	c->Nh+=(len>>29);
+	c->Nl=l;
+
+	if (c->num != 0)
+		{
+		p=c->data;
+		sw=c->num>>2;
+		sc=c->num&0x03;
+
+		if ((c->num+len) >= MD5_CBLOCK)
+			{
+			l= p[sw];
+			p_c2l(data,l,sc);
+			p[sw++]=l;
+			for (; sw<MD5_LBLOCK; sw++)
+				{
+				c2l(data,l);
+				p[sw]=l;
+				}
+			len-=(MD5_CBLOCK-c->num);
+
+			md5_block(c,p,64);
+			c->num=0;
+			/* drop through and do the rest */
+			}
+		else
+			{
+			int ew,ec;
+
+			c->num+=(int)len;
+			if ((sc+len) < 4) /* ugly, add char's to a word */
+				{
+				l= p[sw];
+				p_c2l_p(data,l,sc,len);
+				p[sw]=l;
+				}
+			else
+				{
+				ew=(c->num>>2);
+				ec=(c->num&0x03);
+				l= p[sw];
+				p_c2l(data,l,sc);
+				p[sw++]=l;
+				for (; sw < ew; sw++)
+					{ c2l(data,l); p[sw]=l; }
+				if (ec)
+					{
+					c2l_p(data,l,ec);
+					p[sw]=l;
+					}
+				}
+			return;
+			}
+		}
+	/* we now can process the input data in blocks of MD5_CBLOCK
+	 * chars and save the leftovers to c->data. */
+#ifdef L_ENDIAN
+	if ((((unsigned long)data)%sizeof(ULONG)) == 0)
+		{
+		sw=(int)len/MD5_CBLOCK;
+		if (sw > 0)
+			{
+			sw*=MD5_CBLOCK;
+			md5_block(c,(ULONG *)data,sw);
+			data+=sw;
+			len-=sw;
+			}
+		}
+#endif
+	p=c->data;
+	while (len >= MD5_CBLOCK)
+		{
+#if defined(L_ENDIAN) || defined(B_ENDIAN)
+		if (p != (unsigned long *)data)
+			memcpy(p,data,MD5_CBLOCK);
+		data+=MD5_CBLOCK;
+#ifdef B_ENDIAN
+		for (sw=(MD5_LBLOCK/4); sw; sw--)
+			{
+			Endian_Reverse32(p[0]);
+			Endian_Reverse32(p[1]);
+			Endian_Reverse32(p[2]);
+			Endian_Reverse32(p[3]);
+			p+=4;
+			}
+#endif
+#else
+		for (sw=(MD5_LBLOCK/4); sw; sw--)
+			{
+			c2l(data,l); *(p++)=l;
+			c2l(data,l); *(p++)=l;
+			c2l(data,l); *(p++)=l;
+			c2l(data,l); *(p++)=l; 
+			} 
+#endif
+		p=c->data;
+		md5_block(c,p,64);
+		len-=MD5_CBLOCK;
+		}
+	sc=(int)len;
+	c->num=sc;
+	if (sc)
+		{
+		sw=sc>>2;	/* words to copy */
+#ifdef L_ENDIAN
+		p[sw]=0;
+		memcpy(p,data,sc);
+#else
+		sc&=0x03;
+		for ( ; sw; sw--)
+			{ c2l(data,l); *(p++)=l; }
+		c2l_p(data,l,sc);
+		*p=l;
+#endif
+		}
+	}
+
+void MD5_Transform(c,b)
+MD5_CTX *c;
+unsigned char *b;
+	{
+	ULONG p[16];
+#if !defined(L_ENDIAN)
+	ULONG *q;
+	int i;
+#endif
+
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+	memcpy(p,b,64);
+#ifdef B_ENDIAN
+	q=p;
+	for (i=(MD5_LBLOCK/4); i; i--)
+		{
+		Endian_Reverse32(q[0]);
+		Endian_Reverse32(q[1]);
+		Endian_Reverse32(q[2]);
+		Endian_Reverse32(q[3]);
+		q+=4;
+		}
+#endif
+#else
+	q=p;
+	for (i=(MD5_LBLOCK/4); i; i--)
+		{
+		ULONG l;
+		c2l(b,l); *(q++)=l;
+		c2l(b,l); *(q++)=l;
+		c2l(b,l); *(q++)=l;
+		c2l(b,l); *(q++)=l; 
+		} 
+#endif
+	md5_block(c,p,64);
+	}
+
+#ifndef MD5_ASM
+
+static void md5_block(c, X, num)
+MD5_CTX *c;
+register ULONG *X;
+int num;
+	{
+	register ULONG A,B,C,D;
+
+	A=c->A;
+	B=c->B;
+	C=c->C;
+	D=c->D;
+	for (;;)
+		{
+	/* Round 0 */
+	R0(A,B,C,D,X[ 0], 7,0xd76aa478L);
+	R0(D,A,B,C,X[ 1],12,0xe8c7b756L);
+	R0(C,D,A,B,X[ 2],17,0x242070dbL);
+	R0(B,C,D,A,X[ 3],22,0xc1bdceeeL);
+	R0(A,B,C,D,X[ 4], 7,0xf57c0fafL);
+	R0(D,A,B,C,X[ 5],12,0x4787c62aL);
+	R0(C,D,A,B,X[ 6],17,0xa8304613L);
+	R0(B,C,D,A,X[ 7],22,0xfd469501L);
+	R0(A,B,C,D,X[ 8], 7,0x698098d8L);
+	R0(D,A,B,C,X[ 9],12,0x8b44f7afL);
+	R0(C,D,A,B,X[10],17,0xffff5bb1L);
+	R0(B,C,D,A,X[11],22,0x895cd7beL);
+	R0(A,B,C,D,X[12], 7,0x6b901122L);
+	R0(D,A,B,C,X[13],12,0xfd987193L);
+	R0(C,D,A,B,X[14],17,0xa679438eL);
+	R0(B,C,D,A,X[15],22,0x49b40821L);
+	/* Round 1 */
+	R1(A,B,C,D,X[ 1], 5,0xf61e2562L);
+	R1(D,A,B,C,X[ 6], 9,0xc040b340L);
+	R1(C,D,A,B,X[11],14,0x265e5a51L);
+	R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL);
+	R1(A,B,C,D,X[ 5], 5,0xd62f105dL);
+	R1(D,A,B,C,X[10], 9,0x02441453L);
+	R1(C,D,A,B,X[15],14,0xd8a1e681L);
+	R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L);
+	R1(A,B,C,D,X[ 9], 5,0x21e1cde6L);
+	R1(D,A,B,C,X[14], 9,0xc33707d6L);
+	R1(C,D,A,B,X[ 3],14,0xf4d50d87L);
+	R1(B,C,D,A,X[ 8],20,0x455a14edL);
+	R1(A,B,C,D,X[13], 5,0xa9e3e905L);
+	R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L);
+	R1(C,D,A,B,X[ 7],14,0x676f02d9L);
+	R1(B,C,D,A,X[12],20,0x8d2a4c8aL);
+	/* Round 2 */
+	R2(A,B,C,D,X[ 5], 4,0xfffa3942L);
+	R2(D,A,B,C,X[ 8],11,0x8771f681L);
+	R2(C,D,A,B,X[11],16,0x6d9d6122L);
+	R2(B,C,D,A,X[14],23,0xfde5380cL);
+	R2(A,B,C,D,X[ 1], 4,0xa4beea44L);
+	R2(D,A,B,C,X[ 4],11,0x4bdecfa9L);
+	R2(C,D,A,B,X[ 7],16,0xf6bb4b60L);
+	R2(B,C,D,A,X[10],23,0xbebfbc70L);
+	R2(A,B,C,D,X[13], 4,0x289b7ec6L);
+	R2(D,A,B,C,X[ 0],11,0xeaa127faL);
+	R2(C,D,A,B,X[ 3],16,0xd4ef3085L);
+	R2(B,C,D,A,X[ 6],23,0x04881d05L);
+	R2(A,B,C,D,X[ 9], 4,0xd9d4d039L);
+	R2(D,A,B,C,X[12],11,0xe6db99e5L);
+	R2(C,D,A,B,X[15],16,0x1fa27cf8L);
+	R2(B,C,D,A,X[ 2],23,0xc4ac5665L);
+	/* Round 3 */
+	R3(A,B,C,D,X[ 0], 6,0xf4292244L);
+	R3(D,A,B,C,X[ 7],10,0x432aff97L);
+	R3(C,D,A,B,X[14],15,0xab9423a7L);
+	R3(B,C,D,A,X[ 5],21,0xfc93a039L);
+	R3(A,B,C,D,X[12], 6,0x655b59c3L);
+	R3(D,A,B,C,X[ 3],10,0x8f0ccc92L);
+	R3(C,D,A,B,X[10],15,0xffeff47dL);
+	R3(B,C,D,A,X[ 1],21,0x85845dd1L);
+	R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL);
+	R3(D,A,B,C,X[15],10,0xfe2ce6e0L);
+	R3(C,D,A,B,X[ 6],15,0xa3014314L);
+	R3(B,C,D,A,X[13],21,0x4e0811a1L);
+	R3(A,B,C,D,X[ 4], 6,0xf7537e82L);
+	R3(D,A,B,C,X[11],10,0xbd3af235L);
+	R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL);
+	R3(B,C,D,A,X[ 9],21,0xeb86d391L);
+
+	A+=c->A&0xffffffffL;
+	B+=c->B&0xffffffffL;
+	c->A=A;
+	c->B=B;
+	C+=c->C&0xffffffffL;
+	D+=c->D&0xffffffffL;
+	c->C=C;
+	c->D=D;
+	X+=16;
+	num-=64;
+	if (num <= 0) break;
+		}
+	}
+#endif
+
+void MD5_Final(md, c)
+unsigned char *md;
+MD5_CTX *c;
+	{
+	register int i,j;
+	register ULONG l;
+	register ULONG *p;
+	static unsigned char end[4]={0x80,0x00,0x00,0x00};
+	unsigned char *cp=end;
+
+	/* c->num should definitly have room for at least one more byte. */
+	p=c->data;
+	j=c->num;
+	i=j>>2;
+
+	/* purify often complains about the following line as an
+	 * Uninitialized Memory Read.  While this can be true, the
+	 * following p_c2l macro will reset l when that case is true.
+	 * This is because j&0x03 contains the number of 'valid' bytes
+	 * already in p[i].  If and only if j&0x03 == 0, the UMR will
+	 * occur but this is also the only time p_c2l will do
+	 * l= *(cp++) instead of l|= *(cp++)
+	 * Many thanks to Alex Tang <altitude@cic.net> for pickup this
+	 * 'potential bug' */
+#ifdef PURIFY
+	if ((j&0x03) == 0) p[i]=0;
+#endif
+	l=p[i];
+	p_c2l(cp,l,j&0x03);
+	p[i]=l;
+	i++;
+	/* i is the next 'undefined word' */
+	if (c->num >= MD5_LAST_BLOCK)
+		{
+		for (; i<MD5_LBLOCK; i++)
+			p[i]=0;
+		md5_block(c,p,64);
+		i=0;
+		}
+	for (; i<(MD5_LBLOCK-2); i++)
+		p[i]=0;
+	p[MD5_LBLOCK-2]=c->Nl;
+	p[MD5_LBLOCK-1]=c->Nh;
+	md5_block(c,p,64);
+	cp=md;
+	l=c->A; l2c(l,cp);
+	l=c->B; l2c(l,cp);
+	l=c->C; l2c(l,cp);
+	l=c->D; l2c(l,cp);
+
+	/* clear stuff, md5_block may be leaving some stuff on the stack
+	 * but I'm not worried :-) */
+	c->num=0;
+/*	memset((char *)&c,0,sizeof(c));*/
+	}
+
+#ifdef undef
+int printit(l)
+unsigned long *l;
+	{
+	int i,ii;
+
+	for (i=0; i<2; i++)
+		{
+		for (ii=0; ii<8; ii++)
+			{
+			fprintf(stderr,"%08lx ",l[i*8+ii]);
+			}
+		fprintf(stderr,"\n");
+		}
+	}
+#endif
diff --git a/crypto/md5/md5_locl.h b/crypto/md5/md5_locl.h
new file mode 100644
index 0000000000..dbbe1b71ca
--- /dev/null
+++ b/crypto/md5/md5_locl.h
@@ -0,0 +1,195 @@
+/* crypto/md5/md5_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* On sparc, this actually slows things down :-( */
+#if defined(sun)
+#undef B_ENDIAN
+#endif
+
+#include <stdlib.h>
+#include <string.h>
+#include "md5.h"
+
+#define ULONG	unsigned long
+#define UCHAR	unsigned char
+#define UINT	unsigned int
+
+#if defined(NOCONST)
+#define const
+#endif
+
+#undef c2l
+#define c2l(c,l)	(l = ((unsigned long)(*((c)++)))     , \
+			 l|=(((unsigned long)(*((c)++)))<< 8), \
+			 l|=(((unsigned long)(*((c)++)))<<16), \
+			 l|=(((unsigned long)(*((c)++)))<<24))
+
+#undef p_c2l
+#define p_c2l(c,l,n)	{ \
+			switch (n) { \
+			case 0: l =((unsigned long)(*((c)++))); \
+			case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+			case 2: l|=((unsigned long)(*((c)++)))<<16; \
+			case 3: l|=((unsigned long)(*((c)++)))<<24; \
+				} \
+			}
+
+/* NOTE the pointer is not incremented at the end of this */
+#undef c2l_p
+#define c2l_p(c,l,n)	{ \
+			l=0; \
+			(c)+=n; \
+			switch (n) { \
+			case 3: l =((unsigned long)(*(--(c))))<<16; \
+			case 2: l|=((unsigned long)(*(--(c))))<< 8; \
+			case 1: l|=((unsigned long)(*(--(c))))    ; \
+				} \
+			}
+
+#undef p_c2l_p
+#define p_c2l_p(c,l,sc,len) { \
+			switch (sc) \
+				{ \
+			case 0: l =((unsigned long)(*((c)++))); \
+				if (--len == 0) break; \
+			case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+				if (--len == 0) break; \
+			case 2: l|=((unsigned long)(*((c)++)))<<16; \
+				} \
+			}
+
+#undef l2c
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)    )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+				} \
+			}
+
+/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
+#if defined(WIN32)
+/* 5 instructions with rotate instruction, else 9 */
+#define Endian_Reverse32(a) \
+	{ \
+	unsigned long l=(a); \
+	(a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \
+	}
+#else
+/* 6 instructions with rotate instruction, else 8 */
+#define Endian_Reverse32(a) \
+	{ \
+	unsigned long l=(a); \
+	l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \
+	(a)=ROTATE(l,16L); \
+	}
+#endif
+/*
+#define	F(x,y,z)	(((x) & (y))  |  ((~(x)) & (z)))
+#define	G(x,y,z)	(((x) & (z))  |  ((y) & (~(z))))
+*/
+
+/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
+ * simplified to the code below.  Wei attributes these optimisations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ */
+#define	F(b,c,d)	((((c) ^ (d)) & (b)) ^ (d))
+#define	G(b,c,d)	((((b) ^ (c)) & (d)) ^ (c))
+#define	H(b,c,d)	((b) ^ (c) ^ (d))
+#define	I(b,c,d)	(((~(d)) | (b)) ^ (c))
+
+#undef ROTATE
+#if defined(WIN32)
+#define ROTATE(a,n)     _lrotl(a,n)
+#else
+#define ROTATE(a,n)     (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
+#endif
+
+
+#define R0(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+F((b),(c),(d))); \
+	a=ROTATE(a,s); \
+	a+=b; };\
+
+#define R1(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+G((b),(c),(d))); \
+	a=ROTATE(a,s); \
+	a+=b; };
+
+#define R2(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+H((b),(c),(d))); \
+	a=ROTATE(a,s); \
+	a+=b; };
+
+#define R3(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+I((b),(c),(d))); \
+	a=ROTATE(a,s); \
+	a+=b; };
diff --git a/crypto/md5/md5_one.c b/crypto/md5/md5_one.c
new file mode 100644
index 0000000000..ab6bb435f9
--- /dev/null
+++ b/crypto/md5/md5_one.c
@@ -0,0 +1,77 @@
+/* crypto/md5/md5_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "md5_locl.h"
+
+unsigned char *MD5(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+	{
+	MD5_CTX c;
+	static unsigned char m[MD5_DIGEST_LENGTH];
+
+	if (md == NULL) md=m;
+	MD5_Init(&c);
+	MD5_Update(&c,d,n);
+	MD5_Final(md,&c);
+	memset(&c,0,sizeof(c)); /* security consideration */
+	return(md);
+	}
+
diff --git a/crypto/md5/md5s.cpp b/crypto/md5/md5s.cpp
new file mode 100644
index 0000000000..ef8e175df0
--- /dev/null
+++ b/crypto/md5/md5s.cpp
@@ -0,0 +1,78 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "md5.h"
+
+extern "C" {
+void md5_block_x86(MD5_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[64*256];
+	MD5_CTX ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=0,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=16;
+	if (num > 250) num=16;
+	numm=num+2;
+	num*=64;
+	numm*=64;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			md5_block_x86(&ctx,buffer,numm);
+			GetTSC(s1);
+			md5_block_x86(&ctx,buffer,numm);
+			GetTSC(e1);
+			GetTSC(s2);
+			md5_block_x86(&ctx,buffer,num);
+			GetTSC(e2);
+			md5_block_x86(&ctx,buffer,num);
+			}
+		printf("md5 (%d bytes) %d %d (%.2f)\n",num,
+			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+		}
+	}
+
diff --git a/crypto/md5/md5test.c b/crypto/md5/md5test.c
new file mode 100644
index 0000000000..74b84bc67f
--- /dev/null
+++ b/crypto/md5/md5test.c
@@ -0,0 +1,130 @@
+/* crypto/md5/md5test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "md5.h"
+
+char *test[]={
+	"",
+	"a",
+	"abc",
+	"message digest",
+	"abcdefghijklmnopqrstuvwxyz",
+	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+	"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+	NULL,
+	};
+
+char *ret[]={
+	"d41d8cd98f00b204e9800998ecf8427e",
+	"0cc175b9c0f1b6a831c399e269772661",
+	"900150983cd24fb0d6963f7d28e17f72",
+	"f96b697d7cb7938d525a2f31aaf161d0",
+	"c3fcd3d76192e4007dfb496cca67e13b",
+	"d174ab98d277d9f5a5611c2c9f419d9f",
+	"57edf4a22be3c955ac49da2e2107b67a",
+	};
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int i,err=0;
+	unsigned char **P,**R;
+	char *p;
+
+	P=(unsigned char **)test;
+	R=(unsigned char **)ret;
+	i=1;
+	while (*P != NULL)
+		{
+		p=pt(MD5(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL));
+		if (strcmp(p,(char *)*R) != 0)
+			{
+			printf("error calculating MD5 on '%s'\n",*P);
+			printf("got %s instead of %s\n",p,*R);
+			err++;
+			}
+		else
+			printf("test %d ok\n",i);
+		i++;
+		R++;
+		P++;
+		}
+	exit(err);
+	return(0);
+	}
+
+static char *pt(md)
+unsigned char *md;
+	{
+	int i;
+	static char buf[80];
+
+	for (i=0; i<MD5_DIGEST_LENGTH; i++)
+		sprintf(&(buf[i*2]),"%02x",md[i]);
+	return(buf);
+	}
diff --git a/crypto/mdc2/mdc2.h b/crypto/mdc2/mdc2.h
index d87ea12ec9..0b104be184 100644
--- a/crypto/mdc2/mdc2.h
+++ b/crypto/mdc2/mdc2.h
@@ -1,5 +1,5 @@
 /* crypto/mdc2/mdc2.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -63,7 +63,7 @@
 extern "C" {
 #endif
 
-#include <des.h>
+#include "des.h"
 
 #define MDC2_BLOCK              8
 #define MDC2_DIGEST_LENGTH      16
diff --git a/crypto/mdc2/mdc2_one.c b/crypto/mdc2/mdc2_one.c
index 488ae39283..aa055b66fd 100644
--- a/crypto/mdc2/mdc2_one.c
+++ b/crypto/mdc2/mdc2_one.c
@@ -1,5 +1,5 @@
 /* crypto/mdc2/mdc2_one.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/mdc2/mdc2dgst.c b/crypto/mdc2/mdc2dgst.c
index f4dfcf9bdc..3f3d11a1a2 100644
--- a/crypto/mdc2/mdc2dgst.c
+++ b/crypto/mdc2/mdc2dgst.c
@@ -1,5 +1,5 @@
 /* crypto/mdc2/mdc2dgst.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/mdc2/mdc2test.c b/crypto/mdc2/mdc2test.c
index 6e552a64e4..6e7c9a706e 100644
--- a/crypto/mdc2/mdc2test.c
+++ b/crypto/mdc2/mdc2test.c
@@ -1,5 +1,5 @@
 /* crypto/mdc2/mdc2test.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/mem.c b/crypto/mem.c
index 4274cc938a..72e501ad0f 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -1,5 +1,5 @@
 /* crypto/mem.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -165,7 +165,7 @@ char *file;
 int line;
 	{
 	char *ret;
-	MEM *m;
+	MEM *m,*mm;
 
 	if ((ret=malloc_func(num)) == NULL)
 		return(NULL);
@@ -193,12 +193,10 @@ int line;
 		m->line=line;
 		m->num=num;
 		m->order=order++;
-		if (lh_insert(mh,(char *)m) != NULL)
+		if ((mm=(MEM *)lh_insert(mh,(char *)m)) != NULL)
 			{
-			free(m);
-			free(ret);
-			/* abort(); */
-			ret=NULL;
+			/* Not good, but don't sweat it */
+			free(mm);
 			}
 		CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
 		}
@@ -338,7 +336,7 @@ void (*cb)();
 	CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 void CRYPTO_mem_leaks_fp(fp)
 FILE *fp;
 	{
diff --git a/crypto/objects/Makefile.ssl b/crypto/objects/Makefile.ssl
index 148ac3ce4a..320523cea1 100644
--- a/crypto/objects/Makefile.ssl
+++ b/crypto/objects/Makefile.ssl
@@ -82,6 +82,6 @@ clean:
 
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index 86c3d38e4b..34866ebbd2 100644
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -1,5 +1,5 @@
 /* crypto/objects/obj_dat.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -57,6 +57,7 @@
  */
 
 #include <stdio.h>
+#include <ctype.h>
 #include "cryptlib.h"
 #include "lhash.h"
 #include "asn1.h"
@@ -128,7 +129,7 @@ ADDED_OBJ *ca;
 	default:
 		abort();
 		}
-	ret&=0x3fffffff;
+	ret&=0x3fffffffL;
 	ret|=ca->type<<30L;
 	return(ret);
 	}
@@ -199,6 +200,7 @@ void OBJ_cleanup()
 	lh_doall(added,cleanup2); /* set counters */
 	lh_doall(added,cleanup3); /* free objects */
 	lh_free(added);
+	added=NULL;
 	}
 
 int OBJ_new_nid(num)
@@ -251,7 +253,7 @@ err:
 	for (i=ADDED_DATA; i<=ADDED_NID; i++)
 		if (ao[i] != NULL) Free(ao[i]);
 	if (o != NULL) Free(o);
-	return(0);
+	return(NID_undef);
 	}
 
 ASN1_OBJECT *OBJ_nid2obj(n)
@@ -385,9 +387,34 @@ char *s;
 
 	ret=OBJ_sn2nid(s);
 	if (ret == NID_undef)
-		return(OBJ_ln2nid(s));
-	else
-		return(ret);
+		{
+		ret=OBJ_ln2nid(s);
+		if (ret == NID_undef)
+			{
+			ASN1_OBJECT *op=NULL;
+			unsigned char *buf,*p;
+			int i;
+
+			i=a2d_ASN1_OBJECT(NULL,0,s,-1);
+			if (i <= 0)
+				{
+				/* clear the error */
+				ERR_get_error();
+				return(0);
+				}
+
+			if ((buf=(unsigned char *)Malloc(i)) == NULL)
+				return(NID_undef);
+			a2d_ASN1_OBJECT(buf,i,s,-1);
+			p=buf;
+			op=d2i_ASN1_OBJECT(NULL,&p,i);
+			if (op == NULL) return(NID_undef);
+			ret=OBJ_obj2nid(op);
+			ASN1_OBJECT_free(op);
+			Free(buf);
+			}
+		}
+	return(ret);
 	}
 
 int OBJ_ln2nid(s)
@@ -471,7 +498,56 @@ int (*cmp)();
 	return(NULL);
 	}
 
-int OBJ_create_and_add_object(oid,sn,ln)
+int OBJ_create_objects(in)
+BIO *in;
+	{
+	MS_STATIC char buf[512];
+	int i,num= -1;
+	char *o,*s,*l=NULL;
+
+	for (;;)
+		{
+		s=o=NULL;
+		i=BIO_gets(in,buf,512);
+		if (i <= 0) return(num);
+		buf[i-1]='\0';
+		if (!isalnum(buf[0])) return(num);
+		o=s=buf;
+		while (isdigit(*s) || (*s == '.'))
+			s++;
+		if (*s != '\0')
+			{
+			*(s++)='\0';
+			while (isspace(*s))
+				s++;
+			if (*s == '\0')
+				s=NULL;
+			else
+				{
+				l=s;
+				while ((*l != '\0') && !isspace(*l))
+					l++;
+				if (*l != '\0')
+					{
+					*(l++)='\0';
+					while (isspace(*l))
+						l++;
+					if (*l == '\0') l=NULL;
+					}
+				else
+					l=NULL;
+				}
+			}
+		else
+			s=NULL;
+		if ((o == NULL) || (*o == '\0')) return(num);
+		if (!OBJ_create(o,s,l)) return(num);
+		num++;
+		}
+	return(num);
+	}
+
+int OBJ_create(oid,sn,ln)
 char *oid;
 char *sn;
 char *ln;
@@ -486,7 +562,7 @@ char *ln;
 
 	if ((buf=(unsigned char *)Malloc(i)) == NULL)
 		{
-		OBJerr(OBJ_F_OBJ_CREATE_AND_ADD_OBJECT,OBJ_R_MALLOC_FAILURE);
+		OBJerr(OBJ_F_OBJ_CREATE,OBJ_R_MALLOC_FAILURE);
 		return(0);
 		}
 	i=a2d_ASN1_OBJECT(buf,i,oid,-1);
@@ -499,3 +575,4 @@ err:
 	Free((char *)buf);
 	return(ok);
 	}
+
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index 4b79abda8e..6f106759a3 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -61,12 +61,12 @@
  * perl obj_dat.pl < objects.h > obj_dat.h
  */
 
-#define NUM_NID 97
-#define NUM_SN 70
-#define NUM_LN 96
-#define NUM_OBJ 78
+#define NUM_NID 124
+#define NUM_SN 95
+#define NUM_LN 122
+#define NUM_OBJ 95
 
-static unsigned char lvalues[515]={
+static unsigned char lvalues[600]={
 0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  0] OBJ_rsadsi */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  6] OBJ_pkcs */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,     /* [ 13] OBJ_md2 */
@@ -120,10 +120,10 @@ static unsigned char lvalues[515]={
 0x2B,0x0E,0x03,0x02,0x1A,                    /* [349] OBJ_sha1 */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [354] OBJ_sha1WithRSAEncryption */
 0x2B,0x0E,0x03,0x02,0x0D,                    /* [363] OBJ_dsaWithSHA */
-0x2B,0x0E,0x03,0x02,0x0C,                    /* [368] OBJ_dsa */
+0x2B,0x0E,0x03,0x02,0x0C,                    /* [368] OBJ_dsa_2 */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [373] OBJ_pbeWithSHA1AndRC2_CBC */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [382] OBJ_pbeWithSHA1AndRC4 */
-0x2B,0x0E,0x03,0x02,0x1B,                    /* [391] OBJ_dsaWithSHA1 */
+0x2B,0x0E,0x03,0x02,0x1B,                    /* [391] OBJ_dsaWithSHA1_2 */
 0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [396] OBJ_netscape_cert_type */
 0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [405] OBJ_netscape_base_url */
 0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [414] OBJ_netscape_revocation_url */
@@ -145,6 +145,23 @@ static unsigned char lvalues[515]={
 0x55,0x1D,0x23,                              /* [503] OBJ_authority_key_identifier */
 0x55,0x08,0x03,0x65,                         /* [506] OBJ_mdc2 */
 0x55,0x08,0x03,0x64,                         /* [510] OBJ_mdc2WithRSA */
+0x55,0x04,0x2A,                              /* [514] OBJ_givenName */
+0x55,0x04,0x04,                              /* [517] OBJ_surname */
+0x55,0x04,0x2B,                              /* [520] OBJ_initials */
+0x55,0x04,0x2D,                              /* [523] OBJ_uniqueIdentifier */
+0x55,0x1D,0x1F,                              /* [526] OBJ_crl_distribution_points */
+0x2B,0x0E,0x03,0x02,0x03,                    /* [529] OBJ_md5WithRSA */
+0x55,0x04,0x05,                              /* [534] OBJ_serialNumber */
+0x55,0x04,0x0C,                              /* [537] OBJ_title */
+0x55,0x04,0x0D,                              /* [540] OBJ_description */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [543] OBJ_cast5_cbc */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [552] OBJ_pbeWithMD5AndCast5_CBC */
+0x2A,0x86,0x48,0xCE,0x38,0x04,0x03,          /* [561] OBJ_dsaWithSHA1 */
+0x2B,0x0E,0x03,0x02,0x1D,                    /* [568] OBJ_sha1WithRSA */
+0x2A,0x86,0x48,0xCE,0x38,0x04,0x01,          /* [573] OBJ_dsa */
+0x2B,0x24,0x03,0x02,0x01,                    /* [580] OBJ_ripemd160 */
+0x2B,0x24,0x03,0x03,0x01,0x02,               /* [585] OBJ_ripemd160WithRSA */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08,     /* [591] OBJ_rc5_cbc */
 };
 
 static ASN1_OBJECT nid_objs[NUM_NID]={
@@ -237,12 +254,12 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
 {"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
 	&(lvalues[354]),0},
 {"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[363]),0},
-{"DSA","dsaEncryption",NID_dsa,5,&(lvalues[368]),0},
+{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[368]),0},
 {"pbeWithSHA1AndRC2-CBC","pbeWithSHA1AndRC2-CBC",
 	NID_pbeWithSHA1AndRC2_CBC,9,&(lvalues[373]),0},
 {"pbeWithSHA1AndRC4","pbeWithSHA1AndRC4",NID_pbeWithSHA1AndRC4,9,
 	&(lvalues[382]),0},
-{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,5,&(lvalues[391]),0},
+{"DSA-SHA1-old","dsaWithSHA1",NID_dsaWithSHA1_2,5,&(lvalues[391]),0},
 {"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9,
 	&(lvalues[396]),0},
 {"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9,
@@ -284,6 +301,36 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
 {"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL},
 {"MDC2","mdc2",NID_mdc2,4,&(lvalues[506]),0},
 {"RSA-MDC2","mdc2withRSA",NID_mdc2WithRSA,4,&(lvalues[510]),0},
+{"RC4-40","rc4-40",NID_rc4_40,0,NULL},
+{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL},
+{"G","givenName",NID_givenName,3,&(lvalues[514]),0},
+{"S","surname",NID_surname,3,&(lvalues[517]),0},
+{"I","initials",NID_initials,3,&(lvalues[520]),0},
+{"UID","uniqueIdentifier",NID_uniqueIdentifier,3,&(lvalues[523]),0},
+{"crlDistributionPoints","X509v3 CRL Distribution Points",
+	NID_crl_distribution_points,3,&(lvalues[526]),0},
+{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[529]),0},
+{"SN","serialNumber",NID_serialNumber,3,&(lvalues[534]),0},
+{"T","title",NID_title,3,&(lvalues[537]),0},
+{"D","description",NID_description,3,&(lvalues[540]),0},
+{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[543]),0},
+{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL},
+{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL},
+{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL},
+{"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC",
+	NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[552]),0},
+{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[561]),0},
+{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL},
+{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[568]),0},
+{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[573]),0},
+{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[580]),0},
+{NULL,NULL,NID_undef,0,NULL},
+{"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6,
+	&(lvalues[585]),0},
+{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[591]),0},
+{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL},
+{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL},
+{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL},
 };
 
 static ASN1_OBJECT *sn_objs[NUM_SN]={
@@ -292,7 +339,12 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
 &(nid_objs[92]),/* "BF-ECB" */
 &(nid_objs[94]),/* "BF-OFB" */
 &(nid_objs[14]),/* "C" */
+&(nid_objs[108]),/* "CAST5-CBC" */
+&(nid_objs[110]),/* "CAST5-CFB" */
+&(nid_objs[109]),/* "CAST5-ECB" */
+&(nid_objs[111]),/* "CAST5-OFB" */
 &(nid_objs[13]),/* "CN" */
+&(nid_objs[107]),/* "D" */
 &(nid_objs[31]),/* "DES-CBC" */
 &(nid_objs[30]),/* "DES-CFB" */
 &(nid_objs[29]),/* "DES-ECB" */
@@ -306,10 +358,14 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
 &(nid_objs[63]),/* "DES-EDE3-OFB" */
 &(nid_objs[45]),/* "DES-OFB" */
 &(nid_objs[80]),/* "DESX-CBC" */
-&(nid_objs[67]),/* "DSA" */
+&(nid_objs[116]),/* "DSA" */
 &(nid_objs[66]),/* "DSA-SHA" */
-&(nid_objs[70]),/* "DSA-SHA1" */
+&(nid_objs[113]),/* "DSA-SHA1" */
+&(nid_objs[70]),/* "DSA-SHA1-old" */
+&(nid_objs[67]),/* "DSA-old" */
 &(nid_objs[48]),/* "Email" */
+&(nid_objs[99]),/* "G" */
+&(nid_objs[101]),/* "I" */
 &(nid_objs[34]),/* "IDEA-CBC" */
 &(nid_objs[35]),/* "IDEA-CFB" */
 &(nid_objs[36]),/* "IDEA-ECB" */
@@ -317,28 +373,44 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
 &(nid_objs[15]),/* "L" */
 &(nid_objs[ 3]),/* "MD2" */
 &(nid_objs[ 4]),/* "MD5" */
+&(nid_objs[114]),/* "MD5-SHA1" */
 &(nid_objs[95]),/* "MDC2" */
 &(nid_objs[57]),/* "Netscape" */
 &(nid_objs[17]),/* "O" */
 &(nid_objs[18]),/* "OU" */
+&(nid_objs[98]),/* "RC2-40-CBC" */
 &(nid_objs[37]),/* "RC2-CBC" */
 &(nid_objs[39]),/* "RC2-CFB" */
 &(nid_objs[38]),/* "RC2-ECB" */
 &(nid_objs[40]),/* "RC2-OFB" */
 &(nid_objs[ 5]),/* "RC4" */
+&(nid_objs[97]),/* "RC4-40" */
+&(nid_objs[120]),/* "RC5-CBC" */
+&(nid_objs[122]),/* "RC5-CFB" */
+&(nid_objs[121]),/* "RC5-ECB" */
+&(nid_objs[123]),/* "RC5-OFB" */
+&(nid_objs[117]),/* "RIPEMD160" */
 &(nid_objs[19]),/* "RSA" */
 &(nid_objs[ 7]),/* "RSA-MD2" */
 &(nid_objs[ 8]),/* "RSA-MD5" */
 &(nid_objs[96]),/* "RSA-MDC2" */
+&(nid_objs[104]),/* "RSA-NP-MD5" */
+&(nid_objs[119]),/* "RSA-RIPEMD160" */
 &(nid_objs[42]),/* "RSA-SHA" */
 &(nid_objs[65]),/* "RSA-SHA1" */
+&(nid_objs[115]),/* "RSA-SHA1-2" */
+&(nid_objs[100]),/* "S" */
 &(nid_objs[41]),/* "SHA" */
 &(nid_objs[64]),/* "SHA1" */
+&(nid_objs[105]),/* "SN" */
 &(nid_objs[16]),/* "ST" */
+&(nid_objs[106]),/* "T" */
+&(nid_objs[102]),/* "UID" */
 &(nid_objs[ 0]),/* "UNDEF" */
 &(nid_objs[90]),/* "authorityKeyIdentifier" */
 &(nid_objs[87]),/* "basicConstraints" */
 &(nid_objs[89]),/* "certificatePolicies" */
+&(nid_objs[103]),/* "crlDistributionPoints" */
 &(nid_objs[88]),/* "crlNumber" */
 &(nid_objs[86]),/* "issuerAltName" */
 &(nid_objs[83]),/* "keyUsage" */
@@ -376,6 +448,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
 &(nid_objs[12]),/* "X509" */
 &(nid_objs[90]),/* "X509v3 Authority Key Identifier" */
 &(nid_objs[87]),/* "X509v3 Basic Constraints" */
+&(nid_objs[103]),/* "X509v3 CRL Distribution Points" */
 &(nid_objs[88]),/* "X509v3 CRL Number" */
 &(nid_objs[89]),/* "X509v3 Certificate Policies" */
 &(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
@@ -387,6 +460,10 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
 &(nid_objs[93]),/* "bf-cfb" */
 &(nid_objs[92]),/* "bf-ecb" */
 &(nid_objs[94]),/* "bf-ofb" */
+&(nid_objs[108]),/* "cast5-cbc" */
+&(nid_objs[110]),/* "cast5-cfb" */
+&(nid_objs[109]),/* "cast5-ecb" */
+&(nid_objs[111]),/* "cast5-ofb" */
 &(nid_objs[54]),/* "challengePassword" */
 &(nid_objs[13]),/* "commonName" */
 &(nid_objs[50]),/* "contentType" */
@@ -404,21 +481,28 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
 &(nid_objs[61]),/* "des-ede3-cfb" */
 &(nid_objs[63]),/* "des-ede3-ofb" */
 &(nid_objs[45]),/* "des-ofb" */
+&(nid_objs[107]),/* "description" */
 &(nid_objs[80]),/* "desx-cbc" */
 &(nid_objs[28]),/* "dhKeyAgreement" */
-&(nid_objs[67]),/* "dsaEncryption" */
+&(nid_objs[116]),/* "dsaEncryption" */
+&(nid_objs[67]),/* "dsaEncryption-old" */
 &(nid_objs[66]),/* "dsaWithSHA" */
 &(nid_objs[70]),/* "dsaWithSHA1" */
+&(nid_objs[113]),/* "dsaWithSHA1" */
 &(nid_objs[48]),/* "emailAddress" */
 &(nid_objs[56]),/* "extendedCertificateAttributes" */
+&(nid_objs[99]),/* "givenName" */
 &(nid_objs[34]),/* "idea-cbc" */
 &(nid_objs[35]),/* "idea-cfb" */
 &(nid_objs[36]),/* "idea-ecb" */
 &(nid_objs[46]),/* "idea-ofb" */
+&(nid_objs[101]),/* "initials" */
 &(nid_objs[15]),/* "localityName" */
 &(nid_objs[ 3]),/* "md2" */
 &(nid_objs[ 7]),/* "md2WithRSAEncryption" */
 &(nid_objs[ 4]),/* "md5" */
+&(nid_objs[114]),/* "md5-sha1" */
+&(nid_objs[104]),/* "md5WithRSA" */
 &(nid_objs[ 8]),/* "md5WithRSAEncryption" */
 &(nid_objs[95]),/* "mdc2" */
 &(nid_objs[96]),/* "mdc2withRSA" */
@@ -426,6 +510,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
 &(nid_objs[17]),/* "organizationName" */
 &(nid_objs[18]),/* "organizationalUnitName" */
 &(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
+&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
 &(nid_objs[10]),/* "pbeWithMD5AndDES-CBC" */
 &(nid_objs[68]),/* "pbeWithSHA1AndRC2-CBC" */
 &(nid_objs[69]),/* "pbeWithSHA1AndRC4" */
@@ -439,21 +524,34 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
 &(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
 &(nid_objs[22]),/* "pkcs7-signedData" */
 &(nid_objs[47]),/* "pkcs9" */
+&(nid_objs[98]),/* "rc2-40-cbc" */
 &(nid_objs[37]),/* "rc2-cbc" */
 &(nid_objs[39]),/* "rc2-cfb" */
 &(nid_objs[38]),/* "rc2-ecb" */
 &(nid_objs[40]),/* "rc2-ofb" */
 &(nid_objs[ 5]),/* "rc4" */
+&(nid_objs[97]),/* "rc4-40" */
+&(nid_objs[120]),/* "rc5-cbc" */
+&(nid_objs[122]),/* "rc5-cfb" */
+&(nid_objs[121]),/* "rc5-ecb" */
+&(nid_objs[123]),/* "rc5-ofb" */
+&(nid_objs[117]),/* "ripemd160" */
+&(nid_objs[119]),/* "ripemd160WithRSA" */
 &(nid_objs[19]),/* "rsa" */
 &(nid_objs[ 6]),/* "rsaEncryption" */
 &(nid_objs[ 1]),/* "rsadsi" */
+&(nid_objs[105]),/* "serialNumber" */
 &(nid_objs[41]),/* "sha" */
 &(nid_objs[64]),/* "sha1" */
+&(nid_objs[115]),/* "sha1WithRSA" */
 &(nid_objs[65]),/* "sha1WithRSAEncryption" */
 &(nid_objs[42]),/* "shaWithRSAEncryption" */
 &(nid_objs[52]),/* "signingTime" */
 &(nid_objs[16]),/* "stateOrProvinceName" */
+&(nid_objs[100]),/* "surname" */
+&(nid_objs[106]),/* "title" */
 &(nid_objs[ 0]),/* "undefined" */
+&(nid_objs[102]),/* "uniqueIdentifier" */
 &(nid_objs[55]),/* "unstructuredAddress" */
 &(nid_objs[49]),/* "unstructuredName" */
 };
@@ -463,11 +561,18 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
 &(nid_objs[12]),/* OBJ_X509                         2 5 4 */
 &(nid_objs[81]),/* OBJ_ld_ce                        2 5 29 */
 &(nid_objs[13]),/* OBJ_commonName                   2 5 4 3 */
+&(nid_objs[100]),/* OBJ_surname                      2 5 4 4 */
+&(nid_objs[105]),/* OBJ_serialNumber                 2 5 4 5 */
 &(nid_objs[14]),/* OBJ_countryName                  2 5 4 6 */
 &(nid_objs[15]),/* OBJ_localityName                 2 5 4 7 */
 &(nid_objs[16]),/* OBJ_stateOrProvinceName          2 5 4 8 */
 &(nid_objs[17]),/* OBJ_organizationName             2 5 4 10 */
 &(nid_objs[18]),/* OBJ_organizationalUnitName       2 5 4 11 */
+&(nid_objs[106]),/* OBJ_title                        2 5 4 12 */
+&(nid_objs[107]),/* OBJ_description                  2 5 4 13 */
+&(nid_objs[99]),/* OBJ_givenName                    2 5 4 42 */
+&(nid_objs[101]),/* OBJ_initials                     2 5 4 43 */
+&(nid_objs[102]),/* OBJ_uniqueIdentifier             2 5 4 45 */
 &(nid_objs[82]),/* OBJ_subject_key_identifier       2 5 29 14 */
 &(nid_objs[83]),/* OBJ_key_usage                    2 5 29 15 */
 &(nid_objs[84]),/* OBJ_private_key_usage_period     2 5 29 16 */
@@ -475,24 +580,31 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
 &(nid_objs[86]),/* OBJ_issuer_alt_name              2 5 29 18 */
 &(nid_objs[87]),/* OBJ_basic_constraints            2 5 29 19 */
 &(nid_objs[88]),/* OBJ_crl_number                   2 5 29 20 */
+&(nid_objs[103]),/* OBJ_crl_distribution_points      2 5 29 31 */
 &(nid_objs[89]),/* OBJ_certificate_policies         2 5 29 32 */
 &(nid_objs[90]),/* OBJ_authority_key_identifier     2 5 29 35 */
 &(nid_objs[19]),/* OBJ_rsa                          2 5 8 1 1 */
 &(nid_objs[96]),/* OBJ_mdc2WithRSA                  2 5 8 3 100 */
 &(nid_objs[95]),/* OBJ_mdc2                         2 5 8 3 101 */
+&(nid_objs[104]),/* OBJ_md5WithRSA                   1 3 14 3 2 3 */
 &(nid_objs[29]),/* OBJ_des_ecb                      1 3 14 3 2 6 */
 &(nid_objs[31]),/* OBJ_des_cbc                      1 3 14 3 2 7 */
 &(nid_objs[45]),/* OBJ_des_ofb64                    1 3 14 3 2 8 */
 &(nid_objs[30]),/* OBJ_des_cfb64                    1 3 14 3 2 9 */
-&(nid_objs[67]),/* OBJ_dsa                          1 3 14 3 2 12 */
+&(nid_objs[67]),/* OBJ_dsa_2                        1 3 14 3 2 12 */
 &(nid_objs[66]),/* OBJ_dsaWithSHA                   1 3 14 3 2 13 */
 &(nid_objs[42]),/* OBJ_shaWithRSAEncryption         1 3 14 3 2 15 */
 &(nid_objs[32]),/* OBJ_des_ede                      1 3 14 3 2 17 */
 &(nid_objs[41]),/* OBJ_sha                          1 3 14 3 2 18 */
 &(nid_objs[64]),/* OBJ_sha1                         1 3 14 3 2 26 */
-&(nid_objs[70]),/* OBJ_dsaWithSHA1                  1 3 14 3 2 27 */
+&(nid_objs[70]),/* OBJ_dsaWithSHA1_2                1 3 14 3 2 27 */
+&(nid_objs[115]),/* OBJ_sha1WithRSA                  1 3 14 3 2 29 */
+&(nid_objs[117]),/* OBJ_ripemd160                    1 3 36 3 2 1 */
 &(nid_objs[ 1]),/* OBJ_rsadsi                       1 2 840 113549 */
+&(nid_objs[119]),/* OBJ_ripemd160WithRSA             1 3 36 3 3 1 2 */
 &(nid_objs[ 2]),/* OBJ_pkcs                         1 2 840 113549 1 */
+&(nid_objs[116]),/* OBJ_dsa                          1 2 840 10040 4 1 */
+&(nid_objs[113]),/* OBJ_dsaWithSHA1                  1 2 840 10040 4 3 */
 &(nid_objs[57]),/* OBJ_netscape                     2 16 840 1 113730 */
 &(nid_objs[27]),/* OBJ_pkcs3                        1 2 840 113549 1 3 */
 &(nid_objs[20]),/* OBJ_pkcs7                        1 2 840 113549 1 7 */
@@ -502,8 +614,11 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
 &(nid_objs[37]),/* OBJ_rc2_cbc                      1 2 840 113549 3 2 */
 &(nid_objs[ 5]),/* OBJ_rc4                          1 2 840 113549 3 4 */
 &(nid_objs[44]),/* OBJ_des_ede3_cbc                 1 2 840 113549 3 7 */
+&(nid_objs[120]),/* OBJ_rc5_cbc                      1 2 840 113549 3 8 */
 &(nid_objs[58]),/* OBJ_netscape_cert_extension      2 16 840 1 113730 1 */
 &(nid_objs[59]),/* OBJ_netscape_data_type           2 16 840 1 113730 2 */
+&(nid_objs[108]),/* OBJ_cast5_cbc                    1 2 840 113533 7 66 10 */
+&(nid_objs[112]),/* OBJ_pbeWithMD5AndCast5_CBC       1 2 840 113533 7 66 12 */
 &(nid_objs[ 6]),/* OBJ_rsaEncryption                1 2 840 113549 1 1 1 */
 &(nid_objs[ 7]),/* OBJ_md2WithRSAEncryption         1 2 840 113549 1 1 2 */
 &(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption         1 2 840 113549 1 1 4 */
diff --git a/crypto/objects/obj_err.c b/crypto/objects/obj_err.c
index bfc13d79a4..45206c616c 100644
--- a/crypto/objects/obj_err.c
+++ b/crypto/objects/obj_err.c
@@ -60,9 +60,10 @@
 #include "objects.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA OBJ_str_functs[]=
 	{
-{ERR_PACK(0,OBJ_F_OBJ_CREATE_AND_ADD_OBJECT,0),	"OBJ_create_and_add_object"},
+{ERR_PACK(0,OBJ_F_OBJ_CREATE,0),	"OBJ_create"},
 {ERR_PACK(0,OBJ_F_OBJ_DUP,0),	"OBJ_dup"},
 {ERR_PACK(0,OBJ_F_OBJ_NID2LN,0),	"OBJ_nid2ln"},
 {ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0),	"OBJ_nid2obj"},
@@ -77,14 +78,19 @@ static ERR_STRING_DATA OBJ_str_reasons[]=
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_OBJ_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_OBJ,OBJ_str_functs);
 		ERR_load_strings(ERR_LIB_OBJ,OBJ_str_reasons);
+#endif
+
 		}
 	}
diff --git a/crypto/objects/obj_lib.c b/crypto/objects/obj_lib.c
index 35a8d70e09..0a9c756197 100644
--- a/crypto/objects/obj_lib.c
+++ b/crypto/objects/obj_lib.c
@@ -1,5 +1,5 @@
 /* crypto/objects/obj_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/objects/objects.err b/crypto/objects/objects.err
index 3f8c54e2db..8bec3eaea2 100644
--- a/crypto/objects/objects.err
+++ b/crypto/objects/objects.err
@@ -1,7 +1,7 @@
 /* Error codes for the OBJ functions. */
 
 /* Function codes. */
-#define OBJ_F_OBJ_CREATE_AND_ADD_OBJECT			 100
+#define OBJ_F_OBJ_CREATE				 100
 #define OBJ_F_OBJ_DUP					 101
 #define OBJ_F_OBJ_NID2LN				 102
 #define OBJ_F_OBJ_NID2OBJ				 103
diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h
index e69cb7134a..e1d555b47c 100644
--- a/crypto/objects/objects.h
+++ b/crypto/objects/objects.h
@@ -1,5 +1,5 @@
 /* crypto/objects/objects.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -373,10 +373,10 @@ extern "C" {
 #define NID_dsaWithSHA			66
 #define OBJ_dsaWithSHA			OBJ_algorithm,13L
 
-#define SN_dsa				"DSA"
-#define LN_dsa				"dsaEncryption"
-#define NID_dsa				67
-#define OBJ_dsa				OBJ_algorithm,12L
+#define SN_dsa_2			"DSA-old"
+#define LN_dsa_2			"dsaEncryption-old"
+#define NID_dsa_2			67
+#define OBJ_dsa_2			OBJ_algorithm,12L
 
 /* proposed by microsoft to RSA */
 #define LN_pbeWithSHA1AndRC2_CBC	"pbeWithSHA1AndRC2-CBC"
@@ -388,11 +388,11 @@ extern "C" {
 #define NID_pbeWithSHA1AndRC4		69
 #define OBJ_pbeWithSHA1AndRC4		OBJ_pkcs,5L,12L 
 
-#define SN_dsaWithSHA1			"DSA-SHA1"
-#define LN_dsaWithSHA1			"dsaWithSHA1"
-#define NID_dsaWithSHA1			70
+#define SN_dsaWithSHA1_2		"DSA-SHA1-old"
+#define LN_dsaWithSHA1_2		"dsaWithSHA1"
+#define NID_dsaWithSHA1_2		70
 /* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */
-#define OBJ_dsaWithSHA1			OBJ_algorithm,27L
+#define OBJ_dsaWithSHA1_2		OBJ_algorithm,27L
 
 #define SN_netscape_cert_type		"nsCertType"
 #define LN_netscape_cert_type		"Netscape Cert Type"
@@ -512,14 +512,153 @@ extern "C" {
 #define LN_mdc2				"mdc2"
 #define NID_mdc2			95
 #define OBJ_mdc2			2L,5L,8L,3L,101L
+/* An alternative?			1L,3L,14L,3L,2L,19L */
 
 #define SN_mdc2WithRSA			"RSA-MDC2"
 #define LN_mdc2WithRSA			"mdc2withRSA"
 #define NID_mdc2WithRSA			96
 #define OBJ_mdc2WithRSA			2L,5L,8L,3L,100L
 
+#define SN_rc4_40			"RC4-40"
+#define LN_rc4_40			"rc4-40"
+#define NID_rc4_40			97
+
+#define SN_rc2_40_cbc			"RC2-40-CBC"
+#define LN_rc2_40_cbc			"rc2-40-cbc"
+#define NID_rc2_40_cbc			98
+
+#define SN_givenName			"G"
+#define LN_givenName			"givenName"
+#define NID_givenName			99
+#define OBJ_givenName			OBJ_X509,42L
+
+#define SN_surname			"S"
+#define LN_surname			"surname"
+#define NID_surname			100
+#define OBJ_surname			OBJ_X509,4L
+
+#define SN_initials			"I"
+#define LN_initials			"initials"
+#define NID_initials			101
+#define OBJ_initials			OBJ_X509,43L
+
+#define SN_uniqueIdentifier		"UID"
+#define LN_uniqueIdentifier		"uniqueIdentifier"
+#define NID_uniqueIdentifier		102
+#define OBJ_uniqueIdentifier		OBJ_X509,45L
+
+#define SN_crl_distribution_points	"crlDistributionPoints"
+#define LN_crl_distribution_points	"X509v3 CRL Distribution Points"
+#define NID_crl_distribution_points	103
+#define OBJ_crl_distribution_points	OBJ_ld_ce,31L
+
+#define SN_md5WithRSA			"RSA-NP-MD5"
+#define LN_md5WithRSA			"md5WithRSA"
+#define NID_md5WithRSA			104
+#define OBJ_md5WithRSA			OBJ_algorithm,3L
+
+#define SN_serialNumber			"SN"
+#define LN_serialNumber			"serialNumber"
+#define NID_serialNumber		105
+#define OBJ_serialNumber		OBJ_X509,5L
+
+#define SN_title			"T"
+#define LN_title			"title"
+#define NID_title			106
+#define OBJ_title			OBJ_X509,12L
+
+#define SN_description			"D"
+#define LN_description			"description"
+#define NID_description			107
+#define OBJ_description			OBJ_X509,13L
+
+/* CAST5 is CAST-128, I'm just sticking with the documentation */
+#define SN_cast5_cbc			"CAST5-CBC"
+#define LN_cast5_cbc			"cast5-cbc"
+#define NID_cast5_cbc			108
+#define OBJ_cast5_cbc			1L,2L,840L,113533L,7L,66L,10L
+
+#define SN_cast5_ecb			"CAST5-ECB"
+#define LN_cast5_ecb			"cast5-ecb"
+#define NID_cast5_ecb			109
+
+#define SN_cast5_cfb64			"CAST5-CFB"
+#define LN_cast5_cfb64			"cast5-cfb"
+#define NID_cast5_cfb64			110
+
+#define SN_cast5_ofb64			"CAST5-OFB"
+#define LN_cast5_ofb64			"cast5-ofb"
+#define NID_cast5_ofb64			111
+
+#define LN_pbeWithMD5AndCast5_CBC	"pbeWithMD5AndCast5CBC"
+#define NID_pbeWithMD5AndCast5_CBC	112
+#define OBJ_pbeWithMD5AndCast5_CBC	1L,2L,840L,113533L,7L,66L,12L
+
+/* This is one sun will soon be using :-(
+ * id-dsa-with-sha1 ID  ::= {
+ *   iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 }
+ */
+#define SN_dsaWithSHA1			"DSA-SHA1"
+#define LN_dsaWithSHA1			"dsaWithSHA1"
+#define NID_dsaWithSHA1			113
+#define OBJ_dsaWithSHA1			1L,2L,840L,10040L,4L,3L
+
+#define NID_md5_sha1			114
+#define SN_md5_sha1			"MD5-SHA1"
+#define LN_md5_sha1			"md5-sha1"
+
+#define SN_sha1WithRSA			"RSA-SHA1-2"
+#define LN_sha1WithRSA			"sha1WithRSA"
+#define NID_sha1WithRSA			115
+#define OBJ_sha1WithRSA			OBJ_algorithm,29L
+
+#define SN_dsa				"DSA"
+#define LN_dsa				"dsaEncryption"
+#define NID_dsa				116
+#define OBJ_dsa				1L,2L,840L,10040L,4L,1L
+
+#define SN_ripemd160			"RIPEMD160"
+#define LN_ripemd160			"ripemd160"
+#define NID_ripemd160			117
+#define OBJ_ripemd160			1L,3L,36L,3L,2L,1L
+
+/* The name should actually be rsaSignatureWithripemd160, but I'm going
+ * to contiune using the convention I'm using with the other ciphers */
+#define SN_ripemd160WithRSA		"RSA-RIPEMD160"
+#define LN_ripemd160WithRSA		"ripemd160WithRSA"
+#define NID_ripemd160WithRSA		119
+#define OBJ_ripemd160WithRSA		1L,3L,36L,3L,3L,1L,2L
+
+/* Taken from rfc2040
+ *  RC5_CBC_Parameters ::= SEQUENCE {
+ *	version           INTEGER (v1_0(16)),
+ *	rounds            INTEGER (8..127),
+ *	blockSizeInBits   INTEGER (64, 128),
+ *	iv                OCTET STRING OPTIONAL
+ *	}
+ */
+#define SN_rc5_cbc			"RC5-CBC"
+#define LN_rc5_cbc			"rc5-cbc"
+#define NID_rc5_cbc			120
+#define OBJ_rc5_cbc			OBJ_rsadsi,3L,8L
+
+#define SN_rc5_ecb			"RC5-ECB"
+#define LN_rc5_ecb			"rc5-ecb"
+#define NID_rc5_ecb			121
+
+#define SN_rc5_cfb64			"RC5-CFB"
+#define LN_rc5_cfb64			"rc5-cfb"
+#define NID_rc5_cfb64			122
+
+#define SN_rc5_ofb64			"RC5-OFB"
+#define LN_rc5_ofb64			"rc5-ofb"
+#define NID_rc5_ofb64			123
+
+#include "bio.h"
 #include "asn1.h"
 
+#define		OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
+
 #ifndef NOPROTO
 
 ASN1_OBJECT *	OBJ_dup(ASN1_OBJECT *o);
@@ -537,9 +676,9 @@ void		ERR_load_OBJ_strings(void );
 
 int		OBJ_new_nid(int num);
 int		OBJ_add_object(ASN1_OBJECT *obj);
-int		OBJ_create_and_add_object(char *oid,char *sn,char *ln);
-
+int		OBJ_create(char *oid,char *sn,char *ln);
 void		OBJ_cleanup(void );
+int		OBJ_create_objects(BIO *in);
 
 #else
 
@@ -558,8 +697,9 @@ void		ERR_load_OBJ_strings();
 
 int		OBJ_new_nid();
 int		OBJ_add_object();
-int		OBJ_create_and_add_object();
+int		OBJ_create();
 void		OBJ_cleanup();
+int		OBJ_create_objects();
 
 #endif
 
@@ -567,7 +707,7 @@ void		OBJ_cleanup();
 /* Error codes for the OBJ functions. */
 
 /* Function codes. */
-#define OBJ_F_OBJ_CREATE_AND_ADD_OBJECT			 100
+#define OBJ_F_OBJ_CREATE				 100
 #define OBJ_F_OBJ_DUP					 101
 #define OBJ_F_OBJ_NID2LN				 102
 #define OBJ_F_OBJ_NID2OBJ				 103
diff --git a/crypto/pem/Makefile.ssl b/crypto/pem/Makefile.ssl
index 447fcb4c0d..fc04a88fd9 100644
--- a/crypto/pem/Makefile.ssl
+++ b/crypto/pem/Makefile.ssl
@@ -91,6 +91,6 @@ clean:
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).org # SPECIAL CASE .org
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/pem/ctx_size.c b/crypto/pem/ctx_size.c
index c9e2ce6d0d..87469bc4af 100644
--- a/crypto/pem/ctx_size.c
+++ b/crypto/pem/ctx_size.c
@@ -1,5 +1,5 @@
 /* crypto/pem/ctx_size.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h
index 38952509dd..55fbaeffe2 100644
--- a/crypto/pem/pem.h
+++ b/crypto/pem/pem.h
@@ -122,10 +122,10 @@ extern "C" {
 
 #ifndef HEADER_ENVELOPE_H
 
-#define EVP_ENCODE_CTX_SIZE  92
-#define EVP_MD_SIZE  48
+#define EVP_ENCODE_CTX_SIZE  96
+#define EVP_MD_SIZE  60
 #define EVP_MD_CTX_SIZE  152
-#define EVP_CIPHER_SIZE  28
+#define EVP_CIPHER_SIZE  40
 #define EVP_CIPHER_CTX_SIZE  4212
 #define EVP_MAX_MD_SIZE  20
 
diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c
index 5485628f52..d1cda7aabe 100644
--- a/crypto/pem/pem_all.c
+++ b/crypto/pem/pem_all.c
@@ -1,5 +1,5 @@
 /* crypto/pem/pem_all.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -58,13 +58,14 @@
 
 #include <stdio.h>
 #undef SSLEAY_MACROS
+#include "cryptlib.h"
 #include "bio.h"
 #include "evp.h"
 #include "x509.h"
 #include "pkcs7.h"
 #include "pem.h"
 
-#ifndef WIN16
+#ifndef NO_FP_API
 /* The X509 functions */
 X509 *PEM_read_X509(fp,x,cb)
 FILE *fp;
@@ -85,7 +86,7 @@ int (*cb)();
 		PEM_STRING_X509,bp,(char **)x,cb));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int PEM_write_X509(fp,x)
 FILE *fp;
 X509 *x;
@@ -103,7 +104,7 @@ X509 *x;
 		(char *)x, NULL,NULL,0,NULL));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 /* The X509_REQ functions */
 X509_REQ *PEM_read_X509_REQ(fp,x,cb)
 FILE *fp;
@@ -124,7 +125,7 @@ int (*cb)();
 		PEM_STRING_X509_REQ,bp,(char **)x,cb));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int PEM_write_X509_REQ(fp,x)
 FILE *fp;
 X509_REQ *x;
@@ -142,7 +143,7 @@ X509_REQ *x;
 		bp,(char *)x, NULL,NULL,0,NULL));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 /* The X509_CRL functions */
 X509_CRL *PEM_read_X509_CRL(fp,x,cb)
 FILE *fp;
@@ -163,7 +164,7 @@ int (*cb)();
 		PEM_STRING_X509_CRL,bp,(char **)x,cb));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int PEM_write_X509_CRL(fp,x)
 FILE *fp;
 X509_CRL *x;
@@ -182,7 +183,7 @@ X509_CRL *x;
 	}
 
 #ifndef NO_RSA
-#ifndef WIN16
+#ifndef NO_FP_API
 /* The RSAPrivateKey functions */
 RSA *PEM_read_RSAPrivateKey(fp,x,cb)
 FILE *fp;
@@ -221,7 +222,7 @@ int (*cb)();
 		PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb)
 FILE *fp;
 RSA *x;
@@ -267,7 +268,7 @@ RSA *x;
 #endif /* !NO_RSA */
 
 #ifndef NO_DSA
-#ifndef WIN16
+#ifndef NO_FP_API
 /* The DSAPrivateKey functions */
 DSA *PEM_read_DSAPrivateKey(fp,x,cb)
 FILE *fp;
@@ -288,7 +289,7 @@ int (*cb)();
 		PEM_STRING_DSA,bp,(char **)x,cb));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb)
 FILE *fp;
 DSA *x;
@@ -315,7 +316,7 @@ int (*cb)();
 	}
 #endif
 
-#ifndef WIN16
+#ifndef NO_FP_API
 /* The PrivateKey functions */
 EVP_PKEY *PEM_read_PrivateKey(fp,x,cb)
 FILE *fp;
@@ -336,7 +337,7 @@ int (*cb)();
 		PEM_STRING_EVP_PKEY,bp,(char **)x,cb));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int PEM_write_PrivateKey(fp,x,enc,kstr,klen,cb)
 FILE *fp;
 EVP_PKEY *x;
@@ -364,7 +365,7 @@ int (*cb)();
 		bp,(char *)x,enc,kstr,klen,cb));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 /* The PKCS7 functions */
 PKCS7 *PEM_read_PKCS7(fp,x,cb)
 FILE *fp;
@@ -385,7 +386,7 @@ int (*cb)();
 		PEM_STRING_PKCS7,bp,(char **)x,cb));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int PEM_write_PKCS7(fp,x)
 FILE *fp;
 PKCS7 *x;
@@ -404,7 +405,7 @@ PKCS7 *x;
 	}
 
 #ifndef NO_DH
-#ifndef WIN16
+#ifndef NO_FP_API
 /* The DHparams functions */
 DH *PEM_read_DHparams(fp,x,cb)
 FILE *fp;
@@ -425,7 +426,7 @@ int (*cb)();
 		PEM_STRING_DHPARAMS,bp,(char **)x,cb));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int PEM_write_DHparams(fp,x)
 FILE *fp;
 DH *x;
@@ -445,7 +446,7 @@ DH *x;
 #endif
 
 #ifndef NO_DSA
-#ifndef WIN16
+#ifndef NO_FP_API
 /* The DSAparams functions */
 DSA *PEM_read_DSAparams(fp,x,cb)
 FILE *fp;
@@ -466,7 +467,7 @@ int (*cb)();
 		PEM_STRING_DSAPARAMS,bp,(char **)x,cb));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int PEM_write_DSAparams(fp,x)
 FILE *fp;
 DSA *x;
diff --git a/crypto/pem/pem_err.c b/crypto/pem/pem_err.c
index b8d95204ea..e17fcdb540 100644
--- a/crypto/pem/pem_err.c
+++ b/crypto/pem/pem_err.c
@@ -60,6 +60,7 @@
 #include "pem.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA PEM_str_functs[]=
 	{
 {ERR_PACK(0,PEM_F_DEF_CALLBACK,0),	"DEF_CALLBACK"},
@@ -103,14 +104,19 @@ static ERR_STRING_DATA PEM_str_reasons[]=
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_PEM_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_PEM,PEM_str_functs);
 		ERR_load_strings(ERR_LIB_PEM,PEM_str_reasons);
+#endif
+
 		}
 	}
diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
index aafd9ce7be..4b69833b62 100644
--- a/crypto/pem/pem_info.c
+++ b/crypto/pem/pem_info.c
@@ -1,5 +1,5 @@
 /* crypto/pem/pem_info.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -64,7 +64,7 @@
 #include "x509.h"
 #include "pem.h"
 
-#ifndef WIN16
+#ifndef NO_FP_API
 STACK *PEM_X509_INFO_read(fp,sk,cb)
 FILE *fp;
 STACK *sk;
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 1397d83113..7a2c0ad83b 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -1,5 +1,5 @@
 /* crypto/pem/pem_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -68,7 +68,7 @@
 #include "des.h"
 #endif
 
-char *PEM_version="PEM part of SSLeay 0.8.1b 29-Jun-1998";
+char *PEM_version="PEM part of SSLeay 0.9.0b 29-Jun-1998";
 
 #define MIN_LENGTH	4
 
@@ -89,7 +89,7 @@ char *buf;
 int num;
 int w;
 	{
-#ifdef WIN16
+#ifdef NO_FP_API
 	/* We should not ever call the default callback routine from
 	 * windows. */
 	PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
@@ -166,7 +166,7 @@ char *str;
 	buf[j+i*2+1]='\0';
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 char *PEM_ASN1_read(d2i,name,fp, x, cb)
 char *(*d2i)();
 char *name;
@@ -241,7 +241,7 @@ err:
 	return(ret);
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int PEM_ASN1_write(i2d,name,fp, x, enc, kstr, klen, callback)
 int (*i2d)();
 char *name;
@@ -296,7 +296,12 @@ int (*callback)();
 			}
 		}
 
-	dsize=i2d(x,NULL);
+	if ((dsize=i2d(x,NULL)) < 0)
+		{
+		PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
+		dsize=0;
+		goto err;
+		}
 	/* dzise + 8 bytes are needed */
 	data=(unsigned char *)Malloc((unsigned int)dsize+20);
 	if (data == NULL)
@@ -485,7 +490,7 @@ int num;
 	return(1);
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int PEM_write(fp, name, header, data,len)
 FILE *fp;
 char *name;
@@ -567,7 +572,7 @@ err:
 	return(0);
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int PEM_read(fp, name, header, data,len)
 FILE *fp;
 char **name;
diff --git a/crypto/pem/pem_seal.c b/crypto/pem/pem_seal.c
index 6acb04ad77..b4b36df453 100644
--- a/crypto/pem/pem_seal.c
+++ b/crypto/pem/pem_seal.c
@@ -1,5 +1,5 @@
 /* crypto/pem/pem_seal.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/pem/pem_sign.c b/crypto/pem/pem_sign.c
index 0df99a3d84..d56f9f9e14 100644
--- a/crypto/pem/pem_sign.c
+++ b/crypto/pem/pem_sign.c
@@ -1,5 +1,5 @@
 /* crypto/pem/pem_sign.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/perlasm/cbc.pl b/crypto/perlasm/cbc.pl
new file mode 100644
index 0000000000..0145c4f0cc
--- /dev/null
+++ b/crypto/perlasm/cbc.pl
@@ -0,0 +1,342 @@
+#!/usr/local/bin/perl
+
+# void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
+# des_cblock (*input);
+# des_cblock (*output);
+# long length;
+# des_key_schedule schedule;
+# des_cblock (*ivec);
+# int enc;
+#
+# calls 
+# des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+#
+
+#&cbc("des_ncbc_encrypt","des_encrypt",0);
+#&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",
+#	1,4,5,3,5,-1);
+#&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",
+#	0,4,5,3,5,-1);
+#&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",
+#	0,6,7,3,4,5);
+#
+# When doing a cipher that needs bigendian order,
+# for encrypt, the iv is kept in bigendian form,
+# while for decrypt, it is kept in little endian.
+sub cbc
+	{
+	local($name,$enc_func,$dec_func,$swap,$iv_off,$enc_off,$p1,$p2,$p3)=@_;
+	# name is the function name
+	# enc_func and dec_func and the functions to call for encrypt/decrypt
+	# swap is true if byte order needs to be reversed
+	# iv_off is parameter number for the iv 
+	# enc_off is parameter number for the encrypt/decrypt flag
+	# p1,p2,p3 are the offsets for parameters to be passed to the
+	# underlying calls.
+
+	&function_begin_B($name,"");
+	&comment("");
+
+	$in="esi";
+	$out="edi";
+	$count="ebp";
+
+	&push("ebp");
+	&push("ebx");
+	&push("esi");
+	&push("edi");
+
+	$data_off=4;
+	$data_off+=4 if ($p1 > 0);
+	$data_off+=4 if ($p2 > 0);
+	$data_off+=4 if ($p3 > 0);
+
+	&mov($count,	&wparam(2));	# length
+
+	&comment("getting iv ptr from parameter $iv_off");
+	&mov("ebx",	&wparam($iv_off));	# Get iv ptr
+
+	&mov($in,	&DWP(0,"ebx","",0));#	iv[0]
+	&mov($out,	&DWP(4,"ebx","",0));#	iv[1]
+
+	&push($out);
+	&push($in);
+	&push($out);	# used in decrypt for iv[1]
+	&push($in);	# used in decrypt for iv[0]
+
+	&mov("ebx",	"esp");		# This is the address of tin[2]
+
+	&mov($in,	&wparam(0));	# in
+	&mov($out,	&wparam(1));	# out
+
+	# We have loaded them all, how lets push things
+	&comment("getting encrypt flag from parameter $enc_off");
+	&mov("ecx",	&wparam($enc_off));	# Get enc flag
+	if ($p3 > 0)
+		{
+		&comment("get and push parameter $p3");
+		if ($enc_off != $p3)
+			{ &mov("eax",	&wparam($p3)); &push("eax"); }
+		else	{ &push("ecx"); }
+		}
+	if ($p2 > 0)
+		{
+		&comment("get and push parameter $p2");
+		if ($enc_off != $p2)
+			{ &mov("eax",	&wparam($p2)); &push("eax"); }
+		else	{ &push("ecx"); }
+		}
+	if ($p1 > 0)
+		{
+		&comment("get and push parameter $p1");
+		if ($enc_off != $p1)
+			{ &mov("eax",	&wparam($p1)); &push("eax"); }
+		else	{ &push("ecx"); }
+		}
+	&push("ebx");		# push data/iv
+
+	&cmp("ecx",0);
+	&jz(&label("decrypt"));
+
+	&and($count,0xfffffff8);
+	&mov("eax",	&DWP($data_off,"esp","",0));	# load iv[0]
+	&mov("ebx",	&DWP($data_off+4,"esp","",0));	# load iv[1]
+
+	&jz(&label("encrypt_finish"));
+
+	#############################################################
+
+	&set_label("encrypt_loop");
+	# encrypt start 
+	# "eax" and "ebx" hold iv (or the last cipher text)
+
+	&mov("ecx",	&DWP(0,$in,"",0));	# load first 4 bytes
+	&mov("edx",	&DWP(4,$in,"",0));	# second 4 bytes
+
+	&xor("eax",	"ecx");
+	&xor("ebx",	"edx");
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov(&DWP($data_off,"esp","",0),	"eax");	# put in array for call
+	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
+
+	&call($enc_func);
+
+	&mov("eax",	&DWP($data_off,"esp","",0));
+	&mov("ebx",	&DWP($data_off+4,"esp","",0));
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov(&DWP(0,$out,"",0),"eax");
+	&mov(&DWP(4,$out,"",0),"ebx");
+
+	# eax and ebx are the next iv.
+
+	&add($in,	8);
+	&add($out,	8);
+
+	&sub($count,	8);
+	&jnz(&label("encrypt_loop"));
+
+###################################################################3
+	&set_label("encrypt_finish");
+	&mov($count,	&wparam(2));	# length
+	&and($count,	7);
+	&jz(&label("finish"));
+	&xor("ecx","ecx");
+	&xor("edx","edx");
+	&mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4));
+	&jmp_ptr($count);
+
+&set_label("ej7");
+	&xor("edx",		"edx") if $ppro; # ppro friendly
+	&movb(&HB("edx"),	&BP(6,$in,"",0));
+	&shl("edx",8);
+&set_label("ej6");
+	&movb(&HB("edx"),	&BP(5,$in,"",0));
+&set_label("ej5");
+	&movb(&LB("edx"),	&BP(4,$in,"",0));
+&set_label("ej4");
+	&mov("ecx",		&DWP(0,$in,"",0));
+	&jmp(&label("ejend"));
+&set_label("ej3");
+	&movb(&HB("ecx"),	&BP(2,$in,"",0));
+	&xor("ecx",		"ecx") if $ppro; # ppro friendly
+	&shl("ecx",8);
+&set_label("ej2");
+	&movb(&HB("ecx"),	&BP(1,$in,"",0));
+&set_label("ej1");
+	&movb(&LB("ecx"),	&BP(0,$in,"",0));
+&set_label("ejend");
+
+	&xor("eax",	"ecx");
+	&xor("ebx",	"edx");
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov(&DWP($data_off,"esp","",0),	"eax");	# put in array for call
+	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
+
+	&call($enc_func);
+
+	&mov("eax",	&DWP($data_off,"esp","",0));
+	&mov("ebx",	&DWP($data_off+4,"esp","",0));
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov(&DWP(0,$out,"",0),"eax");
+	&mov(&DWP(4,$out,"",0),"ebx");
+
+	&jmp(&label("finish"));
+
+	#############################################################
+	#############################################################
+	&set_label("decrypt",1);
+	# decrypt start 
+	&and($count,0xfffffff8);
+	# The next 2 instructions are only for if the jz is taken
+	&mov("eax",	&DWP($data_off+8,"esp","",0));	# get iv[0]
+	&mov("ebx",	&DWP($data_off+12,"esp","",0));	# get iv[1]
+	&jz(&label("decrypt_finish"));
+
+	&set_label("decrypt_loop");
+	&mov("eax",	&DWP(0,$in,"",0));	# load first 4 bytes
+	&mov("ebx",	&DWP(4,$in,"",0));	# second 4 bytes
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov(&DWP($data_off,"esp","",0),	"eax");	# put back
+	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
+
+	&call($dec_func);
+
+	&mov("eax",	&DWP($data_off,"esp","",0));	# get return
+	&mov("ebx",	&DWP($data_off+4,"esp","",0));	#
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov("ecx",	&DWP($data_off+8,"esp","",0));	# get iv[0]
+	&mov("edx",	&DWP($data_off+12,"esp","",0));	# get iv[1]
+
+	&xor("ecx",	"eax");
+	&xor("edx",	"ebx");
+
+	&mov("eax",	&DWP(0,$in,"",0));	# get old cipher text,
+	&mov("ebx",	&DWP(4,$in,"",0));	# next iv actually
+
+	&mov(&DWP(0,$out,"",0),"ecx");
+	&mov(&DWP(4,$out,"",0),"edx");
+
+	&mov(&DWP($data_off+8,"esp","",0),	"eax");	# save iv
+	&mov(&DWP($data_off+12,"esp","",0),	"ebx");	#
+
+	&add($in,	8);
+	&add($out,	8);
+
+	&sub($count,	8);
+	&jnz(&label("decrypt_loop"));
+############################ ENDIT #######################3
+	&set_label("decrypt_finish");
+	&mov($count,	&wparam(2));	# length
+	&and($count,	7);
+	&jz(&label("finish"));
+
+	&mov("eax",	&DWP(0,$in,"",0));	# load first 4 bytes
+	&mov("ebx",	&DWP(4,$in,"",0));	# second 4 bytes
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov(&DWP($data_off,"esp","",0),	"eax");	# put back
+	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
+
+	&call($dec_func);
+
+	&mov("eax",	&DWP($data_off,"esp","",0));	# get return
+	&mov("ebx",	&DWP($data_off+4,"esp","",0));	#
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov("ecx",	&DWP($data_off+8,"esp","",0));	# get iv[0]
+	&mov("edx",	&DWP($data_off+12,"esp","",0));	# get iv[1]
+
+	&xor("ecx",	"eax");
+	&xor("edx",	"ebx");
+
+	# this is for when we exit
+	&mov("eax",	&DWP(0,$in,"",0));	# get old cipher text,
+	&mov("ebx",	&DWP(4,$in,"",0));	# next iv actually
+
+&set_label("dj7");
+	&rotr("edx",	16);
+	&movb(&BP(6,$out,"",0),	&LB("edx"));
+	&shr("edx",16);
+&set_label("dj6");
+	&movb(&BP(5,$out,"",0),	&HB("edx"));
+&set_label("dj5");
+	&movb(&BP(4,$out,"",0),	&LB("edx"));
+&set_label("dj4");
+	&mov(&DWP(0,$out,"",0),	"ecx");
+	&jmp(&label("djend"));
+&set_label("dj3");
+	&rotr("ecx",	16);
+	&movb(&BP(2,$out,"",0),	&LB("ecx"));
+	&shl("ecx",16);
+&set_label("dj2");
+	&movb(&BP(1,$in,"",0),	&HB("ecx"));
+&set_label("dj1");
+	&movb(&BP(0,$in,"",0),	&LB("ecx"));
+&set_label("djend");
+
+	# final iv is still in eax:ebx
+	&jmp(&label("finish"));
+
+
+############################ FINISH #######################3
+	&set_label("finish",1);
+	&mov("ecx",	&wparam($iv_off));	# Get iv ptr
+
+	#################################################
+	$total=16+4;
+	$total+=4 if ($p1 > 0);
+	$total+=4 if ($p2 > 0);
+	$total+=4 if ($p3 > 0);
+	&add("esp",$total);
+
+	&mov(&DWP(0,"ecx","",0),	"eax");	# save iv
+	&mov(&DWP(4,"ecx","",0),	"ebx");	# save iv
+
+	&function_end_A($name);
+
+	&set_label("cbc_enc_jmp_table",1);
+	&data_word("0");
+	&data_word(&label("ej1"));
+	&data_word(&label("ej2"));
+	&data_word(&label("ej3"));
+	&data_word(&label("ej4"));
+	&data_word(&label("ej5"));
+	&data_word(&label("ej6"));
+	&data_word(&label("ej7"));
+	&set_label("cbc_dec_jmp_table",1);
+	&data_word("0");
+	&data_word(&label("dj1"));
+	&data_word(&label("dj2"));
+	&data_word(&label("dj3"));
+	&data_word(&label("dj4"));
+	&data_word(&label("dj5"));
+	&data_word(&label("dj6"));
+	&data_word(&label("dj7"));
+
+	&function_end_B($name);
+	
+	}
+
+1;
diff --git a/crypto/perlasm/readme b/crypto/perlasm/readme
new file mode 100644
index 0000000000..f02bbee75a
--- /dev/null
+++ b/crypto/perlasm/readme
@@ -0,0 +1,124 @@
+The perl scripts in this directory are my 'hack' to generate
+multiple different assembler formats via the one origional script.
+
+The way to use this library is to start with adding the path to this directory
+and then include it.
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+The first thing we do is setup the file and type of assember
+
+&asm_init($ARGV[0],$0);
+
+The first argument is the 'type'.  Currently
+'cpp', 'sol', 'a.out', 'elf' or 'win32'.
+Argument 2 is the file name.
+
+The reciprocal function is
+&asm_finish() which should be called at the end.
+
+There are 2 main 'packages'. x86ms.pl, which is the microsoft assembler,
+and x86unix.pl which is the unix (gas) version.
+
+Functions of interest are:
+&external_label("des_SPtrans");	declare and external variable
+&LB(reg);			Low byte for a register
+&HB(reg);			High byte for a register
+&BP(off,base,index,scale)	Byte pointer addressing
+&DWP(off,base,index,scale)	Word pointer addressing
+&stack_push(num)		Basically a 'sub esp, num*4' with extra
+&stack_pop(num)			inverse of stack_push
+&function_begin(name,extra)	Start a function with pushing of
+				edi, esi, ebx and ebp.  extra is extra win32
+				external info that may be required.
+&function_begin_B(name,extra)	Same as norma function_begin but no pushing.
+&function_end(name)		Call at end of function.
+&function_end_A(name)		Standard pop and ret, for use inside functions
+&function_end_B(name)		Call at end but with poping or 'ret'.
+&swtmp(num)			Address on stack temp word.
+&wparam(num)			Parameter number num, that was push
+				in C convention.  This all works over pushes
+				and pops.
+&comment("hello there")		Put in a comment.
+&label("loop")			Refer to a label, normally a jmp target.
+&set_label("loop")		Set a label at this point.
+&data_word(word)		Put in a word of data.
+
+So how does this all hold together?  Given
+
+int calc(int len, int *data)
+	{
+	int i,j=0;
+
+	for (i=0; i<len; i++)
+		{
+		j+=other(data[i]);
+		}
+	}
+
+So a very simple version of this function could be coded as
+
+	push(@INC,"perlasm","../../perlasm");
+	require "x86asm.pl";
+	
+	&asm_init($ARGV[0],"cacl.pl");
+
+	&external_label("other");
+
+	$tmp1=	"eax";
+	$j=	"edi";
+	$data=	"esi";
+	$i=	"ebp";
+
+	&comment("a simple function");
+	&function_begin("calc");
+	&mov(	$data,		&wparam(1)); # data
+	&xor(	$j,		$j);
+	&xor(	$i,		$i);
+
+	&set_label("loop");
+	&cmp(	$i,		&wparam(0));
+	&jge(	&label("end"));
+
+	&mov(	$tmp1,		&DWP(0,$data,$i,4));
+	&push(	$tmp1);
+	&call(	"other");
+	&add(	$j,		"eax");
+	&pop(	$tmp1);
+	&inc(	$i);
+	&jmp(	&label("loop"));
+
+	&set_label("end");
+	&mov(	"eax",		$j);
+
+	&function_end("calc");
+
+	&asm_finish();
+
+The above example is very very unoptimised but gives an idea of how
+things work.
+
+There is also a cbc mode function generator in cbc.pl
+
+&cbc(	$name,
+	$encrypt_function_name,
+	$decrypt_function_name,
+	$true_if_byte_swap_needed,
+	$parameter_number_for_iv,
+	$parameter_number_for_encrypt_flag,
+	$first_parameter_to_pass,
+	$second_parameter_to_pass,
+	$third_parameter_to_pass);
+
+So for example, given
+void BF_encrypt(BF_LONG *data,BF_KEY *key);
+void BF_decrypt(BF_LONG *data,BF_KEY *key);
+void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+        BF_KEY *ks, unsigned char *iv, int enc);
+
+&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",1,4,5,3,-1,-1);
+
+&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1);
+&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
+
diff --git a/crypto/perlasm/x86asm.pl b/crypto/perlasm/x86asm.pl
new file mode 100644
index 0000000000..d62c9bc9ee
--- /dev/null
+++ b/crypto/perlasm/x86asm.pl
@@ -0,0 +1,113 @@
+#!/usr/local/bin/perl
+
+# require 'x86asm.pl';
+# &asm_init("cpp","des-586.pl");
+# XXX
+# XXX
+# main'asm_finish
+
+sub main'asm_finish
+	{
+	&file_end();
+	&asm_finish_cpp() if $cpp;
+	print &asm_get_output();
+	}
+
+sub main'asm_init
+	{
+	($type,$fn)=@_;
+	$filename=$fn;
+
+	$cpp=$sol=$aout=$win32=0;
+	if (	($type eq "elf"))
+		{ require "x86unix.pl"; }
+	elsif (	($type eq "a.out"))
+		{ $aout=1; require "x86unix.pl"; }
+	elsif (	($type eq "sol"))
+		{ $sol=1; require "x86unix.pl"; }
+	elsif (	($type eq "cpp"))
+		{ $cpp=1; require "x86unix.pl"; }
+	elsif (	($type eq "win32"))
+		{ $win32=1; require "x86ms.pl"; }
+	else
+		{
+		print STDERR <<"EOF";
+Pick one target type from
+	elf	- linux, FreeBSD etc
+	a.out	- old linux
+	sol	- x86 solaris
+	cpp	- format so x86unix.cpp can be used
+	win32	- Windows 95/Windows NT
+EOF
+		exit(1);
+		}
+
+	&asm_init_output();
+
+&comment("Don't even think of reading this code");
+&comment("It was automatically generated by $filename");
+&comment("Which is a perl program used to generate the x86 assember for");
+&comment("any of elf, a.out, BSDI,Win32, or Solaris");
+&comment("eric <eay\@cryptsoft.com>");
+&comment("");
+
+	$filename =~ s/\.pl$//;
+	&file($filename);
+	}
+
+sub asm_finish_cpp
+	{
+	return unless $cpp;
+
+	local($tmp,$i);
+	foreach $i (&get_labels())
+		{
+		$tmp.="#define $i _$i\n";
+		}
+	print <<"EOF";
+/* Run the C pre-processor over this file with one of the following defined
+ * ELF - elf object files,
+ * OUT - a.out object files,
+ * BSDI - BSDI style a.out object files
+ * SOL - Solaris style elf
+ */
+
+#define TYPE(a,b)       .type   a,b
+#define SIZE(a,b)       .size   a,b
+
+#if defined(OUT) || defined(BSDI)
+$tmp
+#endif
+
+#ifdef OUT
+#define OK	1
+#define ALIGN	4
+#endif
+
+#ifdef BSDI
+#define OK              1
+#define ALIGN           4
+#undef SIZE
+#undef TYPE
+#define SIZE(a,b)
+#define TYPE(a,b)
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK              1
+#define ALIGN           16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+/* Let the Assembler begin :-) */
+EOF
+	}
+
+1;
diff --git a/crypto/perlasm/x86ms.pl b/crypto/perlasm/x86ms.pl
index 558112e082..b8b1909567 100644
--- a/crypto/perlasm/x86ms.pl
+++ b/crypto/perlasm/x86ms.pl
@@ -24,6 +24,11 @@ $label="L000";
 	'dx',	'dh',
 	);
 
+sub main'asm_init_output { @out=(); }
+sub main'asm_get_output { return(@out); }
+sub main'get_labels { return(@labels); }
+sub main'external_label { push(@labels,@_); }
+
 sub main'LB
 	{
 	(defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
@@ -36,11 +41,35 @@ sub main'HB
 	return($hb{$_[0]});
 	}
 
+sub main'BP
+	{
+	&get_mem("BYTE",@_);
+	}
+
 sub main'DWP
 	{
-	local($addr,$reg1,$reg2,$idx)=@_;
-	local($t);
-	local($ret)="DWORD PTR ";
+	&get_mem("DWORD",@_);
+	}
+
+sub main'stack_push
+	{
+	local($num)=@_;
+	$stack+=$num*4;
+	&main'sub("esp",$num*4);
+	}
+
+sub main'stack_pop
+	{
+	local($num)=@_;
+	$stack-=$num*4;
+	&main'add("esp",$num*4);
+	}
+
+sub get_mem
+	{
+	local($size,$addr,$reg1,$reg2,$idx)=@_;
+	local($t,$post);
+	local($ret)="$size PTR ";
 
 	$addr =~ s/^\s+//;
 	if ($addr =~ /^(.+)\+(.+)$/)
@@ -55,16 +84,22 @@ sub main'DWP
 
 	$reg1="$regs{$reg1}" if defined($regs{$reg1});
 	$reg2="$regs{$reg2}" if defined($regs{$reg2});
-	$ret.=$addr if ($addr ne "") && ($addr ne 0);
+	if (($addr ne "") && ($addr ne 0))
+		{
+		if ($addr !~ /^-/)
+			{ $ret.=$addr; }
+		else	{ $post=$addr; }
+		}
 	if ($reg2 ne "")
 		{
 		$t="";
 		$t="*$idx" if ($idx != 0);
-		$ret.="[$reg2$t+$reg1]";
+		$reg1="+".$reg1 if ("$reg1$post" ne "");
+		$ret.="[$reg2$t$reg1$post]";
 		}
 	else
 		{
-		$ret.="[$reg1]"
+		$ret.="[$reg1$post]"
 		}
 	return($ret);
 	}
@@ -76,34 +111,60 @@ sub main'or	{ &out2("or",@_); }
 sub main'shl	{ &out2("shl",@_); }
 sub main'shr	{ &out2("shr",@_); }
 sub main'xor	{ &out2("xor",@_); }
+sub main'xorb	{ &out2("xor",@_); }
 sub main'add	{ &out2("add",@_); }
+sub main'adc	{ &out2("adc",@_); }
 sub main'sub	{ &out2("sub",@_); }
 sub main'rotl	{ &out2("rol",@_); }
 sub main'rotr	{ &out2("ror",@_); }
 sub main'exch	{ &out2("xchg",@_); }
 sub main'cmp	{ &out2("cmp",@_); }
+sub main'lea	{ &out2("lea",@_); }
+sub main'mul	{ &out1("mul",@_); }
+sub main'div	{ &out1("div",@_); }
 sub main'dec	{ &out1("dec",@_); }
+sub main'inc	{ &out1("inc",@_); }
 sub main'jmp	{ &out1("jmp",@_); }
+sub main'jmp_ptr { &out1p("jmp",@_); }
 sub main'je	{ &out1("je",@_); }
+sub main'jle	{ &out1("jle",@_); }
 sub main'jz	{ &out1("jz",@_); }
+sub main'jge	{ &out1("jge",@_); }
+sub main'jl	{ &out1("jl",@_); }
+sub main'jb	{ &out1("jb",@_); }
+sub main'jc	{ &out1("jc",@_); }
+sub main'jnc	{ &out1("jnc",@_); }
 sub main'jnz	{ &out1("jnz",@_); }
-sub main'push	{ &out1("push",@_); }
+sub main'jne	{ &out1("jne",@_); }
+sub main'jno	{ &out1("jno",@_); }
+sub main'push	{ &out1("push",@_); $stack+=4; }
+sub main'pop	{ &out1("pop",@_); $stack-=4; }
+sub main'bswap	{ &out1("bswap",@_); &using486(); }
+sub main'not	{ &out1("not",@_); }
 sub main'call	{ &out1("call",'_'.$_[0]); }
-
+sub main'ret	{ &out0("ret"); }
+sub main'nop	{ &out0("nop"); }
 
 sub out2
 	{
 	local($name,$p1,$p2)=@_;
 	local($l,$t);
 
-	print "\t$name\t";
+	push(@out,"\t$name\t");
 	$t=&conv($p1).",";
 	$l=length($t);
-	print $t;
+	push(@out,$t);
 	$l=4-($l+9)/8;
-	print "\t" x $l;
-	print &conv($p2);
-	print "\n";
+	push(@out,"\t" x $l);
+	push(@out,&conv($p2));
+	push(@out,"\n");
+	}
+
+sub out0
+	{
+	local($name)=@_;
+
+	push(@out,"\t$name\n");
 	}
 
 sub out1
@@ -111,9 +172,7 @@ sub out1
 	local($name,$p1)=@_;
 	local($l,$t);
 
-	print "\t$name\t";
-	print &conv($p1);
-	print "\n";
+	push(@out,"\t$name\t".&conv($p1)."\n");
 	}
 
 sub conv
@@ -124,24 +183,32 @@ sub conv
 	return $p;
 	}
 
+sub using486
+	{
+	return if $using486;
+	$using486++;
+	grep(s/\.386/\.486/,@out);
+	}
+
 sub main'file
 	{
 	local($file)=@_;
 
-	print <<"EOF";
+	local($tmp)=<<"EOF";
 	TITLE	$file.asm
         .386
 .model FLAT
 EOF
+	push(@out,$tmp);
 	}
 
 sub main'function_begin
 	{
-	local($func,$num,$extra)=@_;
+	local($func,$extra)=@_;
 
-	$params=$num*4;
+	push(@labels,$func);
 
-	print <<"EOF";
+	local($tmp)=<<"EOF";
 _TEXT	SEGMENT
 PUBLIC	_$func
 $extra
@@ -151,14 +218,29 @@ _$func PROC NEAR
 	push	esi
 	push	edi
 EOF
+	push(@out,$tmp);
 	$stack=20;
 	}
 
+sub main'function_begin_B
+	{
+	local($func,$extra)=@_;
+
+	local($tmp)=<<"EOF";
+_TEXT	SEGMENT
+PUBLIC	_$func
+$extra
+_$func PROC NEAR
+EOF
+	push(@out,$tmp);
+	$stack=4;
+	}
+
 sub main'function_end
 	{
 	local($func)=@_;
 
-	print <<"EOF";
+	local($tmp)=<<"EOF";
 	pop	edi
 	pop	esi
 	pop	ebx
@@ -167,38 +249,41 @@ sub main'function_end
 _$func ENDP
 _TEXT	ENDS
 EOF
+	push(@out,$tmp);
 	$stack=0;
 	%label=();
 	}
 
-sub main'function_end_A
+sub main'function_end_B
 	{
 	local($func)=@_;
 
-	print <<"EOF";
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
+	local($tmp)=<<"EOF";
+_$func ENDP
+_TEXT	ENDS
 EOF
+	push(@out,$tmp);
+	$stack=0;
+	%label=();
 	}
 
-sub main'function_end_B
+sub main'function_end_A
 	{
 	local($func)=@_;
 
-	print <<"EOF";
-_$func ENDP
-_TEXT	ENDS
+	local($tmp)=<<"EOF";
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
 EOF
-	$stack=0;
-	%label=();
+	push(@out,$tmp);
 	}
 
 sub main'file_end
 	{
-	print "END\n"
+	push(@out,"END\n");
 	}
 
 sub main'wparam
@@ -208,18 +293,24 @@ sub main'wparam
 	return(&main'DWP($stack+$num*4,"esp","",0));
 	}
 
-sub main'wtmp
+sub main'swtmp
 	{
-	local($num)=@_;
-
-	return(&main'DWP($stack+$params+$num*4,"esp","",0));
+	return(&main'DWP($_[0]*4,"esp","",0));
 	}
 
+# Should use swtmp, which is above esp.  Linix can trash the stack above esp
+#sub main'wtmp
+#	{
+#	local($num)=@_;
+#
+#	return(&main'DWP(-(($num+1)*4),"esp","",0));
+#	}
+
 sub main'comment
 	{
 	foreach (@_)
 		{
-		print "\t; $_\n";
+		push(@out,"\t; $_\n");
 		}
 	}
 
@@ -240,10 +331,18 @@ sub main'set_label
 		$label{$_[0]}="${label}${_[0]}";
 		$label++;
 		}
-	print "$label{$_[0]}:\n";
+	push(@out,"$label{$_[0]}:\n");
 	}
 
-sub main'file_end
-        {
-	print "END\n";
-        }
+sub main'data_word
+	{
+	push(@out,"\tDD\t$_[0]\n");
+	}
+
+sub out1p
+	{
+	local($name,$p1)=@_;
+	local($l,$t);
+
+	push(@out,"\t$name\t ".&conv($p1)."\n");
+	}
diff --git a/crypto/perlasm/x86unix.pl b/crypto/perlasm/x86unix.pl
index 3426563dca..deb1185fc9 100644
--- a/crypto/perlasm/x86unix.pl
+++ b/crypto/perlasm/x86unix.pl
@@ -1,6 +1,12 @@
 #!/usr/local/bin/perl
 
-package x86ms;
+# Because the bswapl instruction is not supported for old assembers
+# (it was a new instruction for the 486), I've added .byte xxxx code
+# to put it in.
+# eric 24-Apr-1998
+#
+
+package x86unix;
 
 $label="L000";
 
@@ -8,6 +14,11 @@ $align=($main'aout)?"4":"16";
 $under=($main'aout)?"_":"";
 $com_start=($main'sol)?"/":"#";
 
+sub main'asm_init_output { @out=(); }
+sub main'asm_get_output { return(@out); }
+sub main'get_labels { return(@labels); }
+sub main'external_label { push(@labels,@_); }
+
 if ($main'cpp)
 	{
 	$align="ALIGN";
@@ -46,6 +57,17 @@ if ($main'cpp)
 	'esp',	'%esp',
 	);
 
+%reg_val=(
+	'eax',	0x00,
+	'ebx',	0x03,
+	'ecx',	0x01,
+	'edx',	0x02,
+	'esi',	0x06,
+	'edi',	0x07,
+	'ebp',	0x05,
+	'esp',	0x04,
+	);
+
 sub main'LB
 	{
 	(defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
@@ -62,48 +84,40 @@ sub main'DWP
 	{
 	local($addr,$reg1,$reg2,$idx)=@_;
 
-
 	$ret="";
-
 	$addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/;
-
 	$reg1="$regs{$reg1}" if defined($regs{$reg1});
 	$reg2="$regs{$reg2}" if defined($regs{$reg2});
 	$ret.=$addr if ($addr ne "") && ($addr ne 0);
 	if ($reg2 ne "")
-		{
-		$ret.="($reg1,$reg2,$idx)";
-		}
+		{ $ret.="($reg1,$reg2,$idx)"; }
 	else
-		{
-		$ret.="($reg1)"
-		}
+		{ $ret.="($reg1)" }
 	return($ret);
 	}
 
 sub main'BP
 	{
-	local($addr,$reg1,$reg2,$idx)=@_;
-
-
-	$ret="";
-
-	$addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/;
-
-	$reg1="$regs{$reg1}" if defined($regs{$reg1});
-	$reg2="$regs{$reg2}" if defined($regs{$reg2});
-	$ret.=$addr if ($addr ne "") && ($addr ne 0);
-	if ($reg2 ne "")
-		{
-		$ret.="($reg1,$reg2,$idx)";
-		}
-	else
-		{
-		$ret.="($reg1)"
-		}
-	return($ret);
+	return(&main'DWP(@_));
 	}
 
+#sub main'BP
+#	{
+#	local($addr,$reg1,$reg2,$idx)=@_;
+#
+#	$ret="";
+#
+#	$addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/;
+#	$reg1="$regs{$reg1}" if defined($regs{$reg1});
+#	$reg2="$regs{$reg2}" if defined($regs{$reg2});
+#	$ret.=$addr if ($addr ne "") && ($addr ne 0);
+#	if ($reg2 ne "")
+#		{ $ret.="($reg1,$reg2,$idx)"; }
+#	else
+#		{ $ret.="($reg1)" }
+#	return($ret);
+#	}
+
 sub main'mov	{ &out2("movl",@_); }
 sub main'movb	{ &out2("movb",@_); }
 sub main'and	{ &out2("andl",@_); }
@@ -111,45 +125,107 @@ sub main'or	{ &out2("orl",@_); }
 sub main'shl	{ &out2("sall",@_); }
 sub main'shr	{ &out2("shrl",@_); }
 sub main'xor	{ &out2("xorl",@_); }
+sub main'xorb	{ &out2("xorb",@_); }
 sub main'add	{ &out2("addl",@_); }
+sub main'adc	{ &out2("adcl",@_); }
 sub main'sub	{ &out2("subl",@_); }
 sub main'rotl	{ &out2("roll",@_); }
 sub main'rotr	{ &out2("rorl",@_); }
 sub main'exch	{ &out2("xchg",@_); }
 sub main'cmp	{ &out2("cmpl",@_); }
+sub main'lea	{ &out2("leal",@_); }
+sub main'mul	{ &out1("mull",@_); }
+sub main'div	{ &out1("divl",@_); }
 sub main'jmp	{ &out1("jmp",@_); }
+sub main'jmp_ptr { &out1p("jmp",@_); }
 sub main'je	{ &out1("je",@_); }
+sub main'jle	{ &out1("jle",@_); }
 sub main'jne	{ &out1("jne",@_); }
 sub main'jnz	{ &out1("jnz",@_); }
 sub main'jz	{ &out1("jz",@_); }
+sub main'jge	{ &out1("jge",@_); }
+sub main'jl	{ &out1("jl",@_); }
+sub main'jb	{ &out1("jb",@_); }
+sub main'jc	{ &out1("jc",@_); }
+sub main'jnc	{ &out1("jnc",@_); }
+sub main'jno	{ &out1("jno",@_); }
 sub main'dec	{ &out1("decl",@_); }
-sub main'push	{ &out1("pushl",@_); }
+sub main'inc	{ &out1("incl",@_); }
+sub main'push	{ &out1("pushl",@_); $stack+=4; }
+sub main'pop	{ &out1("popl",@_); $stack-=4; }
+sub main'bswap	{ &out1("bswapl",@_); }
+sub main'not	{ &out1("notl",@_); }
 sub main'call	{ &out1("call",$under.$_[0]); }
-
+sub main'ret	{ &out0("ret"); }
+sub main'nop	{ &out0("nop"); }
 
 sub out2
 	{
 	local($name,$p1,$p2)=@_;
 	local($l,$ll,$t);
+	local(%special)=(	"roll",0xD1C0,"rorl",0xD1C8,
+				"rcll",0xD1D0,"rcrl",0xD1D8,
+				"shll",0xD1E0,"shrl",0xD1E8,
+				"sarl",0xD1F8);
+	
+	if ((defined($special{$name})) && defined($regs{$p1}) && ($p2 == 1))
+		{
+		$op=$special{$name}|$reg_val{$p1};
+		$tmp1=sprintf(".byte %d\n",($op>>8)&0xff);
+		$tmp2=sprintf(".byte %d\t",$op     &0xff);
+		push(@out,$tmp1);
+		push(@out,$tmp2);
+
+		$p2=&conv($p2);
+		$p1=&conv($p1);
+		&main'comment("$name $p2 $p1");
+		return;
+		}
 
-	print "\t$name\t";
+	push(@out,"\t$name\t");
 	$t=&conv($p2).",";
 	$l=length($t);
-	print $t;
+	push(@out,$t);
 	$ll=4-($l+9)/8;
-	print "\t" x $ll;
-	print &conv($p1);
-	print "\n";
+	$tmp1=sprintf("\t" x $ll);
+	push(@out,$tmp1);
+	push(@out,&conv($p1)."\n");
 	}
 
 sub out1
 	{
 	local($name,$p1)=@_;
 	local($l,$t);
+	local(%special)=("bswapl",0x0FC8);
 
-	print "\t$name\t";
-	print &conv($p1);
-	print "\n";
+	if ((defined($special{$name})) && defined($regs{$p1}))
+		{
+		$op=$special{$name}|$reg_val{$p1};
+		$tmp1=sprintf(".byte %d\n",($op>>8)&0xff);
+		$tmp2=sprintf(".byte %d\t",$op     &0xff);
+		push(@out,$tmp1);
+		push(@out,$tmp2);
+
+		$p2=&conv($p2);
+		$p1=&conv($p1);
+		&main'comment("$name $p2 $p1");
+		return;
+		}
+
+	push(@out,"\t$name\t".&conv($p1)."\n");
+	}
+
+sub out1p
+	{
+	local($name,$p1)=@_;
+	local($l,$t);
+
+	push(@out,"\t$name\t*".&conv($p1)."\n");
+	}
+
+sub out0
+	{
+	push(@out,"\t$_[0]\n");
 	}
 
 sub conv
@@ -160,7 +236,7 @@ sub conv
 
 	$p=$regs{$p} if (defined($regs{$p}));
 
-	$p =~ s/^([0-9A-Fa-f]+)$/\$$1/;
+	$p =~ s/^(-{0,1}[0-9A-Fa-f]+)$/\$$1/;
 	$p =~ s/^(0x[0-9A-Fa-f]+)$/\$$1/;
 	return $p;
 	}
@@ -169,47 +245,69 @@ sub main'file
 	{
 	local($file)=@_;
 
-	print <<"EOF";
+	local($tmp)=<<"EOF";
 	.file	"$file.s"
 	.version	"01.01"
 gcc2_compiled.:
 EOF
+	push(@out,$tmp);
 	}
 
 sub main'function_begin
 	{
-	local($func,$num)=@_;
-
-	$params=$num*4;
+	local($func)=@_;
 
+	&main'external_label($func);
 	$func=$under.$func;
 
-	print <<"EOF";
+	local($tmp)=<<"EOF";
 .text
 	.align $align
 .globl $func
 EOF
+	push(@out,$tmp);
 	if ($main'cpp)
-		{ printf("\tTYPE($func,\@function)\n"); }
-	else	{ printf("\t.type	$func,\@function\n"); }
-	print <<"EOF";
-$func:
+		{ $tmp=push(@out,"\tTYPE($func,\@function)\n"); }
+	else	{ $tmp=push(@out,"\t.type\t$func,\@function\n"); }
+	push(@out,"$func:\n");
+	$tmp=<<"EOF";
 	pushl	%ebp
 	pushl	%ebx
 	pushl	%esi
 	pushl	%edi
 
 EOF
+	push(@out,$tmp);
 	$stack=20;
 	}
 
+sub main'function_begin_B
+	{
+	local($func,$extra)=@_;
+
+	&main'external_label($func);
+	$func=$under.$func;
+
+	local($tmp)=<<"EOF";
+.text
+	.align $align
+.globl $func
+EOF
+	push(@out,$tmp);
+	if ($main'cpp)
+		{ push(@out,"\tTYPE($func,\@function)\n"); }
+	else	{ push(@out,"\t.type	$func,\@function\n"); }
+	push(@out,"$func:\n");
+	$stack=4;
+	}
+
 sub main'function_end
 	{
 	local($func)=@_;
 
 	$func=$under.$func;
 
-	print <<"EOF";
+	local($tmp)=<<"EOF";
 	popl	%edi
 	popl	%esi
 	popl	%ebx
@@ -217,10 +315,11 @@ sub main'function_end
 	ret
 .${func}_end:
 EOF
+	push(@out,$tmp);
 	if ($main'cpp)
-		{ printf("\tSIZE($func,.${func}_end-$func)\n"); }
-	else	{ printf("\t.size\t$func,.${func}_end-$func\n"); }
-	print ".ident	\"desasm.pl\"\n";
+		{ push(@out,"\tSIZE($func,.${func}_end-$func)\n"); }
+	else	{ push(@out,"\t.size\t$func,.${func}_end-$func\n"); }
+	push(@out,".ident	\"$func\"\n");
 	$stack=0;
 	%label=();
 	}
@@ -229,13 +328,14 @@ sub main'function_end_A
 	{
 	local($func)=@_;
 
-	print <<"EOF";
+	local($tmp)=<<"EOF";
 	popl	%edi
 	popl	%esi
 	popl	%ebx
 	popl	%ebp
 	ret
 EOF
+	push(@out,$tmp);
 	}
 
 sub main'function_end_B
@@ -244,13 +344,11 @@ sub main'function_end_B
 
 	$func=$under.$func;
 
-	print <<"EOF";
-.${func}_end:
-EOF
+	push(@out,".${func}_end:\n");
 	if ($main'cpp)
-		{ printf("\tSIZE($func,.${func}_end-$func)\n"); }
-	else	{ printf("\t.size\t$func,.${func}_end-$func\n"); }
-	print ".ident	\"desasm.pl\"\n";
+		{ push(@out,"\tSIZE($func,.${func}_end-$func)\n"); }
+	else	{ push(@out,"\t.size\t$func,.${func}_end-$func\n"); }
+	push(@out,".ident	\"desasm.pl\"\n");
 	$stack=0;
 	%label=();
 	}
@@ -262,28 +360,41 @@ sub main'wparam
 	return(&main'DWP($stack+$num*4,"esp","",0));
 	}
 
-sub main'wtmp_b
+sub main'stack_push
 	{
-	local($num,$b)=@_;
-
-	return(&main'BP(-(($num+1)*4)+$b,"esp","",0));
+	local($num)=@_;
+	$stack+=$num*4;
+	&main'sub("esp",$num*4);
 	}
 
-sub main'wtmp
+sub main'stack_pop
 	{
 	local($num)=@_;
+	$stack-=$num*4;
+	&main'add("esp",$num*4);
+	}
 
-	return(&main'DWP(-($num+1)*4,"esp","",0));
+sub main'swtmp
+	{
+	return(&main'DWP($_[0]*4,"esp","",0));
 	}
 
+# Should use swtmp, which is above esp.  Linix can trash the stack above esp
+#sub main'wtmp
+#	{
+#	local($num)=@_;
+#
+#	return(&main'DWP(-($num+1)*4,"esp","",0));
+#	}
+
 sub main'comment
 	{
 	foreach (@_)
 		{
 		if (/^\s*$/)
-			{ print "\n"; }
+			{ push(@out,"\n"); }
 		else
-			{ print "\t$com_start $_ $com_end\n"; }
+			{ push(@out,"\t$com_start $_ $com_end\n"); }
 		}
 	}
 
@@ -304,10 +415,15 @@ sub main'set_label
 		$label{$_[0]}=".${label}${_[0]}";
 		$label++;
 		}
-	print ".align $align\n";
-	print "$label{$_[0]}:\n";
+	push(@out,".align $align\n") if ($_[1] != 0);
+	push(@out,"$label{$_[0]}:\n");
 	}
 
 sub main'file_end
 	{
 	}
+
+sub main'data_word
+	{
+	push(@out,"\t.long $_[0]\n");
+	}
diff --git a/crypto/pkcs7/Makefile.ssl b/crypto/pkcs7/Makefile.ssl
index 64a005a186..a88359b320 100644
--- a/crypto/pkcs7/Makefile.ssl
+++ b/crypto/pkcs7/Makefile.ssl
@@ -81,6 +81,6 @@ clean:
 
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/pkcs7/enc.c b/crypto/pkcs7/enc.c
new file mode 100644
index 0000000000..625a7c2285
--- /dev/null
+++ b/crypto/pkcs7/enc.c
@@ -0,0 +1,144 @@
+/* crypto/pkcs7/enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "bio.h"
+#include "x509.h"
+#include "pem.h"
+
+main(argc,argv)
+int argc;
+char *argv[];
+	{
+	X509 *x509;
+	EVP_PKEY *pkey;
+	PKCS7 *p7;
+	PKCS7 *p7_data;
+	PKCS7_SIGNER_INFO *si;
+	BIO *in;
+	BIO *data,*p7bio;
+	char buf[1024*4];
+	int i,j;
+	int nodetach=0;
+
+	EVP_add_digest(EVP_sha1());
+	EVP_add_cipher(EVP_des_cbc());
+
+	data=BIO_new(BIO_s_file());
+again:
+	if (argc > 1)
+		{
+		if (strcmp(argv[1],"-nd") == 0)
+			{
+			nodetach=1;
+			argv++; argc--;
+			goto again;
+			}
+		if (!BIO_read_filename(data,argv[1]))
+			goto err;
+		}
+	else
+		BIO_set_fp(data,stdin,BIO_NOCLOSE);
+
+	if ((in=BIO_new_file("server.pem","r")) == NULL) goto err;
+	if ((x509=PEM_read_bio_X509(in,NULL,NULL)) == NULL) goto err;
+	BIO_reset(in);
+	if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL)) == NULL) goto err;
+	BIO_free(in);
+
+	p7=PKCS7_new();
+	PKCS7_set_type(p7,NID_pkcs7_signedAndEnveloped);
+	 
+	if (PKCS7_add_signature(p7,x509,pkey,EVP_sha1()) == NULL) goto err;
+
+	if (!PKCS7_set_cipher(p7,EVP_des_cbc())) goto err;
+	if (PKCS7_add_recipient(p7,x509) == NULL) goto err;
+
+	/* we may want to add more */
+	PKCS7_add_certificate(p7,x509);
+
+
+	/* Set the content of the signed to 'data' */
+	/* PKCS7_content_new(p7,NID_pkcs7_data); not used in envelope */
+
+	/* could be used, but not in this version :-)
+	if (!nodetach) PKCS7_set_detached(p7,1);
+	*/
+
+	if ((p7bio=PKCS7_dataInit(p7,NULL)) == NULL) goto err;
+
+	for (;;)
+		{
+		i=BIO_read(data,buf,sizeof(buf));
+		if (i <= 0) break;
+		BIO_write(p7bio,buf,i);
+		}
+	BIO_flush(p7bio);
+
+	if (!PKCS7_dataSign(p7,p7bio)) goto err;
+	BIO_free(p7bio);
+
+	PEM_write_PKCS7(stdout,p7);
+	PKCS7_free(p7);
+
+	exit(0);
+err:
+	ERR_load_crypto_strings();
+	ERR_print_errors_fp(stderr);
+	exit(1);
+	}
+
diff --git a/crypto/pkcs7/p7/a1 b/crypto/pkcs7/p7/a1
new file mode 100644
index 0000000000..56ca943762
--- /dev/null
+++ b/crypto/pkcs7/p7/a1
@@ -0,0 +1,2 @@
+j,H>_��_�D�zE�L�	VJ��觬���E3��Y�x%_�k
+3�)DLSc�8%�M
+\ No newline at end of file
diff --git a/crypto/pkcs7/p7/a2 b/crypto/pkcs7/p7/a2
new file mode 100644
index 0000000000..23d8fb5e93
--- /dev/null
+++ b/crypto/pkcs7/p7/a2
@@ -0,0 +1 @@
+k~@a�,N�M͹�	<O( KP�騠�K�>��U�o_�Bqrm�?٠t?t��ρ�Id2��
+\ No newline at end of file
diff --git a/crypto/pkcs7/p7/cert.p7c b/crypto/pkcs7/p7/cert.p7c
new file mode 100644
index 0000000000..2b75ec05f7
--- /dev/null
+++ b/crypto/pkcs7/p7/cert.p7c
diff --git a/crypto/pkcs7/p7/smime.p7m b/crypto/pkcs7/p7/smime.p7m
new file mode 100644
index 0000000000..2b6e6f82ba
--- /dev/null
+++ b/crypto/pkcs7/p7/smime.p7m
diff --git a/crypto/pkcs7/p7/smime.p7s b/crypto/pkcs7/p7/smime.p7s
new file mode 100644
index 0000000000..2b5d4fb0e3
--- /dev/null
+++ b/crypto/pkcs7/p7/smime.p7s
diff --git a/crypto/pkcs7/pk7_dgst.c b/crypto/pkcs7/pk7_dgst.c
index fa562a4816..7769abeb1e 100644
--- a/crypto/pkcs7/pk7_dgst.c
+++ b/crypto/pkcs7/pk7_dgst.c
@@ -1,5 +1,5 @@
 /* crypto/pkcs7/pk7_dgst.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 32a2a45226..b5689b3fe4 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -1,5 +1,5 @@
 /* crypto/pkcs7/pk7_doit.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -58,6 +58,7 @@
 
 #include <stdio.h>
 #include "cryptlib.h"
+#include "rand.h"
 #include "objects.h"
 #include "x509.h"
 
@@ -69,6 +70,11 @@ BIO *bio;
 	BIO *out=NULL,*btmp;
 	X509_ALGOR *xa;
 	EVP_MD *evp_md;
+	EVP_CIPHER *evp_cipher=NULL;
+	STACK *md_sk=NULL,*rsk=NULL;
+	X509_ALGOR *xalg=NULL;
+	PKCS7_RECIP_INFO *ri=NULL;
+	EVP_PKEY *pkey;
 
 	i=OBJ_obj2nid(p7->type);
 	p7->state=PKCS7_S_HEADER;
@@ -76,9 +82,29 @@ BIO *bio;
 	switch (i)
 		{
 	case NID_pkcs7_signed:
-		for (i=0; i<sk_num(p7->d.sign->md_algs); i++)
+		md_sk=p7->d.sign->md_algs;
+		break;
+	case NID_pkcs7_signedAndEnveloped:
+		rsk=p7->d.signed_and_enveloped->recipientinfo;
+		md_sk=p7->d.signed_and_enveloped->md_algs;
+		evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(p7->d.signed_and_enveloped->enc_data->algorithm->algorithm)));
+		if (evp_cipher == NULL)
+			{
+			PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
+			goto err;
+			}
+		xalg=p7->d.signed_and_enveloped->enc_data->algorithm;
+		break;
+	default:
+		PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+	        goto err;
+		}
+
+	if (md_sk != NULL)
+		{
+		for (i=0; i<sk_num(md_sk); i++)
 			{
-			xa=(X509_ALGOR *)sk_value(p7->d.sign->md_algs,i);
+			xa=(X509_ALGOR *)sk_value(md_sk,i);
 			if ((btmp=BIO_new(BIO_f_md())) == NULL) goto err;
 
 			j=OBJ_obj2nid(xa->algorithm);
@@ -95,12 +121,61 @@ BIO *bio;
 			else
 				BIO_push(out,btmp);
 			}
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-	        goto err;
 		}
-	if (bio == NULL)
+
+	if (evp_cipher != NULL)
+		{
+		unsigned char key[EVP_MAX_KEY_LENGTH];
+		unsigned char iv[EVP_MAX_IV_LENGTH];
+		int keylen,ivlen;
+		int jj,max;
+		unsigned char *tmp;
+
+		if ((btmp=BIO_new(BIO_f_cipher())) == NULL) goto err;
+		keylen=EVP_CIPHER_key_length(evp_cipher);
+		ivlen=EVP_CIPHER_iv_length(evp_cipher);
+
+		if (ivlen > 0)
+			{
+			ASN1_OCTET_STRING *os;
+
+			RAND_bytes(iv,ivlen);
+			os=ASN1_OCTET_STRING_new();
+			ASN1_OCTET_STRING_set(os,iv,ivlen);
+		/*	ASN1_TYPE_set(xalg->parameter,V_ASN1_OCTET_STRING,
+				(char *)os);
+		*/	}
+		RAND_bytes(key,keylen);
+
+		/* Lets do the pub key stuff :-) */
+		max=0;
+		for (i=0; i<sk_num(rsk); i++)
+			{
+			ri=(PKCS7_RECIP_INFO *)sk_value(rsk,i);
+			if (ri->cert == NULL) abort();
+			pkey=X509_get_pubkey(ri->cert);
+			jj=EVP_PKEY_size(pkey);
+			if (max < jj) max=jj;
+			}
+		if ((tmp=(unsigned char *)Malloc(max)) == NULL) abort();
+		for (i=0; i<sk_num(rsk); i++)
+			{
+			ri=(PKCS7_RECIP_INFO *)sk_value(rsk,i);
+			pkey=X509_get_pubkey(ri->cert);
+			jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey);
+			if (jj <= 0) abort();
+			ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj);
+			}
+
+		BIO_set_cipher(btmp,evp_cipher,key,iv,1);
+
+		if (out == NULL)
+			out=btmp;
+		else
+			BIO_push(out,btmp);
+		}
+
+	if (bio == NULL) /* ??????????? */
 		{
 		if (p7->detached)
 			bio=BIO_new(BIO_s_null());
@@ -114,7 +189,8 @@ BIO *bio;
 
 				os=p7->d.sign->contents->d.data;
 				if (os->length > 0)
-					BIO_write(bio,os->data,os->length);
+					BIO_write(bio,(char *)os->data,
+						os->length);
 				}
 			}
 		}
@@ -135,22 +211,35 @@ BIO *bio;
 	BUF_MEM *buf=NULL;
 	PKCS7_SIGNER_INFO *si;
 	EVP_MD_CTX *mdc,ctx_tmp;
-	STACK *sk;
+	STACK *sk,*si_sk=NULL;
 	unsigned char *p,*pp=NULL;
 	int x;
+	ASN1_OCTET_STRING *os=NULL;
 
 	i=OBJ_obj2nid(p7->type);
 	p7->state=PKCS7_S_HEADER;
 
 	switch (i)
 		{
+	case NID_pkcs7_signedAndEnveloped:
+		/* XXXXXXXXXXXXXXXX */
+		si_sk=p7->d.signed_and_enveloped->signer_info;
+		os=ASN1_OCTET_STRING_new();
+		p7->d.signed_and_enveloped->enc_data->enc_data=os;
+		break;
 	case NID_pkcs7_signed:
+		si_sk=p7->d.sign->signer_info;
+		os=p7->d.sign->contents->d.data;
+		break;
+		}
 
+	if (si_sk != NULL)
+		{
 		if ((buf=BUF_MEM_new()) == NULL) goto err;
-		for (i=0; i<sk_num(p7->d.sign->signer_info); i++)
+		for (i=0; i<sk_num(si_sk); i++)
 			{
 			si=(PKCS7_SIGNER_INFO *)
-				sk_value(p7->d.sign->signer_info,i);
+				sk_value(si_sk,i);
 			if (si->pkey == NULL)
 				continue;
 			j=OBJ_obj2nid(si->digest_enc_alg->algorithm);
@@ -161,13 +250,13 @@ BIO *bio;
 				if ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) 
 					== NULL)
 					{
-					PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
+					PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
 					goto err;
 					}
 				BIO_get_md_ctx(btmp,&mdc);
 				if (mdc == NULL)
 					{
-					PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_INTERNAL_ERROR);
+					PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_INTERNAL_ERROR);
 					goto err;
 					}
 				if (EVP_MD_pkey_type(EVP_MD_CTX_type(mdc)) == j)
@@ -195,40 +284,31 @@ BIO *bio;
 				Free(pp);
 				}
 
-			if (!EVP_SignFinal(&ctx_tmp,buf->data,
+			if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data,
 				(unsigned int *)&buf->length,si->pkey))
 				goto err;
 			if (!ASN1_STRING_set(si->enc_digest,
 				(unsigned char *)buf->data,buf->length))
 				goto err;
-
 			}
 		if (p7->detached)
-			PKCS7_content_free(p7->d.sign->contents);
+			ASN1_OCTET_STRING_set(os,(unsigned char *)"",0);
 		else
 			{
 			btmp=BIO_find_type(bio,BIO_TYPE_MEM);
 			if (btmp == NULL)
 				{
-				PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
+				PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
 				goto err;
 				}
 			BIO_get_mem_ptr(btmp,&buf_mem);
-			ASN1_OCTET_STRING_set(p7->d.sign->contents->d.data,
+			ASN1_OCTET_STRING_set(os,
 				(unsigned char *)buf_mem->data,buf_mem->length);
 			}
 		if (pp != NULL) Free(pp);
 		pp=NULL;
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-	        goto err;
 		}
 
-	if (p7->detached)
-		{
-
-		}
 	ret=1;
 err:
 	if (buf != NULL) BUF_MEM_free(buf);
@@ -253,6 +333,7 @@ PKCS7_SIGNER_INFO *si;
 	X509 *x509;
 
 	if (!PKCS7_type_is_signed(p7)) abort();
+	/* XXXXXXXXXXXXXXXXXXXXXXX */
 	ias=si->issuer_and_serial;
 	s=p7->d.sign;
 
diff --git a/crypto/pkcs7/pk7_enc.c b/crypto/pkcs7/pk7_enc.c
index 96a6dd94a8..a5b6dc463f 100644
--- a/crypto/pkcs7/pk7_enc.c
+++ b/crypto/pkcs7/pk7_enc.c
@@ -1,5 +1,5 @@
 /* crypto/pkcs7/pk7_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
index aac133e639..7d14ad1173 100644
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -1,5 +1,5 @@
 /* crypto/pkcs7/pk7_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -169,9 +169,15 @@ int type;
 		if ((p7->d.data=ASN1_OCTET_STRING_new()) == NULL)
 			goto err;
 		break;
+	case NID_pkcs7_signedAndEnveloped:
+		p7->type=obj;
+		if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new())
+			== NULL)
+			goto err;
+		ASN1_INTEGER_set(p7->d.sign->version,1);
+		break;
 	case NID_pkcs7_digest:
 	case NID_pkcs7_enveloped:
-	case NID_pkcs7_signedAndEnveloped:
 	case NID_pkcs7_encrypted:
 	default:
 		PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
@@ -188,24 +194,32 @@ PKCS7_SIGNER_INFO *psi;
 	{
 	int i,j,nid;
 	X509_ALGOR *alg;
-	PKCS7_SIGNED *p7s;
+	STACK *signer_sk;
+	STACK *md_sk;
 
 	i=OBJ_obj2nid(p7->type);
-	if (i != NID_pkcs7_signed)
+	switch (i)
 		{
+	case NID_pkcs7_signed:
+		signer_sk=	p7->d.sign->signer_info;
+		md_sk=		p7->d.sign->md_algs;
+		break;
+	case NID_pkcs7_signedAndEnveloped:
+		signer_sk=	p7->d.signed_and_enveloped->signer_info;
+		md_sk=		p7->d.signed_and_enveloped->md_algs;
+		break;
+	default:
 		PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE);
 		return(0);
 		}
 
-	p7s=p7->d.sign;
-
 	nid=OBJ_obj2nid(psi->digest_alg->algorithm);
 
 	/* If the digest is not currently listed, add it */
 	j=0;
-	for (i=0; i<sk_num(p7s->md_algs); i++)
+	for (i=0; i<sk_num(md_sk); i++)
 		{
-		alg=(X509_ALGOR *)sk_value(p7s->md_algs,i);
+		alg=(X509_ALGOR *)sk_value(md_sk,i);
 		if (OBJ_obj2nid(alg->algorithm) == nid)
 			{
 			j=1;
@@ -216,10 +230,10 @@ PKCS7_SIGNER_INFO *psi;
 		{
 		alg=X509_ALGOR_new();
 		alg->algorithm=OBJ_nid2obj(nid);
-		sk_push(p7s->md_algs,(char *)alg);
+		sk_push(md_sk,(char *)alg);
 		}
 
-	sk_push(p7s->signer_info,(char *)psi);
+	sk_push(signer_sk,(char *)psi);
 	return(1);
 	}
 
@@ -228,18 +242,26 @@ PKCS7 *p7;
 X509 *x509;
 	{
 	int i;
+	STACK **sk;
 
 	i=OBJ_obj2nid(p7->type);
-	if (i != NID_pkcs7_signed)
+	switch (i)
 		{
-		PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE);
+	case NID_pkcs7_signed:
+		sk= &(p7->d.sign->cert);
+		break;
+	case NID_pkcs7_signedAndEnveloped:
+		sk= &(p7->d.signed_and_enveloped->cert);
+		break;
+	default:
+		PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,PKCS7_R_WRONG_CONTENT_TYPE);
 		return(0);
 		}
 
-	if (p7->d.sign->cert == NULL)
-		p7->d.sign->cert=sk_new_null();
+	if (*sk == NULL)
+		*sk=sk_new_null();
 	CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
-	sk_push(p7->d.sign->cert,(char *)x509);
+	sk_push(*sk,(char *)x509);
 	return(1);
 	}
 
@@ -248,18 +270,27 @@ PKCS7 *p7;
 X509_CRL *crl;
 	{
 	int i;
+	STACK **sk;
+
 	i=OBJ_obj2nid(p7->type);
-	if (i != NID_pkcs7_signed)
+	switch (i)
 		{
-		PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE);
+	case NID_pkcs7_signed:
+		sk= &(p7->d.sign->crl);
+		break;
+	case NID_pkcs7_signedAndEnveloped:
+		sk= &(p7->d.signed_and_enveloped->crl);
+		break;
+	default:
+		PKCS7err(PKCS7_F_PKCS7_ADD_CRL,PKCS7_R_WRONG_CONTENT_TYPE);
 		return(0);
 		}
 
-	if (p7->d.sign->crl == NULL)
-		p7->d.sign->crl=sk_new_null();
+	if (*sk == NULL)
+		*sk=sk_new_null();
 
 	CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL);
-	sk_push(p7->d.sign->crl,(char *)crl);
+	sk_push(*sk,(char *)crl);
 	return(1);
 	}
 
@@ -296,7 +327,6 @@ EVP_MD *dgst;
 	p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
 #endif
 
-
 	return(1);
 err:
 	return(0);
@@ -329,6 +359,60 @@ PKCS7 *p7;
 		return(NULL);
 	}
 
+PKCS7_RECIP_INFO *PKCS7_add_recipient(p7,x509)
+PKCS7 *p7;
+X509 *x509;
+	{
+	PKCS7_RECIP_INFO *ri;
+
+	if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err;
+	if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err;
+	if (!PKCS7_add_recipient_info(p7,ri)) goto err;
+	return(ri);
+err:
+	return(NULL);
+	}
+
+int PKCS7_add_recipient_info(p7,ri)
+PKCS7 *p7;
+PKCS7_RECIP_INFO *ri;
+	{
+	int i;
+	STACK *sk;
+
+	i=OBJ_obj2nid(p7->type);
+	switch (i)
+		{
+	case NID_pkcs7_signedAndEnveloped:
+		sk=	p7->d.signed_and_enveloped->recipientinfo;
+		break;
+	default:
+		PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_TYPE);
+		return(0);
+		}
+
+	sk_push(sk,(char *)ri);
+	return(1);
+	}
+
+int PKCS7_RECIP_INFO_set(p7i,x509)
+PKCS7_RECIP_INFO *p7i;
+X509 *x509;
+	{
+	ASN1_INTEGER_set(p7i->version,0);
+	X509_NAME_set(&p7i->issuer_and_serial->issuer,
+		X509_get_issuer_name(x509));
+
+	ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
+	p7i->issuer_and_serial->serial=
+		ASN1_INTEGER_dup(X509_get_serialNumber(x509));
+
+	CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
+	p7i->cert=x509;
+
+	return(1);
+	}
+
 X509 *PKCS7_cert_from_signer_info(p7,si)
 PKCS7 *p7;
 PKCS7_SIGNER_INFO *si;
@@ -341,3 +425,25 @@ PKCS7_SIGNER_INFO *si;
 		return(NULL);
 	}
 
+int PKCS7_set_cipher(p7,cipher)
+PKCS7 *p7;
+EVP_CIPHER *cipher;
+	{
+	int i;
+	PKCS7_ENC_CONTENT *ec;
+
+	i=OBJ_obj2nid(p7->type);
+	switch (i)
+		{
+	case NID_pkcs7_signedAndEnveloped:
+		ec=p7->d.signed_and_enveloped->enc_data;
+		break;
+	default:
+		PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE);
+		return(0);
+		}
+
+	ec->algorithm->algorithm=OBJ_nid2obj(EVP_CIPHER_nid(cipher));
+	return(ec->algorithm->algorithm != NULL);
+	}
+
diff --git a/crypto/pkcs7/pkcs7.err b/crypto/pkcs7/pkcs7.err
index 500f9b3de4..91413aae43 100644
--- a/crypto/pkcs7/pkcs7.err
+++ b/crypto/pkcs7/pkcs7.err
@@ -1,13 +1,17 @@
 /* Error codes for the PKCS7 functions. */
 
 /* Function codes. */
-#define PKCS7_F_PKCS7_ADD_SIGNER			 100
-#define PKCS7_F_PKCS7_CTRL				 101
-#define PKCS7_F_PKCS7_DATAFINAL				 102
-#define PKCS7_F_PKCS7_DATAINIT				 103
-#define PKCS7_F_PKCS7_DATAVERIFY			 104
-#define PKCS7_F_PKCS7_SET_CONTENT			 105
-#define PKCS7_F_PKCS7_SET_TYPE				 106
+#define PKCS7_F_PKCS7_ADD_CERTIFICATE			 100
+#define PKCS7_F_PKCS7_ADD_CRL				 101
+#define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO		 102
+#define PKCS7_F_PKCS7_ADD_SIGNER			 103
+#define PKCS7_F_PKCS7_CTRL				 104
+#define PKCS7_F_PKCS7_DATAINIT				 105
+#define PKCS7_F_PKCS7_DATASIGN				 106
+#define PKCS7_F_PKCS7_DATAVERIFY			 107
+#define PKCS7_F_PKCS7_SET_CIPHER			 108
+#define PKCS7_F_PKCS7_SET_CONTENT			 109
+#define PKCS7_F_PKCS7_SET_TYPE				 110
 
 /* Reason codes. */
 #define PKCS7_R_INTERNAL_ERROR				 100
@@ -17,5 +21,6 @@
 #define PKCS7_R_UNABLE_TO_FIND_MEM_BIO			 104
 #define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST		 105
 #define PKCS7_R_UNKNOWN_DIGEST_TYPE			 106
-#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE		 107
-#define PKCS7_R_WRONG_CONTENT_TYPE			 108
+#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE			 107
+#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE		 108
+#define PKCS7_R_WRONG_CONTENT_TYPE			 109
diff --git a/crypto/pkcs7/pkcs7.h b/crypto/pkcs7/pkcs7.h
index 061f1f0709..ee12f670a8 100644
--- a/crypto/pkcs7/pkcs7.h
+++ b/crypto/pkcs7/pkcs7.h
@@ -1,5 +1,5 @@
 /* crypto/pkcs7/pkcs7.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -99,16 +99,18 @@ typedef struct pkcs7_recip_info_st
 	PKCS7_ISSUER_AND_SERIAL		*issuer_and_serial;
 	X509_ALGOR			*key_enc_algor;
 	ASN1_OCTET_STRING		*enc_key;
+	X509				*cert; /* get the pub-key from this */
 	} PKCS7_RECIP_INFO;
 
 typedef struct pkcs7_signed_st
 	{
 	ASN1_INTEGER			*version;	/* version 1 */
 	STACK /* X509_ALGOR's */	*md_algs;	/* md used */
-	struct pkcs7_st			*contents;
 	STACK /* X509 */		*cert;		/* [ 0 ] */
 	STACK /* X509_CRL */		*crl;		/* [ 1 ] */
 	STACK /* PKCS7_SIGNER_INFO */	*signer_info;
+
+	struct pkcs7_st			*contents;
 	} PKCS7_SIGNED;
 /* The above structure is very very similar to PKCS7_SIGN_ENVELOPE.
  * How about merging the two */
@@ -130,12 +132,13 @@ typedef struct pkcs7_enveloped_st
 typedef struct pkcs7_signedandenveloped_st
 	{
 	ASN1_INTEGER			*version;	/* version 1 */
-	STACK /* PKCS7_RECIP_INFO */	*recipientinfo;
 	STACK /* X509_ALGOR's */	*md_algs;	/* md used */
-	PKCS7_ENC_CONTENT		*enc_data;
 	STACK /* X509 */		*cert;		/* [ 0 ] */
 	STACK /* X509_CRL */		*crl;		/* [ 1 ] */
 	STACK /* PKCS7_SIGNER_INFO */	*signer_info;
+
+	PKCS7_ENC_CONTENT		*enc_data;
+	STACK /* PKCS7_RECIP_INFO */	*recipientinfo;
 	} PKCS7_SIGN_ENVELOPE;
 
 typedef struct pkcs7_digest_st
@@ -204,6 +207,14 @@ typedef struct pkcs7_st
 #define PKCS7_get_detached(p) \
 		PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
 
+#ifdef SSLEAY_MACROS
+
+#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
+        ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
+	                (char *)data,md,len)
+#endif
+
+
 #ifndef NOPROTO
 PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void );
 void			PKCS7_ISSUER_AND_SERIAL_free(
@@ -214,8 +225,17 @@ PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(
 				PKCS7_ISSUER_AND_SERIAL **a,
 				unsigned char **pp, long length);
 
+#ifndef SSLEAY_MACROS
 int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,EVP_MD *type,
 	unsigned char *md,unsigned int *len);
+#ifndef NO_FP_API
+PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 *p7);
+int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
+#endif
+PKCS7 *PKCS7_dup(PKCS7 *p7);
+PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 *p7);
+int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
+#endif
 
 PKCS7_SIGNER_INFO	*PKCS7_SIGNER_INFO_new(void);
 void			PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a);
@@ -283,13 +303,6 @@ PKCS7			*d2i_PKCS7(PKCS7 **a,
 
 void ERR_load_PKCS7_strings(void);
 
-#ifndef WIN16
-PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 *p7);
-int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
-#endif
-PKCS7 *PKCS7_dup(PKCS7 *p7);
-PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 *p7);
-int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
 
 long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
 
@@ -313,6 +326,13 @@ PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
 X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
 STACK *PKCS7_get_signer_info(PKCS7 *p7);
 
+PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
+int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
+int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
+int PKCS7_set_cipher(PKCS7 *p7, EVP_CIPHER *cipher);
+
+
+
 #else
 
 PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new();
@@ -320,7 +340,17 @@ void			PKCS7_ISSUER_AND_SERIAL_free();
 int 			i2d_PKCS7_ISSUER_AND_SERIAL();
 PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL();
 
+#ifndef SSLEAY_MACROS
 int			PKCS7_ISSUER_AND_SERIAL_digest();
+#ifndef NO_FP_API
+PKCS7 *d2i_PKCS7_fp();
+int i2d_PKCS7_fp();
+#endif
+PKCS7 *PKCS7_dup();
+PKCS7 *d2i_PKCS7_bio();
+int i2d_PKCS7_bio();
+
+#endif
 
 PKCS7_SIGNER_INFO	*PKCS7_SIGNER_INFO_new();
 void			PKCS7_SIGNER_INFO_free();
@@ -362,13 +392,6 @@ PKCS7			*d2i_PKCS7();
 
 void ERR_load_PKCS7_strings();
 
-#ifndef WIN16
-PKCS7 *d2i_PKCS7_fp();
-int i2d_PKCS7_fp();
-#endif
-PKCS7 *PKCS7_dup();
-PKCS7 *d2i_PKCS7_bio();
-int i2d_PKCS7_bio();
 long PKCS7_ctrl();
 int PKCS7_set_type();
 int PKCS7_set_content();
@@ -384,19 +407,28 @@ PKCS7_SIGNER_INFO *PKCS7_add_signature();
 X509 *PKCS7_cert_from_signer_info();
 STACK *PKCS7_get_signer_info();
 
+PKCS7_RECIP_INFO *PKCS7_add_recipient();
+int PKCS7_add_recipient_info();
+int PKCS7_RECIP_INFO_set();
+int PKCS7_set_cipher();
+
 #endif
 
 /* BEGIN ERROR CODES */
 /* Error codes for the PKCS7 functions. */
 
 /* Function codes. */
-#define PKCS7_F_PKCS7_ADD_SIGNER			 100
-#define PKCS7_F_PKCS7_CTRL				 101
-#define PKCS7_F_PKCS7_DATAFINAL				 102
-#define PKCS7_F_PKCS7_DATAINIT				 103
-#define PKCS7_F_PKCS7_DATAVERIFY			 104
-#define PKCS7_F_PKCS7_SET_CONTENT			 105
-#define PKCS7_F_PKCS7_SET_TYPE				 106
+#define PKCS7_F_PKCS7_ADD_CERTIFICATE			 100
+#define PKCS7_F_PKCS7_ADD_CRL				 101
+#define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO		 102
+#define PKCS7_F_PKCS7_ADD_SIGNER			 103
+#define PKCS7_F_PKCS7_CTRL				 104
+#define PKCS7_F_PKCS7_DATAINIT				 105
+#define PKCS7_F_PKCS7_DATASIGN				 106
+#define PKCS7_F_PKCS7_DATAVERIFY			 107
+#define PKCS7_F_PKCS7_SET_CIPHER			 108
+#define PKCS7_F_PKCS7_SET_CONTENT			 109
+#define PKCS7_F_PKCS7_SET_TYPE				 110
 
 /* Reason codes. */
 #define PKCS7_R_INTERNAL_ERROR				 100
@@ -406,8 +438,9 @@ STACK *PKCS7_get_signer_info();
 #define PKCS7_R_UNABLE_TO_FIND_MEM_BIO			 104
 #define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST		 105
 #define PKCS7_R_UNKNOWN_DIGEST_TYPE			 106
-#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE		 107
-#define PKCS7_R_WRONG_CONTENT_TYPE			 108
+#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE			 107
+#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE		 108
+#define PKCS7_R_WRONG_CONTENT_TYPE			 109
  
 #ifdef  __cplusplus
 }
diff --git a/crypto/pkcs7/pkcs7err.c b/crypto/pkcs7/pkcs7err.c
index 851691da6a..f851057422 100644
--- a/crypto/pkcs7/pkcs7err.c
+++ b/crypto/pkcs7/pkcs7err.c
@@ -60,13 +60,18 @@
 #include "pkcs7.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA PKCS7_str_functs[]=
 	{
+{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CERTIFICATE,0),	"PKCS7_add_certificate"},
+{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CRL,0),	"PKCS7_add_crl"},
+{ERR_PACK(0,PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,0),	"PKCS7_add_recipient_info"},
 {ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0),	"PKCS7_add_signer"},
 {ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0),	"PKCS7_ctrl"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DATAFINAL,0),	"PKCS7_DATAFINAL"},
 {ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0),	"PKCS7_dataInit"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0),	"PKCS7_dataSign"},
 {ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0),	"PKCS7_dataVerify"},
+{ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0),	"PKCS7_set_cipher"},
 {ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0),	"PKCS7_set_content"},
 {ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0),	"PKCS7_set_type"},
 {0,NULL},
@@ -81,19 +86,25 @@ static ERR_STRING_DATA PKCS7_str_reasons[]=
 {PKCS7_R_UNABLE_TO_FIND_MEM_BIO          ,"unable to find mem bio"},
 {PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST   ,"unable to find message digest"},
 {PKCS7_R_UNKNOWN_DIGEST_TYPE             ,"unknown digest type"},
+{PKCS7_R_UNSUPPORTED_CIPHER_TYPE         ,"unsupported cipher type"},
 {PKCS7_R_UNSUPPORTED_CONTENT_TYPE        ,"unsupported content type"},
 {PKCS7_R_WRONG_CONTENT_TYPE              ,"wrong content type"},
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_PKCS7_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs);
 		ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons);
+#endif
+
 		}
 	}
diff --git a/crypto/pkcs7/sign.c b/crypto/pkcs7/sign.c
index 9400fe30ba..ead1cb65ca 100644
--- a/crypto/pkcs7/sign.c
+++ b/crypto/pkcs7/sign.c
@@ -1,3 +1,60 @@
+/* crypto/pkcs7/sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
 #include <stdio.h>
 #include "bio.h"
 #include "x509.h"
diff --git a/crypto/pkcs7/verify.c b/crypto/pkcs7/verify.c
index bce20ee20f..0e1c1b26dc 100644
--- a/crypto/pkcs7/verify.c
+++ b/crypto/pkcs7/verify.c
@@ -1,3 +1,60 @@
+/* crypto/pkcs7/verify.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
 #include <stdio.h>
 #include "asn1.h"
 #include "bio.h"
diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 6c8e65a05c..f44b36a8b9 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -1,5 +1,5 @@
 /* crypto/rand/md_rand.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -61,7 +61,6 @@
 #include <sys/types.h>
 #include <time.h>
 
-
 #if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
 #ifndef NO_MD5
 #define USE_MD5_RAND
@@ -119,19 +118,19 @@ We need a message digest of some type
 
 #define STATE_SIZE	1023
 static int state_num=0,state_index=0;
-static unsigned char state[STATE_SIZE];
+static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
 static unsigned char md[MD_DIGEST_LENGTH];
-static int count=0;
+static int md_count=0;
 
-char *RAND_version="RAND part of SSLeay 0.8.1b 29-Jun-1998";
+char *RAND_version="RAND part of SSLeay 0.9.0b 29-Jun-1998";
 
 void RAND_cleanup()
 	{
-	memset(state,0,STATE_SIZE);
+	memset(state,0,sizeof(state));
 	state_num=0;
 	state_index=0;
 	memset(md,0,MD_DIGEST_LENGTH);
-	count=0;
+	md_count=0;
 	}
 
 void RAND_seed(buf,num)
@@ -150,7 +149,7 @@ int num;
 	st_num=state_num;
 
 	state_index=(state_index+num);
-	if (state_index > STATE_SIZE)
+	if (state_index >= STATE_SIZE)
 		{
 		state_index%=STATE_SIZE;
 		state_num=STATE_SIZE;
@@ -236,7 +235,7 @@ int num;
 		l=time(NULL);
 		RAND_seed((unsigned char *)&l,sizeof(l));
 
-#ifdef DEVRANDOM
+/* #ifdef DEVRANDOM */
 		/* 
 		 * Use a random entropy pool device.
 		 * Linux 1.3.x and FreeBSD-Current has 
@@ -246,17 +245,17 @@ int num;
 		 */
 		if ((fh = fopen(DEVRANDOM, "r")) != NULL)
 			{
-			unsigned char buf[32];
+			unsigned char tmpbuf[32];
 
-			fread((unsigned char *)buf,1,32,fh);
+			fread((unsigned char *)tmpbuf,1,32,fh);
 			/* we don't care how many bytes we read,
 			 * we will just copy the 'stack' if there is
 			 * nothing else :-) */
 			fclose(fh);
-			RAND_seed(buf,32);
-			memset(buf,0,32);
+			RAND_seed(tmpbuf,32);
+			memset(tmpbuf,0,32);
 			}
-#endif
+/* #endif */
 #ifdef PURIFY
 		memset(state,0,STATE_SIZE);
 		memset(md,0,MD_DIGEST_LENGTH);
@@ -301,7 +300,7 @@ int num;
 		}
 
 	MD_Init(&m);
-	MD_Update(&m,(unsigned char *)&count,sizeof(count)); count++;
+	MD_Update(&m,(unsigned char *)&md_count,sizeof(md_count)); md_count++;
 	MD_Update(&m,md,MD_DIGEST_LENGTH);
 	MD_Final(md,&m);
 	memset(&m,0,sizeof(m));
diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h
index 99ca47d6cf..477d7a150a 100644
--- a/crypto/rand/rand.h
+++ b/crypto/rand/rand.h
@@ -1,5 +1,5 @@
 /* crypto/rand/rand.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index ad0e55db90..f2b3746363 100644
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -1,5 +1,5 @@
 /* crypto/rand/randfile.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/rand/randtest.c b/crypto/rand/randtest.c
index ac3f0d7097..e0ba61e123 100644
--- a/crypto/rand/randtest.c
+++ b/crypto/rand/randtest.c
@@ -1,5 +1,5 @@
 /* crypto/rand/randtest.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/ranlib.sh b/crypto/ranlib.sh
new file mode 100644
index 0000000000..543f712c6b
--- /dev/null
+++ b/crypto/ranlib.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+cwd=`pwd`
+cd /tmp
+
+if [ -s /bin/ranlib ] ; then 
+	RL=/bin/ranlib
+else if [ -s /usr/bin/ranlib ] ; then
+	RL=/usr/bin/ranlib
+fi
+fi
+
+if [ "x$RL" != "x" ]
+then
+	case "$1" in
+		/*)  
+		$RL "$1"
+		;;
+		*)
+		$RL "$cwd/$1"
+		;;
+	esac
+fi
diff --git a/crypto/rc2/Makefile.uni b/crypto/rc2/Makefile.uni
new file mode 100644
index 0000000000..e50b3f2d19
--- /dev/null
+++ b/crypto/rc2/Makefile.uni
@@ -0,0 +1,72 @@
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+
+DIR=    rc2
+TOP=    .
+CC=     gcc
+CFLAG=	-O3 -fomit-frame-pointer
+
+CPP=    $(CC) -E
+INCLUDES=
+INSTALLTOP=/usr/local/lib
+MAKE=           make
+MAKEDEPEND=     makedepend
+MAKEFILE=       Makefile.uni
+AR=             ar r
+
+IDEA_ENC=rc2_cbc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rc2test
+APPS=rc2speed
+
+LIB=librc2.a
+LIBSRC=rc2_skey.c rc2_ecb.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+LIBOBJ=rc2_skey.o rc2_ecb.o $(IDEA_ENC) rc2cfb64.o rc2ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc2.h
+HEADER= rc2_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+all:    $(LIB) $(TEST) $(APPS)
+
+$(LIB):    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/ranlib.sh $(LIB)
+
+test:	$(TEST)
+	./$(TEST)
+
+$(TEST): $(TEST).c $(LIB)
+	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
+
+$(APPS): $(APPS).c $(LIB)
+	$(CC) -o $(APPS) $(CFLAGS) $(APPS).c $(LIB)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+cc:
+	$(MAKE) CC="cc" CFLAG="-O" all
+
+gcc:
+	$(MAKE) CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/rc2/rc2.h b/crypto/rc2/rc2.h
index 0903417fc3..9232bbd564 100644
--- a/crypto/rc2/rc2.h
+++ b/crypto/rc2/rc2.h
@@ -90,7 +90,8 @@ typedef struct rc2_key_st
 void RC2_set_key(RC2_KEY *key, int len, unsigned char *data,int bits);
 void RC2_ecb_encrypt(unsigned char *in,unsigned char *out,RC2_KEY *key,
 	int enc);
-void RC2_encrypt(unsigned long *data,RC2_KEY *key,int enc);
+void RC2_encrypt(unsigned long *data,RC2_KEY *key);
+void RC2_decrypt(unsigned long *data,RC2_KEY *key);
 void RC2_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
 	RC2_KEY *ks, unsigned char *iv, int enc);
 void RC2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
@@ -103,6 +104,7 @@ void RC2_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
 void RC2_set_key();
 void RC2_ecb_encrypt();
 void RC2_encrypt();
+void RC2_decrypt();
 void RC2_cbc_encrypt();
 void RC2_cfb64_encrypt();
 void RC2_ofb64_encrypt();
diff --git a/crypto/rc2/rc2.org b/crypto/rc2/rc2.org
index af9310f13e..37354cfa62 100644
--- a/crypto/rc2/rc2.org
+++ b/crypto/rc2/rc2.org
@@ -90,7 +90,8 @@ typedef struct rc2_key_st
 void RC2_set_key(RC2_KEY *key, int len, unsigned char *data,int bits);
 void RC2_ecb_encrypt(unsigned char *in,unsigned char *out,RC2_KEY *key,
 	int enc);
-void RC2_encrypt(unsigned long *data,RC2_KEY *key,int enc);
+void RC2_encrypt(unsigned long *data,RC2_KEY *key);
+void RC2_decrypt(unsigned long *data,RC2_KEY *key);
 void RC2_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
 	RC2_KEY *ks, unsigned char *iv, int enc);
 void RC2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
@@ -103,6 +104,7 @@ void RC2_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
 void RC2_set_key();
 void RC2_ecb_encrypt();
 void RC2_encrypt();
+void RC2_decrypt();
 void RC2_cbc_encrypt();
 void RC2_cfb64_encrypt();
 void RC2_ofb64_encrypt();
diff --git a/crypto/rc2/rc2_cbc.c b/crypto/rc2/rc2_cbc.c
index 24e7759357..22e89f0441 100644
--- a/crypto/rc2/rc2_cbc.c
+++ b/crypto/rc2/rc2_cbc.c
@@ -1,5 +1,5 @@
 /* crypto/rc2/rc2_cbc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -85,7 +85,7 @@ int encrypt;
 			tin1^=tout1;
 			tin[0]=tin0;
 			tin[1]=tin1;
-			RC2_encrypt(tin,ks,RC2_ENCRYPT);
+			RC2_encrypt(tin,ks);
 			tout0=tin[0]; l2c(tout0,out);
 			tout1=tin[1]; l2c(tout1,out);
 			}
@@ -96,7 +96,7 @@ int encrypt;
 			tin1^=tout1;
 			tin[0]=tin0;
 			tin[1]=tin1;
-			RC2_encrypt(tin,ks,RC2_ENCRYPT);
+			RC2_encrypt(tin,ks);
 			tout0=tin[0]; l2c(tout0,out);
 			tout1=tin[1]; l2c(tout1,out);
 			}
@@ -112,7 +112,7 @@ int encrypt;
 			{
 			c2l(in,tin0); tin[0]=tin0;
 			c2l(in,tin1); tin[1]=tin1;
-			RC2_encrypt(tin,ks,RC2_DECRYPT);
+			RC2_decrypt(tin,ks);
 			tout0=tin[0]^xor0;
 			tout1=tin[1]^xor1;
 			l2c(tout0,out);
@@ -124,7 +124,7 @@ int encrypt;
 			{
 			c2l(in,tin0); tin[0]=tin0;
 			c2l(in,tin1); tin[1]=tin1;
-			RC2_encrypt(tin,ks,RC2_DECRYPT);
+			RC2_decrypt(tin,ks);
 			tout0=tin[0]^xor0;
 			tout1=tin[1]^xor1;
 			l2cn(tout0,tout1,out,l+8);
@@ -138,3 +138,98 @@ int encrypt;
 	tin[0]=tin[1]=0;
 	}
 
+void RC2_encrypt(d,key)
+unsigned long *d;
+RC2_KEY *key;
+	{
+	int i,n;
+	register RC2_INT *p0,*p1;
+	register RC2_INT x0,x1,x2,x3,t;
+	unsigned long l;
+
+	l=d[0];
+	x0=(RC2_INT)l&0xffff;
+	x1=(RC2_INT)(l>>16L);
+	l=d[1];
+	x2=(RC2_INT)l&0xffff;
+	x3=(RC2_INT)(l>>16L);
+
+	n=3;
+	i=5;
+
+	p0=p1= &(key->data[0]);
+	for (;;)
+		{
+		t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff;
+		x0=(t<<1)|(t>>15);
+		t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff;
+		x1=(t<<2)|(t>>14);
+		t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff;
+		x2=(t<<3)|(t>>13);
+		t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff;
+		x3=(t<<5)|(t>>11);
+
+		if (--i == 0)
+			{
+			if (--n == 0) break;
+			i=(n == 2)?6:5;
+
+			x0+=p1[x3&0x3f];
+			x1+=p1[x0&0x3f];
+			x2+=p1[x1&0x3f];
+			x3+=p1[x2&0x3f];
+			}
+		}
+
+	d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
+	d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
+	}
+
+void RC2_decrypt(d,key)
+unsigned long *d;
+RC2_KEY *key;
+	{
+	int i,n;
+	register RC2_INT *p0,*p1;
+	register RC2_INT x0,x1,x2,x3,t;
+	unsigned long l;
+
+	l=d[0];
+	x0=(RC2_INT)l&0xffff;
+	x1=(RC2_INT)(l>>16L);
+	l=d[1];
+	x2=(RC2_INT)l&0xffff;
+	x3=(RC2_INT)(l>>16L);
+
+	n=3;
+	i=5;
+
+	p0= &(key->data[63]);
+	p1= &(key->data[0]);
+	for (;;)
+		{
+		t=((x3<<11)|(x3>>5))&0xffff;
+		x3=(t-(x0& ~x2)-(x1&x2)- *(p0--))&0xffff;
+		t=((x2<<13)|(x2>>3))&0xffff;
+		x2=(t-(x3& ~x1)-(x0&x1)- *(p0--))&0xffff;
+		t=((x1<<14)|(x1>>2))&0xffff;
+		x1=(t-(x2& ~x0)-(x3&x0)- *(p0--))&0xffff;
+		t=((x0<<15)|(x0>>1))&0xffff;
+		x0=(t-(x1& ~x3)-(x2&x3)- *(p0--))&0xffff;
+
+		if (--i == 0)
+			{
+			if (--n == 0) break;
+			i=(n == 2)?6:5;
+
+			x3=(x3-p1[x2&0x3f])&0xffff;
+			x2=(x2-p1[x1&0x3f])&0xffff;
+			x1=(x1-p1[x0&0x3f])&0xffff;
+			x0=(x0-p1[x3&0x3f])&0xffff;
+			}
+		}
+
+	d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
+	d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
+	}
+
diff --git a/crypto/rc2/rc2_ecb.c b/crypto/rc2/rc2_ecb.c
index 65b5d3536a..96239cd4e0 100644
--- a/crypto/rc2/rc2_ecb.c
+++ b/crypto/rc2/rc2_ecb.c
@@ -1,5 +1,5 @@
 /* crypto/rc2/rc2_ecb.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -59,7 +59,7 @@
 #include "rc2.h"
 #include "rc2_locl.h"
 
-char *RC2_version="RC2 part of SSLeay 0.8.1b 29-Jun-1998";
+char *RC2_version="RC2 part of SSLeay 0.9.0b 29-Jun-1998";
 
 /* RC2 as implemented frm a posting from
  * Newsgroups: sci.crypt
@@ -79,85 +79,12 @@ int encrypt;
 
 	c2l(in,l); d[0]=l;
 	c2l(in,l); d[1]=l;
-	RC2_encrypt(d,ks,encrypt);
+	if (encrypt)
+		RC2_encrypt(d,ks);
+	else
+		RC2_decrypt(d,ks);
 	l=d[0]; l2c(l,out);
 	l=d[1]; l2c(l,out);
 	l=d[0]=d[1]=0;
 	}
 
-void RC2_encrypt(d,key,encrypt)
-unsigned long *d;
-RC2_KEY *key;
-int encrypt;
-	{
-	int i,n;
-	register RC2_INT *p0,*p1;
-	register RC2_INT x0,x1,x2,x3,t;
-	unsigned long l;
-
-	l=d[0];
-	x0=(RC2_INT)l&0xffff;
-	x1=(RC2_INT)(l>>16L);
-	l=d[1];
-	x2=(RC2_INT)l&0xffff;
-	x3=(RC2_INT)(l>>16L);
-
-	n=3;
-	i=5;
-	if (encrypt)
-		{
-		p0=p1= &(key->data[0]);
-		for (;;)
-			{
-			t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff;
-			x0=(t<<1)|(t>>15);
-			t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff;
-			x1=(t<<2)|(t>>14);
-			t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff;
-			x2=(t<<3)|(t>>13);
-			t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff;
-			x3=(t<<5)|(t>>11);
-
-			if (--i == 0)
-				{
-				if (--n == 0) break;
-				i=(n == 2)?6:5;
-
-				x0+=p1[x3&0x3f];
-				x1+=p1[x0&0x3f];
-				x2+=p1[x1&0x3f];
-				x3+=p1[x2&0x3f];
-				}
-			}
-		}
-	else
-		{
-		p0= &(key->data[63]);
-		p1= &(key->data[0]);
-		for (;;)
-			{
-			t=((x3<<11)|(x3>>5))&0xffff;
-			x3=(t-(x0& ~x2)-(x1&x2)- *(p0--))&0xffff;
-			t=((x2<<13)|(x2>>3))&0xffff;
-			x2=(t-(x3& ~x1)-(x0&x1)- *(p0--))&0xffff;
-			t=((x1<<14)|(x1>>2))&0xffff;
-			x1=(t-(x2& ~x0)-(x3&x0)- *(p0--))&0xffff;
-			t=((x0<<15)|(x0>>1))&0xffff;
-			x0=(t-(x1& ~x3)-(x2&x3)- *(p0--))&0xffff;
-
-			if (--i == 0)
-				{
-				if (--n == 0) break;
-				i=(n == 2)?6:5;
-
-				x3=(x3-p1[x2&0x3f])&0xffff;
-				x2=(x2-p1[x1&0x3f])&0xffff;
-				x1=(x1-p1[x0&0x3f])&0xffff;
-				x0=(x0-p1[x3&0x3f])&0xffff;
-				}
-			}
-		}
-
-	d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
-	d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
-	}
diff --git a/crypto/rc2/rc2_locl.h b/crypto/rc2/rc2_locl.h
index 05f45b0573..565cd17619 100644
--- a/crypto/rc2/rc2_locl.h
+++ b/crypto/rc2/rc2_locl.h
@@ -1,5 +1,5 @@
 /* crypto/rc2/rc2_locl.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -144,3 +144,13 @@
                          *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
                          *((c)++)=(unsigned char)(((l)     )&0xff))
 
+#define C_RC2(n) \
+	t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; \
+	x0=(t<<1)|(t>>15); \
+	t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; \
+	x1=(t<<2)|(t>>14); \
+	t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; \
+	x2=(t<<3)|(t>>13); \
+	t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; \
+	x3=(t<<5)|(t>>11);
+
diff --git a/crypto/rc2/rc2_skey.c b/crypto/rc2/rc2_skey.c
index cfc8a50cd9..0f1f253395 100644
--- a/crypto/rc2/rc2_skey.c
+++ b/crypto/rc2/rc2_skey.c
@@ -1,5 +1,5 @@
 /* crypto/rc2/rc2_skey.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/rc2/rc2cfb64.c b/crypto/rc2/rc2cfb64.c
index 44df3dc951..d409fb77e9 100644
--- a/crypto/rc2/rc2cfb64.c
+++ b/crypto/rc2/rc2cfb64.c
@@ -1,5 +1,5 @@
 /* crypto/rc2/rc2cfb64.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -88,7 +88,7 @@ int encrypt;
 				{
 				c2l(iv,v0); ti[0]=v0;
 				c2l(iv,v1); ti[1]=v1;
-				RC2_encrypt((unsigned long *)ti,schedule,RC2_ENCRYPT);
+				RC2_encrypt((unsigned long *)ti,schedule);
 				iv=(unsigned char *)ivec;
 				t=ti[0]; l2c(t,iv);
 				t=ti[1]; l2c(t,iv);
@@ -108,7 +108,7 @@ int encrypt;
 				{
 				c2l(iv,v0); ti[0]=v0;
 				c2l(iv,v1); ti[1]=v1;
-				RC2_encrypt((unsigned long *)ti,schedule,RC2_ENCRYPT);
+				RC2_encrypt((unsigned long *)ti,schedule);
 				iv=(unsigned char *)ivec;
 				t=ti[0]; l2c(t,iv);
 				t=ti[1]; l2c(t,iv);
diff --git a/crypto/rc2/rc2ofb64.c b/crypto/rc2/rc2ofb64.c
index 5df004bcec..4f09167447 100644
--- a/crypto/rc2/rc2ofb64.c
+++ b/crypto/rc2/rc2ofb64.c
@@ -1,5 +1,5 @@
 /* crypto/rc2/rc2ofb64.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -92,7 +92,7 @@ int *num;
 		{
 		if (n == 0)
 			{
-			RC2_encrypt((unsigned long *)ti,schedule,RC2_ENCRYPT);
+			RC2_encrypt((unsigned long *)ti,schedule);
 			dp=(char *)d;
 			t=ti[0]; l2c(t,dp);
 			t=ti[1]; l2c(t,dp);
diff --git a/crypto/rc2/rc2speed.c b/crypto/rc2/rc2speed.c
new file mode 100644
index 0000000000..6cd8ea8f27
--- /dev/null
+++ b/crypto/rc2/rc2speed.c
@@ -0,0 +1,293 @@
+/* crypto/rc2/rc2speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+	time_t tms_utime;
+	time_t tms_stime;
+	time_t tms_uchild;	/* I dunno...  */
+	time_t tms_uchildsys;	/* so these names are a guess :-) */
+	}
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "rc2.h"
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ	100.0
+#else /* VMS */
+#define HZ	100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE	((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+	{
+	signal(SIGALRM,sig_done);
+	run=0;
+#ifdef LINT
+	sig=sig;
+#endif
+	}
+#endif
+
+#define START	0
+#define STOP	1
+
+double Time_F(s)
+int s;
+	{
+	double ret;
+#ifdef TIMES
+	static struct tms tstart,tend;
+
+	if (s == START)
+		{
+		times(&tstart);
+		return(0);
+		}
+	else
+		{
+		times(&tend);
+		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#else /* !times() */
+	static struct timeb tstart,tend;
+	long i;
+
+	if (s == START)
+		{
+		ftime(&tstart);
+		return(0);
+		}
+	else
+		{
+		ftime(&tend);
+		i=(long)tend.millitm-(long)tstart.millitm;
+		ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#endif
+	}
+
+int main(argc,argv)
+int argc;
+char **argv;
+	{
+	long count;
+	static unsigned char buf[BUFSIZE];
+	static unsigned char key[] ={
+			0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+			0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+			};
+	RC2_KEY sch;
+	double a,b,c,d;
+#ifndef SIGALRM
+	long ca,cb,cc;
+#endif
+
+#ifndef TIMES
+	printf("To get the most acurate results, try to run this\n");
+	printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+	printf("First we calculate the approximate speed ...\n");
+	RC2_set_key(&sch,16,key,128);
+	count=10;
+	do	{
+		long i;
+		unsigned long data[2];
+
+		count*=2;
+		Time_F(START);
+		for (i=count; i; i--)
+			RC2_encrypt(data,&sch);
+		d=Time_F(STOP);
+		} while (d < 3.0);
+	ca=count/512;
+	cb=count;
+	cc=count*8/BUFSIZE+1;
+	printf("Doing RC2_set_key %ld times\n",ca);
+#define COND(d)	(count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c)	(run)
+#define COUNT(d) (count)
+	signal(SIGALRM,sig_done);
+	printf("Doing RC2_set_key for 10 seconds\n");
+	alarm(10);
+#endif
+
+	Time_F(START);
+	for (count=0,run=1; COND(ca); count+=4)
+		{
+		RC2_set_key(&sch,16,key,128);
+		RC2_set_key(&sch,16,key,128);
+		RC2_set_key(&sch,16,key,128);
+		RC2_set_key(&sch,16,key,128);
+		}
+	d=Time_F(STOP);
+	printf("%ld RC2_set_key's in %.2f seconds\n",count,d);
+	a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+	printf("Doing RC2_encrypt's for 10 seconds\n");
+	alarm(10);
+#else
+	printf("Doing RC2_encrypt %ld times\n",cb);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(cb); count+=4)
+		{
+		unsigned long data[2];
+
+		RC2_encrypt(data,&sch);
+		RC2_encrypt(data,&sch);
+		RC2_encrypt(data,&sch);
+		RC2_encrypt(data,&sch);
+		}
+	d=Time_F(STOP);
+	printf("%ld RC2_encrypt's in %.2f second\n",count,d);
+	b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+	printf("Doing RC2_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+		BUFSIZE);
+	alarm(10);
+#else
+	printf("Doing RC2_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+		BUFSIZE);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(cc); count++)
+		RC2_cbc_encrypt(buf,buf,BUFSIZE,&sch,
+			&(key[0]),RC2_ENCRYPT);
+	d=Time_F(STOP);
+	printf("%ld RC2_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+		count,BUFSIZE,d);
+	c=((double)COUNT(cc)*BUFSIZE)/d;
+
+	printf("RC2 set_key       per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+	printf("RC2 raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
+	printf("RC2 cbc     bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+	exit(0);
+#if defined(LINT) || defined(MSDOS)
+	return(0);
+#endif
+	}
diff --git a/crypto/rc2/rc2test.c b/crypto/rc2/rc2test.c
index 00e21ddd3a..9d0f8016ec 100644
--- a/crypto/rc2/rc2test.c
+++ b/crypto/rc2/rc2test.c
@@ -1,5 +1,5 @@
 /* crypto/rc2/rc2test.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/rc4/Makefile.ssl b/crypto/rc4/Makefile.ssl
index 2f40d4ed90..19c1e980f3 100644
--- a/crypto/rc4/Makefile.ssl
+++ b/crypto/rc4/Makefile.ssl
@@ -13,6 +13,13 @@ MAKEDEPEND=	makedepend -f Makefile.ssl
 MAKEFILE=	Makefile.ssl
 AR=		ar r
 
+RC4_ENC=rc4_enc.o
+# or use
+#RC4_ENC=asm/rx86-elf.o
+#RC4_ENC=asm/rx86-out.o
+#RC4_ENC=asm/rx86-sol.o
+#RC4_ENC=asm/rx86bdsi.o
+
 CFLAGS= $(INCLUDES) $(CFLAG)
 
 GENERAL=Makefile
@@ -20,13 +27,13 @@ TEST=rc4test.c
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC=rc4_enc.c
-LIBOBJ=rc4_enc.o
+LIBSRC=rc4_skey.c rc4_enc.c
+LIBOBJ=rc4_skey.o $(RC4_ENC)
 
 SRC= $(LIBSRC)
 
 EXHEADER= rc4.h
-HEADER=	$(EXHEADER)
+HEADER=	$(EXHEADER) rc4_locl.h
 
 ALL=    $(GENERAL) $(SRC) $(HEADER)
 
@@ -40,6 +47,27 @@ lib:	$(LIBOBJ)
 	sh $(TOP)/util/ranlib.sh $(LIB)
 	@touch lib
 
+# elf
+asm/rx86-elf.o: asm/rx86unix.cpp
+	$(CPP) -DELF asm/rx86unix.cpp | as -o asm/rx86-elf.o
+
+# solaris
+asm/rx86-sol.o: asm/rx86unix.cpp
+	$(CC) -E -DSOL asm/rx86unix.cpp | sed 's/^#.*//' > asm/rx86-sol.s
+	as -o asm/rx86-sol.o asm/rx86-sol.s
+	rm -f asm/rx86-sol.s
+
+# a.out
+asm/rx86-out.o: asm/rx86unix.cpp
+	$(CPP) -DOUT asm/rx86unix.cpp | as -o asm/rx86-out.o
+
+# bsdi
+asm/rx86bsdi.o: asm/rx86unix.cpp
+	$(CPP) -DBSDI asm/rx86unix.cpp | as -o asm/rx86bsdi.o
+
+asm/rx86unix.cpp:
+	(cd asm; perl rc4-586.pl cpp >rx86unix.cpp)
+
 files:
 	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
@@ -73,7 +101,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
 
 errors:
 
diff --git a/crypto/rc4/Makefile.uni b/crypto/rc4/Makefile.uni
new file mode 100644
index 0000000000..79dc17b8d1
--- /dev/null
+++ b/crypto/rc4/Makefile.uni
@@ -0,0 +1,102 @@
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+# make x86-elf  - linux-elf etc
+# make x86-out  - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+DIR=    rc4
+TOP=    .
+CC=     gcc
+CFLAG=	-O3 -fomit-frame-pointer
+
+CPP=    $(CC) -E
+INCLUDES=
+INSTALLTOP=/usr/local/lib
+MAKE=           make
+MAKEDEPEND=     makedepend
+MAKEFILE=       Makefile.uni
+AR=             ar r
+
+RC4_ENC=rc4_enc.o
+# or use
+#RC4_ENC=asm/rx86-elf.o
+#RC4_ENC=asm/rx86-out.o
+#RC4_ENC=asm/rx86-sol.o
+#RC4_ENC=asm/rx86bdsi.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rc4test
+APPS=rc4speed
+
+LIB=librc4.a
+LIBSRC=rc4_skey.c rc4_enc.c
+LIBOBJ=rc4_skey.o $(RC4_ENC)
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc4.h
+HEADER= $(EXHEADER) rc4_locl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+all:    $(LIB) $(TEST) $(APPS)
+
+$(LIB):    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/ranlib.sh $(LIB)
+
+# elf
+asm/rx86-elf.o: asm/rx86unix.cpp
+	$(CPP) -DELF asm/rx86unix.cpp | as -o asm/rx86-elf.o
+
+# solaris
+asm/rx86-sol.o: asm/rx86unix.cpp
+	$(CC) -E -DSOL asm/rx86unix.cpp | sed 's/^#.*//' > asm/rx86-sol.s
+	as -o asm/rx86-sol.o asm/rx86-sol.s
+	rm -f asm/rx86-sol.s
+
+# a.out
+asm/rx86-out.o: asm/rx86unix.cpp
+	$(CPP) -DOUT asm/rx86unix.cpp | as -o asm/rx86-out.o
+
+# bsdi
+asm/rx86bsdi.o: asm/rx86unix.cpp
+	$(CPP) -DBSDI asm/rx86unix.cpp | as -o asm/rx86bsdi.o
+
+asm/rx86unix.cpp:
+	(cd asm; perl rc4-586.pl cpp >rx86unix.cpp)
+
+test:	$(TEST)
+	./$(TEST)
+
+$(TEST): $(TEST).c $(LIB)
+	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
+
+$(APPS): $(APPS).c $(LIB)
+	$(CC) -o $(APPS) $(CFLAGS) $(APPS).c $(LIB)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+cc:
+	$(MAKE) CC="cc" CFLAG="-O" all
+
+gcc:
+	$(MAKE) CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/rc4/asm/r4-win32.asm b/crypto/rc4/asm/r4-win32.asm
new file mode 100644
index 0000000000..70b0f7484c
--- /dev/null
+++ b/crypto/rc4/asm/r4-win32.asm
@@ -0,0 +1,314 @@
+	; Don't even think of reading this code
+	; It was automatically generated by rc4-586.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, BSDI,Win32, or Solaris
+	; eric <eay@cryptsoft.com>
+	; 
+	TITLE	rc4-586.asm
+        .386
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_RC4
+
+_RC4 PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	mov	ebp,		DWORD PTR 12[esp]
+	mov	ebx,		DWORD PTR 16[esp]
+	push	esi
+	push	edi
+	mov	ecx,		DWORD PTR [ebp]
+	mov	edx,		DWORD PTR 4[ebp]
+	mov	esi,		DWORD PTR 28[esp]
+	inc	ecx
+	sub	esp,		12
+	add	ebp,		8
+	and	ecx,		255
+	lea	ebx,		DWORD PTR [esi+ebx-8]
+	mov	edi,		DWORD PTR 44[esp]
+	mov	DWORD PTR 8[esp],ebx
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	cmp	ebx,		esi
+	jl	$L000end
+L001start:
+	add	esi,		8
+	; Round 0
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	mov	BYTE PTR [esp],	bl
+	; Round 1
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	mov	BYTE PTR 1[esp],bl
+	; Round 2
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	mov	BYTE PTR 2[esp],bl
+	; Round 3
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	mov	BYTE PTR 3[esp],bl
+	; Round 4
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	mov	BYTE PTR 4[esp],bl
+	; Round 5
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	mov	BYTE PTR 5[esp],bl
+	; Round 6
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	mov	BYTE PTR 6[esp],bl
+	; Round 7
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	add	edi,		8
+	mov	BYTE PTR 7[esp],bl
+	; apply the cipher text
+	mov	eax,		DWORD PTR [esp]
+	mov	ebx,		DWORD PTR [esi-8]
+	xor	eax,		ebx
+	mov	ebx,		DWORD PTR [esi-4]
+	mov	DWORD PTR [edi-8],eax
+	mov	eax,		DWORD PTR 4[esp]
+	xor	eax,		ebx
+	mov	ebx,		DWORD PTR 8[esp]
+	mov	DWORD PTR [edi-4],eax
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	cmp	esi,		ebx
+	jle	L001start
+$L000end:
+	; Round 0
+	add	ebx,		8
+	inc	esi
+	cmp	ebx,		esi
+	jl	$L002finished
+	mov	DWORD PTR 8[esp],ebx
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	mov	bh,		BYTE PTR [esi-1]
+	xor	bl,		bh
+	mov	BYTE PTR [edi],	bl
+	; Round 1
+	mov	ebx,		DWORD PTR 8[esp]
+	cmp	ebx,		esi
+	jle	$L002finished
+	inc	esi
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	mov	bh,		BYTE PTR [esi-1]
+	xor	bl,		bh
+	mov	BYTE PTR 1[edi],bl
+	; Round 2
+	mov	ebx,		DWORD PTR 8[esp]
+	cmp	ebx,		esi
+	jle	$L002finished
+	inc	esi
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	mov	bh,		BYTE PTR [esi-1]
+	xor	bl,		bh
+	mov	BYTE PTR 2[edi],bl
+	; Round 3
+	mov	ebx,		DWORD PTR 8[esp]
+	cmp	ebx,		esi
+	jle	$L002finished
+	inc	esi
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	mov	bh,		BYTE PTR [esi-1]
+	xor	bl,		bh
+	mov	BYTE PTR 3[edi],bl
+	; Round 4
+	mov	ebx,		DWORD PTR 8[esp]
+	cmp	ebx,		esi
+	jle	$L002finished
+	inc	esi
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	mov	bh,		BYTE PTR [esi-1]
+	xor	bl,		bh
+	mov	BYTE PTR 4[edi],bl
+	; Round 5
+	mov	ebx,		DWORD PTR 8[esp]
+	cmp	ebx,		esi
+	jle	$L002finished
+	inc	esi
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	mov	eax,		DWORD PTR [ecx*4+ebp]
+	mov	bh,		BYTE PTR [esi-1]
+	xor	bl,		bh
+	mov	BYTE PTR 5[edi],bl
+	; Round 6
+	mov	ebx,		DWORD PTR 8[esp]
+	cmp	ebx,		esi
+	jle	$L002finished
+	inc	esi
+	add	edx,		eax
+	and	edx,		255
+	inc	ecx
+	mov	ebx,		DWORD PTR [edx*4+ebp]
+	mov	DWORD PTR [ecx*4+ebp-4],ebx
+	add	ebx,		eax
+	and	ecx,		255
+	and	ebx,		255
+	mov	DWORD PTR [edx*4+ebp],eax
+	nop
+	mov	ebx,		DWORD PTR [ebx*4+ebp]
+	mov	bh,		BYTE PTR [esi-1]
+	xor	bl,		bh
+	mov	BYTE PTR 6[edi],bl
+$L002finished:
+	dec	ecx
+	add	esp,		12
+	mov	DWORD PTR [ebp-4],edx
+	mov	BYTE PTR [ebp-8],cl
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_RC4 ENDP
+_TEXT	ENDS
+END
diff --git a/crypto/rc4/asm/rc4-586.pl b/crypto/rc4/asm/rc4-586.pl
new file mode 100644
index 0000000000..7ef889e5a1
--- /dev/null
+++ b/crypto/rc4/asm/rc4-586.pl
@@ -0,0 +1,173 @@
+#!/usr/local/bin/perl
+
+# define for pentium pro friendly version
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"rc4-586.pl");
+
+$tx="eax";
+$ty="ebx";
+$x="ecx";
+$y="edx";
+$in="esi";
+$out="edi";
+$d="ebp";
+
+&RC4("RC4");
+
+&asm_finish();
+
+sub RC4_loop
+	{
+	local($n,$p,$char)=@_;
+
+	&comment("Round $n");
+
+	if ($char)
+		{
+		if ($p >= 0)
+			{
+			 &mov($ty,	&swtmp(2));
+			&cmp($ty,	$in);
+			 &jle(&label("finished"));
+			&inc($in);
+			}
+		else
+			{
+			&add($ty,	8);
+			 &inc($in);
+			&cmp($ty,	$in);
+			 &jl(&label("finished"));
+			&mov(&swtmp(2),	$ty);
+			}
+		}
+	# Moved out
+	# &mov(	$tx,		&DWP(0,$d,$x,4)) if $p < 0;
+
+	 &add(	$y,		$tx);
+	&and(	$y,		0xff);
+	 &inc(	$x);			# NEXT ROUND 
+	&mov(	$ty,		&DWP(0,$d,$y,4));
+	 # XXX
+	&mov(	&DWP(-4,$d,$x,4),$ty);			# AGI
+	 &add(	$ty,		$tx);
+	&and(	$x,		0xff);	# NEXT ROUND
+	 &and(	$ty,		0xff);
+	&mov(	&DWP(0,$d,$y,4),$tx);
+	 &nop();
+	&mov(	$ty,		&DWP(0,$d,$ty,4));
+	 &mov(	$tx,		&DWP(0,$d,$x,4)) if $p < 1; # NEXT ROUND
+	 # XXX
+
+	if (!$char)
+		{
+		#moved up into last round
+		if ($p >= 1)
+			{
+			&add(	$out,	8)
+			}
+		&movb(	&BP($n,"esp","",0),	&LB($ty));
+		}
+	else
+		{
+		# Note in+=8 has occured
+		&movb(	&HB($ty),	&BP(-1,$in,"",0));
+		 # XXX
+		&xorb(&LB($ty),		&HB($ty));
+		 # XXX
+		&movb(&BP($n,$out,"",0),&LB($ty));
+		}
+	}
+
+
+sub RC4
+	{
+	local($name)=@_;
+
+	&function_begin_B($name,"");
+
+	&comment("");
+
+	&push("ebp");
+	 &push("ebx");
+	&mov(	$d,	&wparam(0));	# key
+	 &mov(	$ty,	&wparam(1));	# num
+	&push("esi");
+	 &push("edi");
+
+	&mov(	$x,	&DWP(0,$d,"",1));
+	 &mov(	$y,	&DWP(4,$d,"",1));
+
+	&mov(	$in,	&wparam(2));
+	 &inc(	$x);
+
+	&stack_push(3);	# 3 temp variables
+	 &add(	$d,	8);
+	&and(	$x,		0xff);
+
+	 &lea(	$ty,	&DWP(-8,$ty,$in));
+
+	# check for 0 length input
+
+	&mov(	$out,	&wparam(3));
+	 &mov(	&swtmp(2),	$ty);	# this is now address to exit at
+	&mov(	$tx,	&DWP(0,$d,$x,4));
+
+	 &cmp(	$ty,	$in);
+	&jl(	&label("end")); # less than 8 bytes
+
+	&set_label("start");
+
+	# filling DELAY SLOT
+	&add(	$in,	8);
+
+	&RC4_loop(0,-1,0);
+	&RC4_loop(1,0,0);
+	&RC4_loop(2,0,0);
+	&RC4_loop(3,0,0);
+	&RC4_loop(4,0,0);
+	&RC4_loop(5,0,0);
+	&RC4_loop(6,0,0);
+	&RC4_loop(7,1,0);
+	
+	&comment("apply the cipher text");
+	# xor the cipher data with input
+
+	#&add(	$out,	8); #moved up into last round
+
+	&mov(	$tx,	&swtmp(0));
+	 &mov(	$ty,	&DWP(-8,$in,"",0));
+	&xor(	$tx,	$ty);
+	 &mov(	$ty,	&DWP(-4,$in,"",0)); 
+	&mov(	&DWP(-8,$out,"",0),	$tx);
+	 &mov(	$tx,	&swtmp(1));
+	&xor(	$tx,	$ty);
+	 &mov(	$ty,	&swtmp(2));	# load end ptr;
+	&mov(	&DWP(-4,$out,"",0),	$tx);
+	 &mov(	$tx,		&DWP(0,$d,$x,4));
+	&cmp($in,	$ty);
+	 &jle(&label("start"));
+
+	&set_label("end");
+
+	# There is quite a bit of extra crap in RC4_loop() for this
+	# first round
+	&RC4_loop(0,-1,1);
+	&RC4_loop(1,0,1);
+	&RC4_loop(2,0,1);
+	&RC4_loop(3,0,1);
+	&RC4_loop(4,0,1);
+	&RC4_loop(5,0,1);
+	&RC4_loop(6,1,1);
+
+	&set_label("finished");
+	&dec(	$x);
+	 &stack_pop(3);
+	&mov(	&DWP(-4,$d,"",0),$y);
+	 &movb(	&BP(-8,$d,"",0),&LB($x));
+
+	&function_end($name);
+	}
+
diff --git a/crypto/rc4/asm/rx86unix.cpp b/crypto/rc4/asm/rx86unix.cpp
new file mode 100644
index 0000000000..ec1d72a110
--- /dev/null
+++ b/crypto/rc4/asm/rx86unix.cpp
@@ -0,0 +1,358 @@
+/* Run the C pre-processor over this file with one of the following defined
+ * ELF - elf object files,
+ * OUT - a.out object files,
+ * BSDI - BSDI style a.out object files
+ * SOL - Solaris style elf
+ */
+
+#define TYPE(a,b)       .type   a,b
+#define SIZE(a,b)       .size   a,b
+
+#if defined(OUT) || defined(BSDI)
+#define RC4 _RC4
+
+#endif
+
+#ifdef OUT
+#define OK	1
+#define ALIGN	4
+#endif
+
+#ifdef BSDI
+#define OK              1
+#define ALIGN           4
+#undef SIZE
+#undef TYPE
+#define SIZE(a,b)
+#define TYPE(a,b)
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK              1
+#define ALIGN           16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+/* Let the Assembler begin :-) */
+	/* Don't even think of reading this code */
+	/* It was automatically generated by rc4-586.pl */
+	/* Which is a perl program used to generate the x86 assember for */
+	/* any of elf, a.out, BSDI,Win32, or Solaris */
+	/* eric <eay@cryptsoft.com> */
+
+	.file	"rc4-586.s"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align ALIGN
+.globl RC4
+	TYPE(RC4,@function)
+RC4:
+
+	pushl	%ebp
+	pushl	%ebx
+	movl	12(%esp),	%ebp
+	movl	16(%esp),	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	(%ebp),		%ecx
+	movl	4(%ebp),	%edx
+	movl	28(%esp),	%esi
+	incl	%ecx
+	subl	$12,		%esp
+	addl	$8,		%ebp
+	andl	$255,		%ecx
+	leal	-8(%ebx,%esi,),	%ebx
+	movl	44(%esp),	%edi
+	movl	%ebx,		8(%esp)
+	movl	(%ebp,%ecx,4),	%eax
+	cmpl	%esi,		%ebx
+	jl	.L000end
+.L001start:
+	addl	$8,		%esi
+	/* Round 0 */
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	movl	(%ebp,%ecx,4),	%eax
+	movb	%bl,		(%esp)
+	/* Round 1 */
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	movl	(%ebp,%ecx,4),	%eax
+	movb	%bl,		1(%esp)
+	/* Round 2 */
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	movl	(%ebp,%ecx,4),	%eax
+	movb	%bl,		2(%esp)
+	/* Round 3 */
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	movl	(%ebp,%ecx,4),	%eax
+	movb	%bl,		3(%esp)
+	/* Round 4 */
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	movl	(%ebp,%ecx,4),	%eax
+	movb	%bl,		4(%esp)
+	/* Round 5 */
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	movl	(%ebp,%ecx,4),	%eax
+	movb	%bl,		5(%esp)
+	/* Round 6 */
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	movl	(%ebp,%ecx,4),	%eax
+	movb	%bl,		6(%esp)
+	/* Round 7 */
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	addl	$8,		%edi
+	movb	%bl,		7(%esp)
+	/* apply the cipher text */
+	movl	(%esp),		%eax
+	movl	-8(%esi),	%ebx
+	xorl	%ebx,		%eax
+	movl	-4(%esi),	%ebx
+	movl	%eax,		-8(%edi)
+	movl	4(%esp),	%eax
+	xorl	%ebx,		%eax
+	movl	8(%esp),	%ebx
+	movl	%eax,		-4(%edi)
+	movl	(%ebp,%ecx,4),	%eax
+	cmpl	%ebx,		%esi
+	jle	.L001start
+.L000end:
+	/* Round 0 */
+	addl	$8,		%ebx
+	incl	%esi
+	cmpl	%esi,		%ebx
+	jl	.L002finished
+	movl	%ebx,		8(%esp)
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	movl	(%ebp,%ecx,4),	%eax
+	movb	-1(%esi),	%bh
+	xorb	%bh,		%bl
+	movb	%bl,		(%edi)
+	/* Round 1 */
+	movl	8(%esp),	%ebx
+	cmpl	%esi,		%ebx
+	jle	.L002finished
+	incl	%esi
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	movl	(%ebp,%ecx,4),	%eax
+	movb	-1(%esi),	%bh
+	xorb	%bh,		%bl
+	movb	%bl,		1(%edi)
+	/* Round 2 */
+	movl	8(%esp),	%ebx
+	cmpl	%esi,		%ebx
+	jle	.L002finished
+	incl	%esi
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	movl	(%ebp,%ecx,4),	%eax
+	movb	-1(%esi),	%bh
+	xorb	%bh,		%bl
+	movb	%bl,		2(%edi)
+	/* Round 3 */
+	movl	8(%esp),	%ebx
+	cmpl	%esi,		%ebx
+	jle	.L002finished
+	incl	%esi
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	movl	(%ebp,%ecx,4),	%eax
+	movb	-1(%esi),	%bh
+	xorb	%bh,		%bl
+	movb	%bl,		3(%edi)
+	/* Round 4 */
+	movl	8(%esp),	%ebx
+	cmpl	%esi,		%ebx
+	jle	.L002finished
+	incl	%esi
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	movl	(%ebp,%ecx,4),	%eax
+	movb	-1(%esi),	%bh
+	xorb	%bh,		%bl
+	movb	%bl,		4(%edi)
+	/* Round 5 */
+	movl	8(%esp),	%ebx
+	cmpl	%esi,		%ebx
+	jle	.L002finished
+	incl	%esi
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	movl	(%ebp,%ecx,4),	%eax
+	movb	-1(%esi),	%bh
+	xorb	%bh,		%bl
+	movb	%bl,		5(%edi)
+	/* Round 6 */
+	movl	8(%esp),	%ebx
+	cmpl	%esi,		%ebx
+	jle	.L002finished
+	incl	%esi
+	addl	%eax,		%edx
+	andl	$255,		%edx
+	incl	%ecx
+	movl	(%ebp,%edx,4),	%ebx
+	movl	%ebx,		-4(%ebp,%ecx,4)
+	addl	%eax,		%ebx
+	andl	$255,		%ecx
+	andl	$255,		%ebx
+	movl	%eax,		(%ebp,%edx,4)
+	nop
+	movl	(%ebp,%ebx,4),	%ebx
+	movb	-1(%esi),	%bh
+	xorb	%bh,		%bl
+	movb	%bl,		6(%edi)
+.L002finished:
+	decl	%ecx
+	addl	$12,		%esp
+	movl	%edx,		-4(%ebp)
+	movb	%cl,		-8(%ebp)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.RC4_end:
+	SIZE(RC4,.RC4_end-RC4)
+.ident	"RC4"
diff --git a/crypto/rc4/rc4.c b/crypto/rc4/rc4.c
index 37965d5262..127e8a5093 100644
--- a/crypto/rc4/rc4.c
+++ b/crypto/rc4/rc4.c
@@ -1,5 +1,5 @@
 /* crypto/rc4/rc4.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/rc4/rc4_enc.c b/crypto/rc4/rc4_enc.c
index de57a970bf..ab8a111b52 100644
--- a/crypto/rc4/rc4_enc.c
+++ b/crypto/rc4/rc4_enc.c
@@ -1,5 +1,5 @@
-/* crypto/rc4/rc4_enc.org */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* crypto/rc4/rc4_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -56,35 +56,8 @@
  * [including the GNU Public Licence.]
  */
 
-/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- *
- * Always modify rc4_enc.org since rc4_enc.c is automatically generated from
- * it during SSLeay configuration.
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 
- */
-
 #include "rc4.h"
-
-/* if this is defined data[i] is used instead of *data, this is a %20
- * speedup on x86 */
-#undef RC4_INDEX
-
-char *RC4_version="RC4 part of SSLeay 0.8.1a 24-Jun-1998";
-
-char *RC4_options()
-	{
-#ifdef RC4_INDEX
-	if (sizeof(RC4_INT) == 1)
-		return("rc4(idx,char)");
-	else
-		return("rc4(idx,int)");
-#else
-	if (sizeof(RC4_INT) == 1)
-		return("rc4(ptr,char)");
-	else
-		return("rc4(ptr,int)");
-#endif
-	}
+#include "rc4_locl.h"
 
 /* RC4 as implemented from a posting from
  * Newsgroups: sci.crypt
@@ -94,39 +67,6 @@ char *RC4_options()
  * Date: Wed, 14 Sep 1994 06:35:31 GMT
  */
 
-void RC4_set_key(key, len, data)
-RC4_KEY *key;
-int len;
-register unsigned char *data;
-	{
-        register RC4_INT tmp;
-        register int id1,id2;
-        register RC4_INT *d;
-        unsigned int i;
-        
-        d= &(key->data[0]);
-	for (i=0; i<256; i++)
-		d[i]=i;
-        key->x = 0;     
-        key->y = 0;     
-        id1=id2=0;     
-
-#define SK_LOOP(n) { \
-		tmp=d[(n)]; \
-		id2 = (data[id1] + tmp + id2) & 0xff; \
-		if (++id1 == len) id1=0; \
-		d[(n)]=d[id2]; \
-		d[id2]=tmp; }
-
-	for (i=0; i < 256; i+=4)
-		{
-		SK_LOOP(i+0);
-		SK_LOOP(i+1);
-		SK_LOOP(i+2);
-		SK_LOOP(i+3);
-		}
-	}
-    
 void RC4(key, len, indata, outdata)
 RC4_KEY *key;
 unsigned long len;
diff --git a/crypto/rc4/rc4_locl.h b/crypto/rc4/rc4_locl.h
new file mode 100644
index 0000000000..1ef4455fb7
--- /dev/null
+++ b/crypto/rc4/rc4_locl.h
@@ -0,0 +1,70 @@
+/* crypto/rc4/rc4_locl.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify bf_locl.org since bf_locl.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+
diff --git a/crypto/rc4/rc4_locl.org b/crypto/rc4/rc4_locl.org
new file mode 100644
index 0000000000..1ef4455fb7
--- /dev/null
+++ b/crypto/rc4/rc4_locl.org
@@ -0,0 +1,70 @@
+/* crypto/rc4/rc4_locl.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify bf_locl.org since bf_locl.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+
diff --git a/crypto/rc4/rc4_skey.c b/crypto/rc4/rc4_skey.c
new file mode 100644
index 0000000000..0be5fde67b
--- /dev/null
+++ b/crypto/rc4/rc4_skey.c
@@ -0,0 +1,119 @@
+/* crypto/rc4/rc4_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc4.h"
+#include "rc4_locl.h"
+
+char *RC4_version="RC4 part of SSLeay 0.9.0b 29-Jun-1998";
+
+char *RC4_options()
+	{
+#ifdef RC4_INDEX
+	if (sizeof(RC4_INT) == 1)
+		return("rc4(idx,char)");
+	else
+		return("rc4(idx,int)");
+#else
+	if (sizeof(RC4_INT) == 1)
+		return("rc4(ptr,char)");
+	else
+		return("rc4(ptr,int)");
+#endif
+	}
+
+/* RC4 as implemented from a posting from
+ * Newsgroups: sci.crypt
+ * From: sterndark@netcom.com (David Sterndark)
+ * Subject: RC4 Algorithm revealed.
+ * Message-ID: <sternCvKL4B.Hyy@netcom.com>
+ * Date: Wed, 14 Sep 1994 06:35:31 GMT
+ */
+
+void RC4_set_key(key, len, data)
+RC4_KEY *key;
+int len;
+register unsigned char *data;
+	{
+        register RC4_INT tmp;
+        register int id1,id2;
+        register RC4_INT *d;
+        unsigned int i;
+        
+        d= &(key->data[0]);
+	for (i=0; i<256; i++)
+		d[i]=i;
+        key->x = 0;     
+        key->y = 0;     
+        id1=id2=0;     
+
+#define SK_LOOP(n) { \
+		tmp=d[(n)]; \
+		id2 = (data[id1] + tmp + id2) & 0xff; \
+		if (++id1 == len) id1=0; \
+		d[(n)]=d[id2]; \
+		d[id2]=tmp; }
+
+	for (i=0; i < 256; i+=4)
+		{
+		SK_LOOP(i+0);
+		SK_LOOP(i+1);
+		SK_LOOP(i+2);
+		SK_LOOP(i+3);
+		}
+	}
+    
diff --git a/crypto/rc4/rc4s.cpp b/crypto/rc4/rc4s.cpp
new file mode 100644
index 0000000000..39f1727dd3
--- /dev/null
+++ b/crypto/rc4/rc4s.cpp
@@ -0,0 +1,73 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "rc4.h"
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[1024];
+	RC4_KEY ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=64,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=256;
+	if (num > 1024-16) num=1024-16;
+	numm=num+8;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			RC4(&ctx,numm,buffer,buffer);
+			GetTSC(s1);
+			RC4(&ctx,numm,buffer,buffer);
+			GetTSC(e1);
+			GetTSC(s2);
+			RC4(&ctx,num,buffer,buffer);
+			GetTSC(e2);
+			RC4(&ctx,num,buffer,buffer);
+			}
+
+		printf("RC4 (%d bytes) %d %d (%d) - 8 bytes\n",num,
+			e1-s1,e2-s2,(e1-s1)-(e2-s2));
+		}
+	}
+
diff --git a/crypto/rc4/rc4speed.c b/crypto/rc4/rc4speed.c
new file mode 100644
index 0000000000..5298dad6d0
--- /dev/null
+++ b/crypto/rc4/rc4speed.c
@@ -0,0 +1,269 @@
+/* crypto/rc4/rc4speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+	time_t tms_utime;
+	time_t tms_stime;
+	time_t tms_uchild;	/* I dunno...  */
+	time_t tms_uchildsys;	/* so these names are a guess :-) */
+	}
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "rc4.h"
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ	100.0
+#else /* VMS */
+#define HZ	100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE	((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+	{
+	signal(SIGALRM,sig_done);
+	run=0;
+#ifdef LINT
+	sig=sig;
+#endif
+	}
+#endif
+
+#define START	0
+#define STOP	1
+
+double Time_F(s)
+int s;
+	{
+	double ret;
+#ifdef TIMES
+	static struct tms tstart,tend;
+
+	if (s == START)
+		{
+		times(&tstart);
+		return(0);
+		}
+	else
+		{
+		times(&tend);
+		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#else /* !times() */
+	static struct timeb tstart,tend;
+	long i;
+
+	if (s == START)
+		{
+		ftime(&tstart);
+		return(0);
+		}
+	else
+		{
+		ftime(&tend);
+		i=(long)tend.millitm-(long)tstart.millitm;
+		ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#endif
+	}
+
+int main(argc,argv)
+int argc;
+char **argv;
+	{
+	long count;
+	static unsigned char buf[BUFSIZE];
+	static unsigned char key[] ={
+			0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+			0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+			};
+	RC4_KEY sch;
+	double a,b,c,d;
+#ifndef SIGALRM
+	long ca,cb,cc;
+#endif
+
+#ifndef TIMES
+	printf("To get the most acurate results, try to run this\n");
+	printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+	printf("First we calculate the approximate speed ...\n");
+	RC4_set_key(&sch,16,key);
+	count=10;
+	do	{
+		long i;
+		unsigned long data[2];
+
+		count*=2;
+		Time_F(START);
+		for (i=count; i; i--)
+			RC4(&sch,8,buf,buf);
+		d=Time_F(STOP);
+		} while (d < 3.0);
+	ca=count/512;
+	cc=count*8/BUFSIZE+1;
+	printf("Doing RC4_set_key %ld times\n",ca);
+#define COND(d)	(count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c)	(run)
+#define COUNT(d) (count)
+	signal(SIGALRM,sig_done);
+	printf("Doing RC4_set_key for 10 seconds\n");
+	alarm(10);
+#endif
+
+	Time_F(START);
+	for (count=0,run=1; COND(ca); count+=4)
+		{
+		RC4_set_key(&sch,16,key);
+		RC4_set_key(&sch,16,key);
+		RC4_set_key(&sch,16,key);
+		RC4_set_key(&sch,16,key);
+		}
+	d=Time_F(STOP);
+	printf("%ld RC4_set_key's in %.2f seconds\n",count,d);
+	a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+	printf("Doing RC4 on %ld byte blocks for 10 seconds\n",BUFSIZE);
+	alarm(10);
+#else
+	printf("Doing RC4 %ld times on %ld byte blocks\n",cc,BUFSIZE);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(cc); count++)
+		RC4(&sch,BUFSIZE,buf,buf);
+	d=Time_F(STOP);
+	printf("%ld RC4's of %ld byte blocks in %.2f second\n",
+		count,BUFSIZE,d);
+	c=((double)COUNT(cc)*BUFSIZE)/d;
+
+	printf("RC4 set_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+	printf("RC4   bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+	exit(0);
+#if defined(LINT) || defined(MSDOS)
+	return(0);
+#endif
+	}
+
diff --git a/crypto/rc4/rc4test.c b/crypto/rc4/rc4test.c
index aa4053e644..041e1aff95 100644
--- a/crypto/rc4/rc4test.c
+++ b/crypto/rc4/rc4test.c
@@ -1,5 +1,5 @@
 /* crypto/rc4/rc4test.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -61,27 +61,43 @@
 #include <string.h>
 #include "rc4.h"
 
-unsigned char keys[6][11]={
+unsigned char keys[7][30]={
 	{8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
 	{8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
 	{8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
 	{4,0xef,0x01,0x23,0x45},
 	{8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+	{4,0xef,0x01,0x23,0x45},
 	};
 
-unsigned char data[6][11]={
-	{8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
-	{8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
-	{10,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+unsigned char data_len[7]={8,8,8,20,28,10};
+unsigned char data[7][30]={
+	{0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xff},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	   0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	   0x00,0x00,0x00,0x00,0xff},
+	{0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0,
+	   0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0,
+	   0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0,
+	   0x12,0x34,0x56,0x78,0xff},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff},
 	{0},
 	};
 
-unsigned char output[6][11]={
-	{0x75,0xb7,0x87,0x80,0x99,0xe0,0xc5,0x96},
-	{0x74,0x94,0xc2,0xe7,0x10,0x4b,0x08,0x79},
-	{0xde,0x18,0x89,0x41,0xa3,0x37,0x5d,0x3a},
-	{0xd6,0xa1,0x41,0xa7,0xec,0x3c,0x38,0xdf,0xbd,0x61},
+unsigned char output[7][30]={
+	{0x75,0xb7,0x87,0x80,0x99,0xe0,0xc5,0x96,0x00},
+	{0x74,0x94,0xc2,0xe7,0x10,0x4b,0x08,0x79,0x00},
+	{0xde,0x18,0x89,0x41,0xa3,0x37,0x5d,0x3a,0x00},
+	{0xd6,0xa1,0x41,0xa7,0xec,0x3c,0x38,0xdf,
+	 0xbd,0x61,0x5a,0x11,0x62,0xe1,0xc7,0xba,
+	 0x36,0xb6,0x78,0x58,0x00},
+	{0x66,0xa0,0x94,0x9f,0x8a,0xf7,0xd6,0x89,
+	 0x1f,0x7f,0x83,0x2b,0xa8,0x33,0xc0,0x0c,
+	 0x89,0x2e,0xbe,0x30,0x14,0x3c,0xe2,0x87,
+	 0x40,0x01,0x1e,0xcf,0x00},
+	{0xd6,0xa1,0x41,0xa7,0xec,0x3c,0x38,0xdf,0xbd,0x61,0x00},
 	{0},
 	};
 
@@ -90,27 +106,28 @@ int argc;
 char *argv[];
 	{
 	int i,err=0;
-	unsigned int j;
+	int j;
 	unsigned char *p;
 	RC4_KEY key;
 	unsigned char buf[512],obuf[512];
 
 	for (i=0; i<512; i++) buf[i]=0x01;
 
-	for (i=0; i<4; i++)
+	for (i=0; i<6; i++)
 		{
 		RC4_set_key(&key,keys[i][0],&(keys[i][1]));
-		RC4(&key,data[i][0],&(data[i][1]),obuf);
-		if (memcmp(obuf,output[i],data[i][0]) != 0)
+		memset(obuf,0x00,sizeof(obuf));
+		RC4(&key,data_len[i],&(data[i][0]),obuf);
+		if (memcmp(obuf,output[i],data_len[i]+1) != 0)
 			{
 			printf("error calculating RC4\n");
 			printf("output:");
-			for (j=0; j<data[i][0]; j++)
+			for (j=0; j<data_len[i]+1; j++)
 				printf(" %02x",obuf[j]);
 			printf("\n");
 			printf("expect:");
 			p= &(output[i][0]);
-			for (j=0; j<data[i][0]; j++)
+			for (j=0; j<data_len[i]+1; j++)
 				printf(" %02x",*(p++));
 			printf("\n");
 			err++;
@@ -118,6 +135,60 @@ char *argv[];
 		else
 			printf("test %d ok\n",i);
 		}
+	printf("test end processing ");
+	for (i=0; i<data_len[3]; i++)
+		{
+		RC4_set_key(&key,keys[3][0],&(keys[3][1]));
+		memset(obuf,0x00,sizeof(obuf));
+		RC4(&key,i,&(data[3][0]),obuf);
+		if ((memcmp(obuf,output[3],i) != 0) || (obuf[i] != 0))
+			{
+			printf("error in RC4 length processing\n");
+			printf("output:");
+			for (j=0; j<i+1; j++)
+				printf(" %02x",obuf[j]);
+			printf("\n");
+			printf("expect:");
+			p= &(output[3][0]);
+			for (j=0; j<i; j++)
+				printf(" %02x",*(p++));
+			printf(" 00\n");
+			err++;
+			}
+		else
+			{
+			printf(".");
+			fflush(stdout);
+			}
+		}
+	printf("done\n");
+	printf("test multi-call ");
+	for (i=0; i<data_len[3]; i++)
+		{
+		RC4_set_key(&key,keys[3][0],&(keys[3][1]));
+		memset(obuf,0x00,sizeof(obuf));
+		RC4(&key,i,&(data[3][0]),obuf);
+		RC4(&key,data_len[3]-i,&(data[3][i]),&(obuf[i]));
+		if (memcmp(obuf,output[3],data_len[3]+1) != 0)
+			{
+			printf("error in RC4 multi-call processing\n");
+			printf("output:");
+			for (j=0; j<data_len[3]+1; j++)
+				printf(" %02x",obuf[j]);
+			printf("\n");
+			printf("expect:");
+			p= &(output[3][0]);
+			for (j=0; j<data_len[3]+1; j++)
+				printf(" %02x",*(p++));
+			err++;
+			}
+		else
+			{
+			printf(".");
+			fflush(stdout);
+			}
+		}
+	printf("done\n");
 	exit(err);
 	return(0);
 	}
diff --git a/crypto/rc5/Makefile.ssl b/crypto/rc5/Makefile.ssl
new file mode 100644
index 0000000000..5e98ee2348
--- /dev/null
+++ b/crypto/rc5/Makefile.ssl
@@ -0,0 +1,107 @@
+#
+# SSLeay/crypto/rc5/Makefile
+#
+
+DIR=	rc5
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+RC5_ENC=		rc5_enc.o
+# or use
+#DES_ENC=	r586-elf.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rc5test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c 
+LIBOBJ=rc5_skey.o rc5_ecb.o $(RC5_ENC) rc5cfb64.o rc5ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc5.h
+HEADER=	rc5_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+# elf
+asm/r586-elf.o: asm/r586unix.cpp
+	$(CPP) -DELF asm/r586unix.cpp | as -o asm/r586-elf.o
+
+# solaris
+asm/r586-sol.o: asm/r586unix.cpp
+	$(CC) -E -DSOL asm/r586unix.cpp | sed 's/^#.*//' > asm/r586-sol.s
+	as -o asm/r586-sol.o asm/r586-sol.s
+	rm -f asm/r586-sol.s
+
+# a.out
+asm/r586-out.o: asm/r586unix.cpp
+	$(CPP) -DOUT asm/r586unix.cpp | as -o asm/r586-out.o
+
+# bsdi
+asm/r586bsdi.o: asm/r586unix.cpp
+	$(CPP) -DBSDI asm/r586unix.cpp | as -o asm/r586bsdi.o
+
+asm/r586unix.cpp:
+	(cd asm; perl rc5-586.pl cpp >r586unix.cpp)
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/point.sh ../../doc/rc5.doc rc5.doc ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/rc5/Makefile.uni b/crypto/rc5/Makefile.uni
new file mode 100644
index 0000000000..e50b3f2d19
--- /dev/null
+++ b/crypto/rc5/Makefile.uni
@@ -0,0 +1,72 @@
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+
+DIR=    rc2
+TOP=    .
+CC=     gcc
+CFLAG=	-O3 -fomit-frame-pointer
+
+CPP=    $(CC) -E
+INCLUDES=
+INSTALLTOP=/usr/local/lib
+MAKE=           make
+MAKEDEPEND=     makedepend
+MAKEFILE=       Makefile.uni
+AR=             ar r
+
+IDEA_ENC=rc2_cbc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rc2test
+APPS=rc2speed
+
+LIB=librc2.a
+LIBSRC=rc2_skey.c rc2_ecb.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+LIBOBJ=rc2_skey.o rc2_ecb.o $(IDEA_ENC) rc2cfb64.o rc2ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc2.h
+HEADER= rc2_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+all:    $(LIB) $(TEST) $(APPS)
+
+$(LIB):    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/ranlib.sh $(LIB)
+
+test:	$(TEST)
+	./$(TEST)
+
+$(TEST): $(TEST).c $(LIB)
+	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
+
+$(APPS): $(APPS).c $(LIB)
+	$(CC) -o $(APPS) $(CFLAGS) $(APPS).c $(LIB)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+cc:
+	$(MAKE) CC="cc" CFLAG="-O" all
+
+gcc:
+	$(MAKE) CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/rc5/asm/r5-win32.asm b/crypto/rc5/asm/r5-win32.asm
new file mode 100644
index 0000000000..f43d3711f0
--- /dev/null
+++ b/crypto/rc5/asm/r5-win32.asm
@@ -0,0 +1,574 @@
+	; Don't even think of reading this code
+	; It was automatically generated by rc5-586.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, BSDI,Win32, or Solaris
+	; eric <eay@cryptsoft.com>
+	; 
+	TITLE	rc5-586.asm
+        .386
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_RC5_32_encrypt
+
+_RC5_32_encrypt PROC NEAR
+	; 
+	push	ebp
+	push	esi
+	push	edi
+	mov	edx,		DWORD PTR 16[esp]
+	mov	ebp,		DWORD PTR 20[esp]
+	; Load the 2 words
+	mov	edi,		DWORD PTR [edx]
+	mov	esi,		DWORD PTR 4[edx]
+	push	ebx
+	mov	ebx,		DWORD PTR [ebp]
+	add	edi,		DWORD PTR 4[ebp]
+	add	esi,		DWORD PTR 8[ebp]
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 12[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 16[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 20[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 24[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 28[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 32[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 36[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 40[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 44[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 48[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 52[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 56[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 60[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 64[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 68[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 72[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	cmp	ebx,		8
+	je	$L000rc5_exit
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 76[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 80[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 84[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 88[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 92[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 96[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 100[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 104[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	cmp	ebx,		12
+	je	$L000rc5_exit
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 108[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 112[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 116[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 120[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 124[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 128[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 132[ebp]
+	mov	ecx,		esi
+	rol	edi,		cl
+	add	edi,		eax
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 136[ebp]
+	mov	ecx,		edi
+	rol	esi,		cl
+	add	esi,		eax
+$L000rc5_exit:
+	mov	DWORD PTR [edx],edi
+	mov	DWORD PTR 4[edx],esi
+	pop	ebx
+	pop	edi
+	pop	esi
+	pop	ebp
+	ret
+_RC5_32_encrypt ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_RC5_32_decrypt
+
+_RC5_32_decrypt PROC NEAR
+	; 
+	push	ebp
+	push	esi
+	push	edi
+	mov	edx,		DWORD PTR 16[esp]
+	mov	ebp,		DWORD PTR 20[esp]
+	; Load the 2 words
+	mov	edi,		DWORD PTR [edx]
+	mov	esi,		DWORD PTR 4[edx]
+	push	ebx
+	mov	ebx,		DWORD PTR [ebp]
+	cmp	ebx,		12
+	je	$L001rc5_dec_12
+	cmp	ebx,		8
+	je	$L002rc5_dec_8
+	mov	eax,		DWORD PTR 136[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 132[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 128[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 124[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 120[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 116[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 112[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 108[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+$L001rc5_dec_12:
+	mov	eax,		DWORD PTR 104[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 100[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 96[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 92[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 88[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 84[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 80[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 76[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+$L002rc5_dec_8:
+	mov	eax,		DWORD PTR 72[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 68[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 64[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 60[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 56[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 52[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 48[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 44[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 40[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 36[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 32[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 28[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 24[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 20[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+	mov	eax,		DWORD PTR 16[ebp]
+	sub	esi,		eax
+	mov	ecx,		edi
+	ror	esi,		cl
+	xor	esi,		edi
+	mov	eax,		DWORD PTR 12[ebp]
+	sub	edi,		eax
+	mov	ecx,		esi
+	ror	edi,		cl
+	xor	edi,		esi
+	sub	esi,		DWORD PTR 8[ebp]
+	sub	edi,		DWORD PTR 4[ebp]
+L003rc5_exit:
+	mov	DWORD PTR [edx],edi
+	mov	DWORD PTR 4[edx],esi
+	pop	ebx
+	pop	edi
+	pop	esi
+	pop	ebp
+	ret
+_RC5_32_decrypt ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_RC5_32_cbc_encrypt
+
+_RC5_32_cbc_encrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	mov	ebp,		DWORD PTR 28[esp]
+	; getting iv ptr from parameter 4
+	mov	ebx,		DWORD PTR 36[esp]
+	mov	esi,		DWORD PTR [ebx]
+	mov	edi,		DWORD PTR 4[ebx]
+	push	edi
+	push	esi
+	push	edi
+	push	esi
+	mov	ebx,		esp
+	mov	esi,		DWORD PTR 36[esp]
+	mov	edi,		DWORD PTR 40[esp]
+	; getting encrypt flag from parameter 5
+	mov	ecx,		DWORD PTR 56[esp]
+	; get and push parameter 3
+	mov	eax,		DWORD PTR 48[esp]
+	push	eax
+	push	ebx
+	cmp	ecx,		0
+	jz	$L004decrypt
+	and	ebp,		4294967288
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	jz	$L005encrypt_finish
+L006encrypt_loop:
+	mov	ecx,		DWORD PTR [esi]
+	mov	edx,		DWORD PTR 4[esi]
+	xor	eax,		ecx
+	xor	ebx,		edx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_RC5_32_encrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	mov	DWORD PTR [edi],eax
+	mov	DWORD PTR 4[edi],ebx
+	add	esi,		8
+	add	edi,		8
+	sub	ebp,		8
+	jnz	L006encrypt_loop
+$L005encrypt_finish:
+	mov	ebp,		DWORD PTR 52[esp]
+	and	ebp,		7
+	jz	$L007finish
+	xor	ecx,		ecx
+	xor	edx,		edx
+	mov	ebp,		DWORD PTR $L008cbc_enc_jmp_table[ebp*4]
+	jmp	 ebp
+L009ej7:
+	mov	dh,		BYTE PTR 6[esi]
+	shl	edx,		8
+L010ej6:
+	mov	dh,		BYTE PTR 5[esi]
+L011ej5:
+	mov	dl,		BYTE PTR 4[esi]
+L012ej4:
+	mov	ecx,		DWORD PTR [esi]
+	jmp	$L013ejend
+L014ej3:
+	mov	ch,		BYTE PTR 2[esi]
+	shl	ecx,		8
+L015ej2:
+	mov	ch,		BYTE PTR 1[esi]
+L016ej1:
+	mov	cl,		BYTE PTR [esi]
+$L013ejend:
+	xor	eax,		ecx
+	xor	ebx,		edx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_RC5_32_encrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	mov	DWORD PTR [edi],eax
+	mov	DWORD PTR 4[edi],ebx
+	jmp	$L007finish
+$L004decrypt:
+	and	ebp,		4294967288
+	mov	eax,		DWORD PTR 16[esp]
+	mov	ebx,		DWORD PTR 20[esp]
+	jz	$L017decrypt_finish
+L018decrypt_loop:
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_RC5_32_decrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	mov	ecx,		DWORD PTR 16[esp]
+	mov	edx,		DWORD PTR 20[esp]
+	xor	ecx,		eax
+	xor	edx,		ebx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	mov	DWORD PTR [edi],ecx
+	mov	DWORD PTR 4[edi],edx
+	mov	DWORD PTR 16[esp],eax
+	mov	DWORD PTR 20[esp],ebx
+	add	esi,		8
+	add	edi,		8
+	sub	ebp,		8
+	jnz	L018decrypt_loop
+$L017decrypt_finish:
+	mov	ebp,		DWORD PTR 52[esp]
+	and	ebp,		7
+	jz	$L007finish
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_RC5_32_decrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	mov	ecx,		DWORD PTR 16[esp]
+	mov	edx,		DWORD PTR 20[esp]
+	xor	ecx,		eax
+	xor	edx,		ebx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+L019dj7:
+	ror	edx,		16
+	mov	BYTE PTR 6[edi],dl
+	shr	edx,		16
+L020dj6:
+	mov	BYTE PTR 5[edi],dh
+L021dj5:
+	mov	BYTE PTR 4[edi],dl
+L022dj4:
+	mov	DWORD PTR [edi],ecx
+	jmp	$L023djend
+L024dj3:
+	ror	ecx,		16
+	mov	BYTE PTR 2[edi],cl
+	shl	ecx,		16
+L025dj2:
+	mov	BYTE PTR 1[esi],ch
+L026dj1:
+	mov	BYTE PTR [esi],	cl
+$L023djend:
+	jmp	$L007finish
+$L007finish:
+	mov	ecx,		DWORD PTR 60[esp]
+	add	esp,		24
+	mov	DWORD PTR [ecx],eax
+	mov	DWORD PTR 4[ecx],ebx
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+$L008cbc_enc_jmp_table:
+	DD	0
+	DD	L016ej1
+	DD	L015ej2
+	DD	L014ej3
+	DD	L012ej4
+	DD	L011ej5
+	DD	L010ej6
+	DD	L009ej7
+L027cbc_dec_jmp_table:
+	DD	0
+	DD	L026dj1
+	DD	L025dj2
+	DD	L024dj3
+	DD	L022dj4
+	DD	L021dj5
+	DD	L020dj6
+	DD	L019dj7
+_RC5_32_cbc_encrypt ENDP
+_TEXT	ENDS
+END
diff --git a/crypto/rc5/asm/r586unix.cpp b/crypto/rc5/asm/r586unix.cpp
new file mode 100644
index 0000000000..a25dd5a9a4
--- /dev/null
+++ b/crypto/rc5/asm/r586unix.cpp
@@ -0,0 +1,628 @@
+/* Run the C pre-processor over this file with one of the following defined
+ * ELF - elf object files,
+ * OUT - a.out object files,
+ * BSDI - BSDI style a.out object files
+ * SOL - Solaris style elf
+ */
+
+#define TYPE(a,b)       .type   a,b
+#define SIZE(a,b)       .size   a,b
+
+#if defined(OUT) || defined(BSDI)
+#define RC5_32_encrypt _RC5_32_encrypt
+#define RC5_32_decrypt _RC5_32_decrypt
+#define RC5_32_cbc_encrypt _RC5_32_cbc_encrypt
+
+#endif
+
+#ifdef OUT
+#define OK	1
+#define ALIGN	4
+#endif
+
+#ifdef BSDI
+#define OK              1
+#define ALIGN           4
+#undef SIZE
+#undef TYPE
+#define SIZE(a,b)
+#define TYPE(a,b)
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK              1
+#define ALIGN           16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+/* Let the Assembler begin :-) */
+	/* Don't even think of reading this code */
+	/* It was automatically generated by rc5-586.pl */
+	/* Which is a perl program used to generate the x86 assember for */
+	/* any of elf, a.out, BSDI,Win32, or Solaris */
+	/* eric <eay@cryptsoft.com> */
+
+	.file	"rc5-586.s"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align ALIGN
+.globl RC5_32_encrypt
+	TYPE(RC5_32_encrypt,@function)
+RC5_32_encrypt:
+
+	pushl	%ebp
+	pushl	%esi
+	pushl	%edi
+	movl	16(%esp),	%edx
+	movl	20(%esp),	%ebp
+	/* Load the 2 words */
+	movl	(%edx),		%edi
+	movl	4(%edx),	%esi
+	pushl	%ebx
+	movl	(%ebp),		%ebx
+	addl	4(%ebp),	%edi
+	addl	8(%ebp),	%esi
+	xorl	%esi,		%edi
+	movl	12(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	16(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	xorl	%esi,		%edi
+	movl	20(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	24(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	xorl	%esi,		%edi
+	movl	28(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	32(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	xorl	%esi,		%edi
+	movl	36(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	40(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	xorl	%esi,		%edi
+	movl	44(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	48(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	xorl	%esi,		%edi
+	movl	52(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	56(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	xorl	%esi,		%edi
+	movl	60(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	64(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	xorl	%esi,		%edi
+	movl	68(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	72(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	cmpl	$8,		%ebx
+	je	.L000rc5_exit
+	xorl	%esi,		%edi
+	movl	76(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	80(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	xorl	%esi,		%edi
+	movl	84(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	88(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	xorl	%esi,		%edi
+	movl	92(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	96(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	xorl	%esi,		%edi
+	movl	100(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	104(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	cmpl	$12,		%ebx
+	je	.L000rc5_exit
+	xorl	%esi,		%edi
+	movl	108(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	112(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	xorl	%esi,		%edi
+	movl	116(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	120(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	xorl	%esi,		%edi
+	movl	124(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	128(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+	xorl	%esi,		%edi
+	movl	132(%ebp),	%eax
+	movl	%esi,		%ecx
+	roll	%cl,		%edi
+	addl	%eax,		%edi
+	xorl	%edi,		%esi
+	movl	136(%ebp),	%eax
+	movl	%edi,		%ecx
+	roll	%cl,		%esi
+	addl	%eax,		%esi
+.L000rc5_exit:
+	movl	%edi,		(%edx)
+	movl	%esi,		4(%edx)
+	popl	%ebx
+	popl	%edi
+	popl	%esi
+	popl	%ebp
+	ret
+.RC5_32_encrypt_end:
+	SIZE(RC5_32_encrypt,.RC5_32_encrypt_end-RC5_32_encrypt)
+.ident	"desasm.pl"
+.text
+	.align ALIGN
+.globl RC5_32_decrypt
+	TYPE(RC5_32_decrypt,@function)
+RC5_32_decrypt:
+
+	pushl	%ebp
+	pushl	%esi
+	pushl	%edi
+	movl	16(%esp),	%edx
+	movl	20(%esp),	%ebp
+	/* Load the 2 words */
+	movl	(%edx),		%edi
+	movl	4(%edx),	%esi
+	pushl	%ebx
+	movl	(%ebp),		%ebx
+	cmpl	$12,		%ebx
+	je	.L001rc5_dec_12
+	cmpl	$8,		%ebx
+	je	.L002rc5_dec_8
+	movl	136(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	132(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+	movl	128(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	124(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+	movl	120(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	116(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+	movl	112(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	108(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+.L001rc5_dec_12:
+	movl	104(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	100(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+	movl	96(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	92(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+	movl	88(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	84(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+	movl	80(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	76(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+.L002rc5_dec_8:
+	movl	72(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	68(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+	movl	64(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	60(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+	movl	56(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	52(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+	movl	48(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	44(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+	movl	40(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	36(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+	movl	32(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	28(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+	movl	24(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	20(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+	movl	16(%ebp),	%eax
+	subl	%eax,		%esi
+	movl	%edi,		%ecx
+	rorl	%cl,		%esi
+	xorl	%edi,		%esi
+	movl	12(%ebp),	%eax
+	subl	%eax,		%edi
+	movl	%esi,		%ecx
+	rorl	%cl,		%edi
+	xorl	%esi,		%edi
+	subl	8(%ebp),	%esi
+	subl	4(%ebp),	%edi
+.L003rc5_exit:
+	movl	%edi,		(%edx)
+	movl	%esi,		4(%edx)
+	popl	%ebx
+	popl	%edi
+	popl	%esi
+	popl	%ebp
+	ret
+.RC5_32_decrypt_end:
+	SIZE(RC5_32_decrypt,.RC5_32_decrypt_end-RC5_32_decrypt)
+.ident	"desasm.pl"
+.text
+	.align ALIGN
+.globl RC5_32_cbc_encrypt
+	TYPE(RC5_32_cbc_encrypt,@function)
+RC5_32_cbc_encrypt:
+
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	28(%esp),	%ebp
+	/* getting iv ptr from parameter 4 */
+	movl	36(%esp),	%ebx
+	movl	(%ebx),		%esi
+	movl	4(%ebx),	%edi
+	pushl	%edi
+	pushl	%esi
+	pushl	%edi
+	pushl	%esi
+	movl	%esp,		%ebx
+	movl	36(%esp),	%esi
+	movl	40(%esp),	%edi
+	/* getting encrypt flag from parameter 5 */
+	movl	56(%esp),	%ecx
+	/* get and push parameter 3 */
+	movl	48(%esp),	%eax
+	pushl	%eax
+	pushl	%ebx
+	cmpl	$0,		%ecx
+	jz	.L004decrypt
+	andl	$4294967288,	%ebp
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+	jz	.L005encrypt_finish
+.L006encrypt_loop:
+	movl	(%esi),		%ecx
+	movl	4(%esi),	%edx
+	xorl	%ecx,		%eax
+	xorl	%edx,		%ebx
+	movl	%eax,		8(%esp)
+	movl	%ebx,		12(%esp)
+	call	RC5_32_encrypt
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+	movl	%eax,		(%edi)
+	movl	%ebx,		4(%edi)
+	addl	$8,		%esi
+	addl	$8,		%edi
+	subl	$8,		%ebp
+	jnz	.L006encrypt_loop
+.L005encrypt_finish:
+	movl	52(%esp),	%ebp
+	andl	$7,		%ebp
+	jz	.L007finish
+	xorl	%ecx,		%ecx
+	xorl	%edx,		%edx
+	movl	.L008cbc_enc_jmp_table(,%ebp,4),%ebp
+	jmp	*%ebp
+.L009ej7:
+	movb	6(%esi),	%dh
+	sall	$8,		%edx
+.L010ej6:
+	movb	5(%esi),	%dh
+.L011ej5:
+	movb	4(%esi),	%dl
+.L012ej4:
+	movl	(%esi),		%ecx
+	jmp	.L013ejend
+.L014ej3:
+	movb	2(%esi),	%ch
+	sall	$8,		%ecx
+.L015ej2:
+	movb	1(%esi),	%ch
+.L016ej1:
+	movb	(%esi),		%cl
+.L013ejend:
+	xorl	%ecx,		%eax
+	xorl	%edx,		%ebx
+	movl	%eax,		8(%esp)
+	movl	%ebx,		12(%esp)
+	call	RC5_32_encrypt
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+	movl	%eax,		(%edi)
+	movl	%ebx,		4(%edi)
+	jmp	.L007finish
+.align ALIGN
+.L004decrypt:
+	andl	$4294967288,	%ebp
+	movl	16(%esp),	%eax
+	movl	20(%esp),	%ebx
+	jz	.L017decrypt_finish
+.L018decrypt_loop:
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+	movl	%eax,		8(%esp)
+	movl	%ebx,		12(%esp)
+	call	RC5_32_decrypt
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+	movl	16(%esp),	%ecx
+	movl	20(%esp),	%edx
+	xorl	%eax,		%ecx
+	xorl	%ebx,		%edx
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+	movl	%ecx,		(%edi)
+	movl	%edx,		4(%edi)
+	movl	%eax,		16(%esp)
+	movl	%ebx,		20(%esp)
+	addl	$8,		%esi
+	addl	$8,		%edi
+	subl	$8,		%ebp
+	jnz	.L018decrypt_loop
+.L017decrypt_finish:
+	movl	52(%esp),	%ebp
+	andl	$7,		%ebp
+	jz	.L007finish
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+	movl	%eax,		8(%esp)
+	movl	%ebx,		12(%esp)
+	call	RC5_32_decrypt
+	movl	8(%esp),	%eax
+	movl	12(%esp),	%ebx
+	movl	16(%esp),	%ecx
+	movl	20(%esp),	%edx
+	xorl	%eax,		%ecx
+	xorl	%ebx,		%edx
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+.L019dj7:
+	rorl	$16,		%edx
+	movb	%dl,		6(%edi)
+	shrl	$16,		%edx
+.L020dj6:
+	movb	%dh,		5(%edi)
+.L021dj5:
+	movb	%dl,		4(%edi)
+.L022dj4:
+	movl	%ecx,		(%edi)
+	jmp	.L023djend
+.L024dj3:
+	rorl	$16,		%ecx
+	movb	%cl,		2(%edi)
+	sall	$16,		%ecx
+.L025dj2:
+	movb	%ch,		1(%esi)
+.L026dj1:
+	movb	%cl,		(%esi)
+.L023djend:
+	jmp	.L007finish
+.align ALIGN
+.L007finish:
+	movl	60(%esp),	%ecx
+	addl	$24,		%esp
+	movl	%eax,		(%ecx)
+	movl	%ebx,		4(%ecx)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align ALIGN
+.L008cbc_enc_jmp_table:
+	.long 0
+	.long .L016ej1
+	.long .L015ej2
+	.long .L014ej3
+	.long .L012ej4
+	.long .L011ej5
+	.long .L010ej6
+	.long .L009ej7
+.align ALIGN
+.L027cbc_dec_jmp_table:
+	.long 0
+	.long .L026dj1
+	.long .L025dj2
+	.long .L024dj3
+	.long .L022dj4
+	.long .L021dj5
+	.long .L020dj6
+	.long .L019dj7
+.RC5_32_cbc_encrypt_end:
+	SIZE(RC5_32_cbc_encrypt,.RC5_32_cbc_encrypt_end-RC5_32_cbc_encrypt)
+.ident	"desasm.pl"
diff --git a/crypto/rc5/asm/rc5-586.pl b/crypto/rc5/asm/rc5-586.pl
new file mode 100644
index 0000000000..edff1d1e64
--- /dev/null
+++ b/crypto/rc5/asm/rc5-586.pl
@@ -0,0 +1,109 @@
+#!/usr/local/bin/perl
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+
+&asm_init($ARGV[0],"rc5-586.pl");
+
+$RC5_MAX_ROUNDS=16;
+$RC5_32_OFF=($RC5_MAX_ROUNDS+2)*4;
+$A="edi";
+$B="esi";
+$S="ebp";
+$tmp1="eax";
+$r="ebx";
+$tmpc="ecx";
+$tmp4="edx";
+
+&RC5_32_encrypt("RC5_32_encrypt",1);
+&RC5_32_encrypt("RC5_32_decrypt",0);
+&cbc("RC5_32_cbc_encrypt","RC5_32_encrypt","RC5_32_decrypt",0,4,5,3,-1,-1);
+&asm_finish();
+
+sub RC5_32_encrypt
+	{
+	local($name,$enc)=@_;
+
+	&function_begin_B($name,"");
+
+	&comment("");
+
+	&push("ebp");
+	 &push("esi");
+	&push("edi");
+	 &mov($tmp4,&wparam(0));
+	&mov($S,&wparam(1));
+
+	&comment("Load the 2 words");
+	 &mov($A,&DWP(0,$tmp4,"",0));
+	&mov($B,&DWP(4,$tmp4,"",0));
+
+	&push($r);
+	 &mov($r,	&DWP(0,$S,"",0));
+
+	# encrypting part
+
+	if ($enc)
+		{
+		 &add($A,	&DWP(4+0,$S,"",0));
+		&add($B,	&DWP(4+4,$S,"",0));
+
+		for ($i=0; $i<$RC5_MAX_ROUNDS; $i++)
+			{
+			 &xor($A,	$B);
+			&mov($tmp1,	&DWP(12+$i*8,$S,"",0));
+			 &mov($tmpc,	$B);
+			&rotl($A,	&LB("ecx"));
+			&add($A,	$tmp1);
+
+			 &xor($B,	$A);
+			&mov($tmp1,	&DWP(16+$i*8,$S,"",0));
+			 &mov($tmpc,	$A);
+			&rotl($B,	&LB("ecx"));
+			&add($B,	$tmp1);
+			if (($i == 7) || ($i == 11))
+				{
+			 &cmp($r,	$i+1);
+			&je(&label("rc5_exit"));
+				}
+			}
+		}
+	else
+		{
+		 &cmp($r,	12);
+		&je(&label("rc5_dec_12"));
+		 &cmp($r,	8);
+		&je(&label("rc5_dec_8"));
+		for ($i=$RC5_MAX_ROUNDS; $i > 0; $i--)
+			{
+			&set_label("rc5_dec_$i") if ($i == 12) || ($i == 8);
+			 &mov($tmp1,	&DWP($i*8+8,$S,"",0));
+			&sub($B,	$tmp1);
+			 &mov($tmpc,	$A);
+			&rotr($B,	&LB("ecx"));
+			&xor($B,	$A);
+
+			 &mov($tmp1,	&DWP($i*8+4,$S,"",0));
+			&sub($A,	$tmp1);
+			 &mov($tmpc,	$B);
+			&rotr($A,	&LB("ecx"));
+			&xor($A,	$B);
+			}
+		 &sub($B,	&DWP(4+4,$S,"",0));
+		&sub($A,	&DWP(4+0,$S,"",0));
+		}
+
+	&set_label("rc5_exit");
+	 &mov(&DWP(0,$tmp4,"",0),$A);
+	&mov(&DWP(4,$tmp4,"",0),$B);
+
+	 &pop("ebx");
+	&pop("edi");
+	 &pop("esi");
+	&pop("ebp");
+	 &ret();
+	&function_end_B($name);
+	}
+
+
diff --git a/crypto/rc5/rc5.h b/crypto/rc5/rc5.h
new file mode 100644
index 0000000000..5fd64e3f10
--- /dev/null
+++ b/crypto/rc5/rc5.h
@@ -0,0 +1,122 @@
+/* crypto/rc5/rc5.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RC5_H
+#define HEADER_RC5_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define RC5_ENCRYPT	1
+#define RC5_DECRYPT	0
+
+/* 32 bit.  For Alpha, things may get weird */
+#define RC5_32_INT unsigned long
+
+#define RC5_32_BLOCK		8
+#define RC5_32_KEY_LENGTH	16 /* This is a default, max is 255 */
+
+/* This are the only values supported.  Tweak the code if you want more
+ * The most supported modes will be
+ * RC5-32/12/16
+ * RC5-32/16/8
+ */
+#define RC5_8_ROUNDS	8
+#define RC5_12_ROUNDS	12
+#define RC5_16_ROUNDS	16
+
+typedef struct rc5_key_st
+	{
+	/* Number of rounds */
+	int rounds;
+	RC5_32_INT data[2*(RC5_16_ROUNDS+1)];
+	} RC5_32_KEY;
+
+#ifndef NOPROTO
+ 
+void RC5_32_set_key(RC5_32_KEY *key, int len, unsigned char *data,
+	int rounds);
+void RC5_32_ecb_encrypt(unsigned char *in,unsigned char *out,RC5_32_KEY *key,
+	int enc);
+void RC5_32_encrypt(unsigned long *data,RC5_32_KEY *key);
+void RC5_32_decrypt(unsigned long *data,RC5_32_KEY *key);
+void RC5_32_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+	RC5_32_KEY *ks, unsigned char *iv, int enc);
+void RC5_32_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	RC5_32_KEY *schedule, unsigned char *ivec, int *num, int enc);
+void RC5_32_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	RC5_32_KEY *schedule, unsigned char *ivec, int *num);
+
+#else
+
+void RC5_32_set_key();
+void RC5_32_ecb_encrypt();
+void RC5_32_encrypt();
+void RC5_32_decrypt();
+void RC5_32_cbc_encrypt();
+void RC5_32_cfb64_encrypt();
+void RC5_32_ofb64_encrypt();
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/rc5/rc5_ecb.c b/crypto/rc5/rc5_ecb.c
new file mode 100644
index 0000000000..82947f4cd5
--- /dev/null
+++ b/crypto/rc5/rc5_ecb.c
@@ -0,0 +1,82 @@
+/* crypto/rc5/rc5_ecb.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc5.h"
+#include "rc5_locl.h"
+
+char *RC5_version="RC5 part of SSLeay 0.9.0b 29-Jun-1998";
+
+void RC5_32_ecb_encrypt(in, out, ks, encrypt)
+unsigned char *in;
+unsigned char *out;
+RC5_32_KEY *ks;
+int encrypt;
+	{
+	unsigned long l,d[2];
+
+	c2l(in,l); d[0]=l;
+	c2l(in,l); d[1]=l;
+	if (encrypt)
+		RC5_32_encrypt(d,ks);
+	else
+		RC5_32_decrypt(d,ks);
+	l=d[0]; l2c(l,out);
+	l=d[1]; l2c(l,out);
+	l=d[0]=d[1]=0;
+	}
+
diff --git a/crypto/rc5/rc5_enc.c b/crypto/rc5/rc5_enc.c
new file mode 100644
index 0000000000..ee5f97eed1
--- /dev/null
+++ b/crypto/rc5/rc5_enc.c
@@ -0,0 +1,223 @@
+/* crypto/rc5/rc5_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "rc5.h"
+#include "rc5_locl.h"
+
+void RC5_32_cbc_encrypt(in, out, length, ks, iv, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+RC5_32_KEY *ks;
+unsigned char *iv;
+int encrypt;
+	{
+	register unsigned long tin0,tin1;
+	register unsigned long tout0,tout1,xor0,xor1;
+	register long l=length;
+	unsigned long tin[2];
+
+	if (encrypt)
+		{
+		c2l(iv,tout0);
+		c2l(iv,tout1);
+		iv-=8;
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+			tin0^=tout0;
+			tin1^=tout1;
+			tin[0]=tin0;
+			tin[1]=tin1;
+			RC5_32_encrypt(tin,ks);
+			tout0=tin[0]; l2c(tout0,out);
+			tout1=tin[1]; l2c(tout1,out);
+			}
+		if (l != -8)
+			{
+			c2ln(in,tin0,tin1,l+8);
+			tin0^=tout0;
+			tin1^=tout1;
+			tin[0]=tin0;
+			tin[1]=tin1;
+			RC5_32_encrypt(tin,ks);
+			tout0=tin[0]; l2c(tout0,out);
+			tout1=tin[1]; l2c(tout1,out);
+			}
+		l2c(tout0,iv);
+		l2c(tout1,iv);
+		}
+	else
+		{
+		c2l(iv,xor0);
+		c2l(iv,xor1);
+		iv-=8;
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0); tin[0]=tin0;
+			c2l(in,tin1); tin[1]=tin1;
+			RC5_32_decrypt(tin,ks);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2c(tout0,out);
+			l2c(tout1,out);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		if (l != -8)
+			{
+			c2l(in,tin0); tin[0]=tin0;
+			c2l(in,tin1); tin[1]=tin1;
+			RC5_32_decrypt(tin,ks);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2cn(tout0,tout1,out,l+8);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		l2c(xor0,iv);
+		l2c(xor1,iv);
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	tin[0]=tin[1]=0;
+	}
+
+void RC5_32_encrypt(d,key)
+unsigned long *d;
+RC5_32_KEY *key;
+	{
+	RC5_32_INT a,b,*s;
+
+	s=key->data;
+
+	a=d[0]+s[0];
+	b=d[1]+s[1];
+	E_RC5_32(a,b,s, 2);
+	E_RC5_32(a,b,s, 4);
+	E_RC5_32(a,b,s, 6);
+	E_RC5_32(a,b,s, 8);
+	E_RC5_32(a,b,s,10);
+	E_RC5_32(a,b,s,12);
+	E_RC5_32(a,b,s,14);
+	E_RC5_32(a,b,s,16);
+	if (key->rounds == 12)
+		{
+		E_RC5_32(a,b,s,18);
+		E_RC5_32(a,b,s,20);
+		E_RC5_32(a,b,s,22);
+		E_RC5_32(a,b,s,24);
+		}
+	else if (key->rounds == 16)
+		{
+		/* Do a full expansion to avoid a jump */
+		E_RC5_32(a,b,s,18);
+		E_RC5_32(a,b,s,20);
+		E_RC5_32(a,b,s,22);
+		E_RC5_32(a,b,s,24);
+		E_RC5_32(a,b,s,26);
+		E_RC5_32(a,b,s,28);
+		E_RC5_32(a,b,s,30);
+		E_RC5_32(a,b,s,32);
+		}
+	d[0]=a;
+	d[1]=b;
+	}
+
+void RC5_32_decrypt(d,key)
+unsigned long *d;
+RC5_32_KEY *key;
+	{
+	RC5_32_INT a,b,*s;
+
+	s=key->data;
+
+	a=d[0];
+	b=d[1];
+	if (key->rounds == 16) 
+		{
+		D_RC5_32(a,b,s,32);
+		D_RC5_32(a,b,s,30);
+		D_RC5_32(a,b,s,28);
+		D_RC5_32(a,b,s,26);
+		/* Do a full expansion to avoid a jump */
+		D_RC5_32(a,b,s,24);
+		D_RC5_32(a,b,s,22);
+		D_RC5_32(a,b,s,20);
+		D_RC5_32(a,b,s,18);
+		}
+	else if (key->rounds == 12)
+		{
+		D_RC5_32(a,b,s,24);
+		D_RC5_32(a,b,s,22);
+		D_RC5_32(a,b,s,20);
+		D_RC5_32(a,b,s,18);
+		}
+	D_RC5_32(a,b,s,16);
+	D_RC5_32(a,b,s,14);
+	D_RC5_32(a,b,s,12);
+	D_RC5_32(a,b,s,10);
+	D_RC5_32(a,b,s, 8);
+	D_RC5_32(a,b,s, 6);
+	D_RC5_32(a,b,s, 4);
+	D_RC5_32(a,b,s, 2);
+	d[0]=a-s[0];
+	d[1]=b-s[1];
+	}
+
diff --git a/crypto/rc5/rc5_locl.h b/crypto/rc5/rc5_locl.h
new file mode 100644
index 0000000000..718c6162ea
--- /dev/null
+++ b/crypto/rc5/rc5_locl.h
@@ -0,0 +1,187 @@
+/* crypto/rc5/rc5_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+
+#undef c2l
+#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
+			 l|=((unsigned long)(*((c)++)))<< 8L, \
+			 l|=((unsigned long)(*((c)++)))<<16L, \
+			 l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+			case 5: l2|=((unsigned long)(*(--(c))));     \
+			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+			case 1: l1|=((unsigned long)(*(--(c))));     \
+				} \
+			}
+
+#undef l2c
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+				} \
+			}
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))    ; \
+			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+			case 4: l1 =((unsigned long)(*(--(c))))    ; \
+			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+				} \
+			}
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+				} \
+			}
+
+#undef n2l
+#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
+#if defined(WIN32)
+#define ROTATE_l32(a,n)     _lrotl(a,n)
+#define ROTATE_r32(a,n)     _lrotr(a,n)
+#else
+#define ROTATE_l32(a,n)     (((a)<<(n&0x1f))|(((a)&0xffffffff)>>(32-(n&0x1f))))
+#define ROTATE_r32(a,n)     (((a)<<(32-(n&0x1f)))|(((a)&0xffffffff)>>(n&0x1f)))
+#endif
+
+#define RC5_32_MASK	0xffffffffL
+
+#define RC5_16_P	0xB7E1
+#define RC5_16_Q	0x9E37
+#define RC5_32_P	0xB7E15163L
+#define RC5_32_Q	0x9E3779B9L
+#define RC5_64_P	0xB7E151628AED2A6BLL
+#define RC5_64_Q	0x9E3779B97F4A7C15LL
+
+#define E_RC5_32(a,b,s,n) \
+	a^=b; \
+	a=ROTATE_l32(a,b); \
+	a+=s[n]; \
+	a&=RC5_32_MASK; \
+	b^=a; \
+	b=ROTATE_l32(b,a); \
+	b+=s[n+1]; \
+	b&=RC5_32_MASK;
+
+#define D_RC5_32(a,b,s,n) \
+	b-=s[n+1]; \
+	b&=RC5_32_MASK; \
+	b=ROTATE_r32(b,a); \
+	b^=a; \
+	a-=s[n]; \
+	a&=RC5_32_MASK; \
+	a=ROTATE_r32(a,b); \
+	a^=b;
+
+
+
diff --git a/crypto/rc5/rc5_skey.c b/crypto/rc5/rc5_skey.c
new file mode 100644
index 0000000000..5753390d08
--- /dev/null
+++ b/crypto/rc5/rc5_skey.c
@@ -0,0 +1,116 @@
+/* crypto/rc5/rc5_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc5.h"
+#include "rc5_locl.h"
+
+void RC5_32_set_key(key,len,data,rounds)
+RC5_32_KEY *key;
+int len;
+unsigned char *data;
+int rounds;
+	{
+	RC5_32_INT L[64],l,ll,A,B,*S,k;
+	int i,j,m,c,t,ii,jj;
+
+	if (	(rounds != RC5_16_ROUNDS) &&
+		(rounds != RC5_12_ROUNDS) &&
+		(rounds != RC5_8_ROUNDS))
+		rounds=RC5_16_ROUNDS;
+
+	key->rounds=rounds;
+	S= &(key->data[0]);
+	j=0;
+	for (i=0; i<=(len-8); i+=8)
+		{
+		c2l(data,l);
+		L[j++]=l;
+		c2l(data,l);
+		L[j++]=l;
+		}
+	ii=len-i;
+	if (ii)
+		{
+		k=len&0x07;
+		c2ln(data,l,ll,k);
+		L[j+0]=l;
+		L[j+1]=ll;
+		}
+
+	c=(len+3)/4;
+	t=(rounds+1)*2;
+	S[0]=RC5_32_P;
+	for (i=1; i<t; i++)
+		S[i]=(S[i-1]+RC5_32_Q)&RC5_32_MASK;
+
+	j=(t>c)?t:c;
+	j*=3;
+	ii=jj=0;
+	A=B=0;
+	for (i=0; i<j; i++)
+		{
+		k=(S[ii]+A+B)&RC5_32_MASK;
+		A=S[ii]=ROTATE_l32(k,3);
+		m=(int)(A+B);
+		k=(L[jj]+A+B)&RC5_32_MASK;
+		B=L[jj]=ROTATE_l32(k,m);
+		if (++ii >= t) ii=0;
+		if (++jj >= c) jj=0;
+		}
+	}
+
diff --git a/crypto/rc5/rc5cfb64.c b/crypto/rc5/rc5cfb64.c
new file mode 100644
index 0000000000..fe245d0348
--- /dev/null
+++ b/crypto/rc5/rc5cfb64.c
@@ -0,0 +1,127 @@
+/* crypto/rc5/rc5cfb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc5.h"
+#include "rc5_locl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void RC5_32_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+RC5_32_KEY *schedule;
+unsigned char *ivec;
+int *num;
+int encrypt;
+	{
+	register unsigned long v0,v1,t;
+	register int n= *num;
+	register long l=length;
+	unsigned long ti[2];
+	unsigned char *iv,c,cc;
+
+	iv=(unsigned char *)ivec;
+	if (encrypt)
+		{
+		while (l--)
+			{
+			if (n == 0)
+				{
+				c2l(iv,v0); ti[0]=v0;
+				c2l(iv,v1); ti[1]=v1;
+				RC5_32_encrypt((unsigned long *)ti,schedule);
+				iv=(unsigned char *)ivec;
+				t=ti[0]; l2c(t,iv);
+				t=ti[1]; l2c(t,iv);
+				iv=(unsigned char *)ivec;
+				}
+			c= *(in++)^iv[n];
+			*(out++)=c;
+			iv[n]=c;
+			n=(n+1)&0x07;
+			}
+		}
+	else
+		{
+		while (l--)
+			{
+			if (n == 0)
+				{
+				c2l(iv,v0); ti[0]=v0;
+				c2l(iv,v1); ti[1]=v1;
+				RC5_32_encrypt((unsigned long *)ti,schedule);
+				iv=(unsigned char *)ivec;
+				t=ti[0]; l2c(t,iv);
+				t=ti[1]; l2c(t,iv);
+				iv=(unsigned char *)ivec;
+				}
+			cc= *(in++);
+			c=iv[n];
+			iv[n]=cc;
+			*(out++)=c^cc;
+			n=(n+1)&0x07;
+			}
+		}
+	v0=v1=ti[0]=ti[1]=t=c=cc=0;
+	*num=n;
+	}
+
diff --git a/crypto/rc5/rc5ofb64.c b/crypto/rc5/rc5ofb64.c
new file mode 100644
index 0000000000..aa43b6a820
--- /dev/null
+++ b/crypto/rc5/rc5ofb64.c
@@ -0,0 +1,115 @@
+/* crypto/rc5/rc5ofb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc5.h"
+#include "rc5_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void RC5_32_ofb64_encrypt(in, out, length, schedule, ivec, num)
+unsigned char *in;
+unsigned char *out;
+long length;
+RC5_32_KEY *schedule;
+unsigned char *ivec;
+int *num;
+	{
+	register unsigned long v0,v1,t;
+	register int n= *num;
+	register long l=length;
+	unsigned char d[8];
+	register char *dp;
+	unsigned long ti[2];
+	unsigned char *iv;
+	int save=0;
+
+	iv=(unsigned char *)ivec;
+	c2l(iv,v0);
+	c2l(iv,v1);
+	ti[0]=v0;
+	ti[1]=v1;
+	dp=(char *)d;
+	l2c(v0,dp);
+	l2c(v1,dp);
+	while (l--)
+		{
+		if (n == 0)
+			{
+			RC5_32_encrypt((unsigned long *)ti,schedule);
+			dp=(char *)d;
+			t=ti[0]; l2c(t,dp);
+			t=ti[1]; l2c(t,dp);
+			save++;
+			}
+		*(out++)= *(in++)^d[n];
+		n=(n+1)&0x07;
+		}
+	if (save)
+		{
+		v0=ti[0];
+		v1=ti[1];
+		iv=(unsigned char *)ivec;
+		l2c(v0,iv);
+		l2c(v1,iv);
+		}
+	t=v0=v1=ti[0]=ti[1]=0;
+	*num=n;
+	}
+
diff --git a/crypto/rc5/rc5s.cpp b/crypto/rc5/rc5s.cpp
new file mode 100644
index 0000000000..b069601c22
--- /dev/null
+++ b/crypto/rc5/rc5s.cpp
@@ -0,0 +1,70 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "rc5.h"
+
+void main(int argc,char *argv[])
+	{
+	RC5_32_KEY key;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+	static unsigned char d[16]={0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF};
+
+	RC5_32_set_key(&key, 16,d,12);
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			RC5_32_encrypt(&data[0],&key);
+			GetTSC(s1);
+			RC5_32_encrypt(&data[0],&key);
+			RC5_32_encrypt(&data[0],&key);
+			RC5_32_encrypt(&data[0],&key);
+			GetTSC(e1);
+			GetTSC(s2);
+			RC5_32_encrypt(&data[0],&key);
+			RC5_32_encrypt(&data[0],&key);
+			RC5_32_encrypt(&data[0],&key);
+			RC5_32_encrypt(&data[0],&key);
+			GetTSC(e2);
+			RC5_32_encrypt(&data[0],&key);
+			}
+
+		printf("cast %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/crypto/rc5/rc5speed.c b/crypto/rc5/rc5speed.c
new file mode 100644
index 0000000000..5eeb560b72
--- /dev/null
+++ b/crypto/rc5/rc5speed.c
@@ -0,0 +1,293 @@
+/* crypto/rc5/rc5speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+	time_t tms_utime;
+	time_t tms_stime;
+	time_t tms_uchild;	/* I dunno...  */
+	time_t tms_uchildsys;	/* so these names are a guess :-) */
+	}
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "rc5.h"
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ	100.0
+#else /* VMS */
+#define HZ	100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE	((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+	{
+	signal(SIGALRM,sig_done);
+	run=0;
+#ifdef LINT
+	sig=sig;
+#endif
+	}
+#endif
+
+#define START	0
+#define STOP	1
+
+double Time_F(s)
+int s;
+	{
+	double ret;
+#ifdef TIMES
+	static struct tms tstart,tend;
+
+	if (s == START)
+		{
+		times(&tstart);
+		return(0);
+		}
+	else
+		{
+		times(&tend);
+		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#else /* !times() */
+	static struct timeb tstart,tend;
+	long i;
+
+	if (s == START)
+		{
+		ftime(&tstart);
+		return(0);
+		}
+	else
+		{
+		ftime(&tend);
+		i=(long)tend.millitm-(long)tstart.millitm;
+		ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#endif
+	}
+
+int main(argc,argv)
+int argc;
+char **argv;
+	{
+	long count;
+	static unsigned char buf[BUFSIZE];
+	static unsigned char key[] ={
+			0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+			0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+			};
+	RC5_32_KEY sch;
+	double a,b,c,d;
+#ifndef SIGALRM
+	long ca,cb,cc;
+#endif
+
+#ifndef TIMES
+	printf("To get the most acurate results, try to run this\n");
+	printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+	printf("First we calculate the approximate speed ...\n");
+	RC5_32_set_key(&sch,16,key,12);
+	count=10;
+	do	{
+		long i;
+		unsigned long data[2];
+
+		count*=2;
+		Time_F(START);
+		for (i=count; i; i--)
+			RC5_32_encrypt(data,&sch);
+		d=Time_F(STOP);
+		} while (d < 3.0);
+	ca=count/512;
+	cb=count;
+	cc=count*8/BUFSIZE+1;
+	printf("Doing RC5_32_set_key %ld times\n",ca);
+#define COND(d)	(count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c)	(run)
+#define COUNT(d) (count)
+	signal(SIGALRM,sig_done);
+	printf("Doing RC5_32_set_key for 10 seconds\n");
+	alarm(10);
+#endif
+
+	Time_F(START);
+	for (count=0,run=1; COND(ca); count+=4)
+		{
+		RC5_32_set_key(&sch,16,key,12);
+		RC5_32_set_key(&sch,16,key,12);
+		RC5_32_set_key(&sch,16,key,12);
+		RC5_32_set_key(&sch,16,key,12);
+		}
+	d=Time_F(STOP);
+	printf("%ld RC5_32_set_key's in %.2f seconds\n",count,d);
+	a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+	printf("Doing RC5_32_encrypt's for 10 seconds\n");
+	alarm(10);
+#else
+	printf("Doing RC5_32_encrypt %ld times\n",cb);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(cb); count+=4)
+		{
+		unsigned long data[2];
+
+		RC5_32_encrypt(data,&sch);
+		RC5_32_encrypt(data,&sch);
+		RC5_32_encrypt(data,&sch);
+		RC5_32_encrypt(data,&sch);
+		}
+	d=Time_F(STOP);
+	printf("%ld RC5_32_encrypt's in %.2f second\n",count,d);
+	b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+	printf("Doing RC5_32_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+		BUFSIZE);
+	alarm(10);
+#else
+	printf("Doing RC5_32_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+		BUFSIZE);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(cc); count++)
+		RC5_32_cbc_encrypt(buf,buf,BUFSIZE,&sch,
+			&(key[0]),RC5_ENCRYPT);
+	d=Time_F(STOP);
+	printf("%ld RC5_32_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+		count,BUFSIZE,d);
+	c=((double)COUNT(cc)*BUFSIZE)/d;
+
+	printf("RC5_32/12/16 set_key       per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+	printf("RC5_32/12/16 raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
+	printf("RC5_32/12/16 cbc     bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+	exit(0);
+#if defined(LINT) || defined(MSDOS)
+	return(0);
+#endif
+	}
diff --git a/crypto/rc5/rc5test.c b/crypto/rc5/rc5test.c
new file mode 100644
index 0000000000..14c321d7b8
--- /dev/null
+++ b/crypto/rc5/rc5test.c
@@ -0,0 +1,379 @@
+/* crypto/rc5/rc5test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* This has been a quickly hacked 'ideatest.c'.  When I add tests for other
+ * RC5 modes, more of the code will be uncommented. */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "rc5.h"
+
+unsigned char RC5key[5][16]={
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x91,0x5f,0x46,0x19,0xbe,0x41,0xb2,0x51,
+	 0x63,0x55,0xa5,0x01,0x10,0xa9,0xce,0x91},
+	{0x78,0x33,0x48,0xe7,0x5a,0xeb,0x0f,0x2f,
+	 0xd7,0xb1,0x69,0xbb,0x8d,0xc1,0x67,0x87},
+	{0xdc,0x49,0xdb,0x13,0x75,0xa5,0x58,0x4f,
+	 0x64,0x85,0xb4,0x13,0xb5,0xf1,0x2b,0xaf},
+	{0x52,0x69,0xf1,0x49,0xd4,0x1b,0xa0,0x15,
+	 0x24,0x97,0x57,0x4d,0x7f,0x15,0x31,0x25},
+	};
+
+unsigned char RC5plain[5][8]={
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x21,0xA5,0xDB,0xEE,0x15,0x4B,0x8F,0x6D},
+	{0xF7,0xC0,0x13,0xAC,0x5B,0x2B,0x89,0x52},
+	{0x2F,0x42,0xB3,0xB7,0x03,0x69,0xFC,0x92},
+	{0x65,0xC1,0x78,0xB2,0x84,0xD1,0x97,0xCC},
+	};
+
+unsigned char RC5cipher[5][8]={
+	{0x21,0xA5,0xDB,0xEE,0x15,0x4B,0x8F,0x6D},
+	{0xF7,0xC0,0x13,0xAC,0x5B,0x2B,0x89,0x52},
+	{0x2F,0x42,0xB3,0xB7,0x03,0x69,0xFC,0x92},
+	{0x65,0xC1,0x78,0xB2,0x84,0xD1,0x97,0xCC},
+	{0xEB,0x44,0xE4,0x15,0xDA,0x31,0x98,0x24},
+	};
+
+#define RC5_CBC_NUM 27
+unsigned char rc5_cbc_cipher[RC5_CBC_NUM][8]={
+	{0x7a,0x7b,0xba,0x4d,0x79,0x11,0x1d,0x1e},
+	{0x79,0x7b,0xba,0x4d,0x78,0x11,0x1d,0x1e},
+	{0x7a,0x7b,0xba,0x4d,0x79,0x11,0x1d,0x1f},
+	{0x7a,0x7b,0xba,0x4d,0x79,0x11,0x1d,0x1f},
+	{0x8b,0x9d,0xed,0x91,0xce,0x77,0x94,0xa6},
+	{0x2f,0x75,0x9f,0xe7,0xad,0x86,0xa3,0x78},
+	{0xdc,0xa2,0x69,0x4b,0xf4,0x0e,0x07,0x88},
+	{0xdc,0xa2,0x69,0x4b,0xf4,0x0e,0x07,0x88},
+	{0xdc,0xfe,0x09,0x85,0x77,0xec,0xa5,0xff},
+	{0x96,0x46,0xfb,0x77,0x63,0x8f,0x9c,0xa8},
+	{0xb2,0xb3,0x20,0x9d,0xb6,0x59,0x4d,0xa4},
+	{0x54,0x5f,0x7f,0x32,0xa5,0xfc,0x38,0x36},
+	{0x82,0x85,0xe7,0xc1,0xb5,0xbc,0x74,0x02},
+	{0xfc,0x58,0x6f,0x92,0xf7,0x08,0x09,0x34},
+	{0xcf,0x27,0x0e,0xf9,0x71,0x7f,0xf7,0xc4},
+	{0xe4,0x93,0xf1,0xc1,0xbb,0x4d,0x6e,0x8c},
+	{0x5c,0x4c,0x04,0x1e,0x0f,0x21,0x7a,0xc3},
+	{0x92,0x1f,0x12,0x48,0x53,0x73,0xb4,0xf7},
+	{0x5b,0xa0,0xca,0x6b,0xbe,0x7f,0x5f,0xad},
+	{0xc5,0x33,0x77,0x1c,0xd0,0x11,0x0e,0x63},
+	{0x29,0x4d,0xdb,0x46,0xb3,0x27,0x8d,0x60},
+	{0xda,0xd6,0xbd,0xa9,0xdf,0xe8,0xf7,0xe8},
+	{0x97,0xe0,0x78,0x78,0x37,0xed,0x31,0x7f},
+	{0x78,0x75,0xdb,0xf6,0x73,0x8c,0x64,0x78},
+	{0x8f,0x34,0xc3,0xc6,0x81,0xc9,0x96,0x95},
+	{0x7c,0xb3,0xf1,0xdf,0x34,0xf9,0x48,0x11},
+	{0x7f,0xd1,0xa0,0x23,0xa5,0xbb,0xa2,0x17},
+	};
+
+unsigned char rc5_cbc_key[RC5_CBC_NUM][17]={
+	{ 1,0x00},
+	{ 1,0x00},
+	{ 1,0x00},
+	{ 1,0x00},
+	{ 1,0x00},
+	{ 1,0x11},
+	{ 1,0x00},
+	{ 4,0x00,0x00,0x00,0x00},
+	{ 1,0x00},
+	{ 1,0x00},
+	{ 1,0x00},
+	{ 1,0x00},
+	{ 4,0x01,0x02,0x03,0x04},
+	{ 4,0x01,0x02,0x03,0x04},
+	{ 4,0x01,0x02,0x03,0x04},
+	{ 8,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
+	{ 8,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
+	{ 8,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
+	{ 8,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
+	{16,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
+	    0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
+	{16,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
+	    0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
+	{16,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
+	    0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
+	{ 5,0x01,0x02,0x03,0x04,0x05},
+	{ 5,0x01,0x02,0x03,0x04,0x05},
+	{ 5,0x01,0x02,0x03,0x04,0x05},
+	{ 5,0x01,0x02,0x03,0x04,0x05},
+	{ 5,0x01,0x02,0x03,0x04,0x05},
+	};
+
+unsigned char rc5_cbc_plain[RC5_CBC_NUM][8]={
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
+	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
+	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
+	{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff},
+	{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff},
+	{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff},
+	{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff},
+	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
+	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
+	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
+	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
+	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
+	{0x10,0x20,0x30,0x40,0x50,0x60,0x70,0x80},
+	{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff},
+	{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff},
+	{0x08,0x08,0x08,0x08,0x08,0x08,0x08,0x08},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x01},
+	};
+
+int rc5_cbc_rounds[RC5_CBC_NUM]={
+	 0, 0, 0, 0, 0, 1, 2, 2,
+	 8, 8,12,16, 8,12,16,12,
+	 8,12,16, 8,12,16,12, 8,
+	 8, 8, 8,
+	};
+
+unsigned char rc5_cbc_iv[RC5_CBC_NUM][8]={
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
+	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
+	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
+	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
+	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
+	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
+	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
+	{0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x78,0x75,0xdb,0xf6,0x73,0x8c,0x64,0x78},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x7c,0xb3,0xf1,0xdf,0x34,0xf9,0x48,0x11},
+	};
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int i,n,err=0;
+	RC5_32_KEY key; 
+	unsigned char buf[8],buf2[8],ivb[8];
+
+	for (n=0; n<5; n++)
+		{
+		RC5_32_set_key(&key,16,&(RC5key[n][0]),12);
+
+		RC5_32_ecb_encrypt(&(RC5plain[n][0]),buf,&key,RC5_ENCRYPT);
+		if (memcmp(&(RC5cipher[n][0]),buf,8) != 0)
+			{
+			printf("ecb RC5 error encrypting (%d)\n",n+1);
+			printf("got     :");
+			for (i=0; i<8; i++)
+				printf("%02X ",buf[i]);
+			printf("\n");
+			printf("expected:");
+			for (i=0; i<8; i++)
+				printf("%02X ",RC5cipher[n][i]);
+			err=20;
+			printf("\n");
+			}
+
+		RC5_32_ecb_encrypt(buf,buf2,&key,RC5_DECRYPT);
+		if (memcmp(&(RC5plain[n][0]),buf2,8) != 0)
+			{
+			printf("ecb RC5 error decrypting (%d)\n",n+1);
+			printf("got     :");
+			for (i=0; i<8; i++)
+				printf("%02X ",buf2[i]);
+			printf("\n");
+			printf("expected:");
+			for (i=0; i<8; i++)
+				printf("%02X ",RC5plain[n][i]);
+			printf("\n");
+			err=3;
+			}
+		}
+	if (err == 0) printf("ecb RC5 ok\n");
+
+	for (n=0; n<RC5_CBC_NUM; n++)
+		{
+		i=rc5_cbc_rounds[n];
+		if (i < 8) continue;
+
+		RC5_32_set_key(&key,rc5_cbc_key[n][0],&(rc5_cbc_key[n][1]),i);
+
+		memcpy(ivb,&(rc5_cbc_iv[n][0]),8);
+		RC5_32_cbc_encrypt(&(rc5_cbc_plain[n][0]),buf,8,
+			&key,&(ivb[0]),RC5_ENCRYPT);
+
+		if (memcmp(&(rc5_cbc_cipher[n][0]),buf,8) != 0)
+			{
+			printf("cbc RC5 error encrypting (%d)\n",n+1);
+			printf("got     :");
+			for (i=0; i<8; i++)
+				printf("%02X ",buf[i]);
+			printf("\n");
+			printf("expected:");
+			for (i=0; i<8; i++)
+				printf("%02X ",rc5_cbc_cipher[n][i]);
+			err=30;
+			printf("\n");
+			}
+
+		memcpy(ivb,&(rc5_cbc_iv[n][0]),8);
+		RC5_32_cbc_encrypt(buf,buf2,8,
+			&key,&(ivb[0]),RC5_DECRYPT);
+		if (memcmp(&(rc5_cbc_plain[n][0]),buf2,8) != 0)
+			{
+			printf("cbc RC5 error decrypting (%d)\n",n+1);
+			printf("got     :");
+			for (i=0; i<8; i++)
+				printf("%02X ",buf2[i]);
+			printf("\n");
+			printf("expected:");
+			for (i=0; i<8; i++)
+				printf("%02X ",rc5_cbc_plain[n][i]);
+			printf("\n");
+			err=3;
+			}
+		}
+	if (err == 0) printf("cbc RC5 ok\n");
+
+	exit(err);
+	return(err);
+	}
+
+#ifdef undef
+static int cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+        {
+        IDEA_KEY_SCHEDULE eks,dks;
+        int err=0,i,n;
+
+        idea_set_encrypt_key(cfb_key,&eks);
+        idea_set_decrypt_key(&eks,&dks);
+        memcpy(cfb_tmp,cfb_iv,8);
+        n=0;
+        idea_cfb64_encrypt(plain,cfb_buf1,(long)12,&eks,
+                cfb_tmp,&n,IDEA_ENCRYPT);
+        idea_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+                (long)CFB_TEST_SIZE-12,&eks,
+                cfb_tmp,&n,IDEA_ENCRYPT);
+        if (memcmp(cfb_cipher,cfb_buf1,CFB_TEST_SIZE) != 0)
+                {
+                err=1;
+                printf("idea_cfb64_encrypt encrypt error\n");
+                for (i=0; i<CFB_TEST_SIZE; i+=8)
+                        printf("%s\n",pt(&(cfb_buf1[i])));
+                }
+        memcpy(cfb_tmp,cfb_iv,8);
+        n=0;
+        idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,&eks,
+                cfb_tmp,&n,IDEA_DECRYPT);
+        idea_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+                (long)CFB_TEST_SIZE-17,&dks,
+                cfb_tmp,&n,IDEA_DECRYPT);
+        if (memcmp(plain,cfb_buf2,CFB_TEST_SIZE) != 0)
+                {
+                err=1;
+                printf("idea_cfb_encrypt decrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf2[i])));
+                }
+        return(err);
+        }
+
+static char *pt(p)
+unsigned char *p;
+	{
+	static char bufs[10][20];
+	static int bnum=0;
+	char *ret;
+	int i;
+	static char *f="0123456789ABCDEF";
+
+	ret= &(bufs[bnum++][0]);
+	bnum%=10;
+	for (i=0; i<8; i++)
+		{
+		ret[i*2]=f[(p[i]>>4)&0xf];
+		ret[i*2+1]=f[p[i]&0xf];
+		}
+	ret[16]='\0';
+	return(ret);
+	}
+	
+#endif
diff --git a/crypto/ripemd/Makefile.ssl b/crypto/ripemd/Makefile.ssl
new file mode 100644
index 0000000000..67d47ceb2c
--- /dev/null
+++ b/crypto/ripemd/Makefile.ssl
@@ -0,0 +1,104 @@
+#
+# SSLeay/crypto/ripemd/Makefile
+#
+
+DIR=    ripemd
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPEND=     makedepend -f Makefile.ssl
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+RIP_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rmdtest.c
+APPS=rmd160.c
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rmd_dgst.c rmd_one.c
+LIBOBJ=rmd_dgst.o rmd_one.o $(RMD160_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= ripemd.h
+HEADER= rmd_locl.h rmdconst.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+# elf
+asm/rm86-elf.o: asm/rm86unix.cpp
+	$(CPP) -DELF asm/rm86unix.cpp | as -o asm/rm86-elf.o
+
+# solaris
+asm/rm86-sol.o: asm/rm86unix.cpp
+	$(CC) -E -DSOL asm/rm86unix.cpp | sed 's/^#.*//' > asm/rm86-sol.s
+	as -o asm/rm86-sol.o asm/rm86-sol.s
+	rm -f asm/rm86-sol.s
+
+# a.out
+asm/rm86-out.o: asm/rm86unix.cpp
+	$(CPP) -DOUT asm/rm86unix.cpp | as -o asm/rm86-out.o
+
+# bsdi
+asm/rm86bsdi.o: asm/rm86unix.cpp
+	$(CPP) -DBSDI asm/rm86unix.cpp | as -o asm/rm86bsdi.o
+
+asm/rm86unix.cpp:
+	(cd asm; perl rmd-586.pl cpp >rm86unix.cpp)
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/ripemd/Makefile.uni b/crypto/ripemd/Makefile.uni
new file mode 100644
index 0000000000..54685712db
--- /dev/null
+++ b/crypto/ripemd/Makefile.uni
@@ -0,0 +1,109 @@
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+# make x86-elf  - linux-elf etc
+# make x86-out  - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+DIR=    md5
+TOP=    .
+CC=     gcc
+CFLAG=	-O3 -fomit-frame-pointer
+
+CPP=    $(CC) -E
+INCLUDES=
+INSTALLTOP=/usr/local/lib
+MAKE=           make
+MAKEDEPEND=     makedepend
+MAKEFILE=       Makefile.uni
+AR=             ar r
+
+MD5_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=md5test
+APPS=md5
+
+LIB=libmd5.a
+LIBSRC=md5_dgst.c md5_one.c
+LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= md5.h
+HEADER= md5_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+all:    $(LIB) $(TEST) $(APPS)
+
+$(LIB):    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/ranlib.sh $(LIB)
+
+# elf
+asm/mx86-elf.o: asm/mx86unix.cpp
+	$(CPP) -DELF asm/mx86unix.cpp | as -o asm/mx86-elf.o
+
+# solaris
+asm/mx86-sol.o: asm/mx86unix.cpp
+	$(CC) -E -DSOL asm/mx86unix.cpp | sed 's/^#.*//' > asm/mx86-sol.s
+	as -o asm/mx86-sol.o asm/mx86-sol.s
+	rm -f asm/mx86-sol.s
+
+# a.out
+asm/mx86-out.o: asm/mx86unix.cpp
+	$(CPP) -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o
+
+# bsdi
+asm/mx86bsdi.o: asm/mx86unix.cpp
+	$(CPP) -DBSDI asm/mx86unix.cpp | as -o asm/mx86bsdi.o
+
+asm/mx86unix.cpp:
+	(cd asm; perl md5-586.pl cpp >mx86unix.cpp)
+
+test:	$(TEST)
+	./$(TEST)
+
+$(TEST): $(TEST).c $(LIB)
+	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
+
+$(APPS): $(APPS).c $(LIB)
+	$(CC) -o $(APPS) $(CFLAGS) $(APPS).c $(LIB)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+cc:
+	$(MAKE) MD5_ASM_OBJ="" CC="cc" CFLAG="-O" all
+
+gcc:
+	$(MAKE) MD5_ASM_OBJ="" CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
+
+x86-elf:
+	$(MAKE) MD5_ASM_OBJ="asm/mx86-elf.o" CFLAG="-DELF -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
+
+x86-out:
+	$(MAKE) MD5_ASM_OBJ="asm/mx86-out.o" CFLAG="-DOUT -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
+
+x86-solaris:
+	$(MAKE) MD5_ASM_OBJ="asm/mx86-sol.o" CFLAG="-DSOL -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
+
+x86-bdsi:
+	$(MAKE) MD5_ASM_OBJ="asm/mx86-bdsi.o" CFLAG="-DBDSI -DMD5_ASM -DL_ENDIAN $(CFLAGS)" all
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/ripemd/README b/crypto/ripemd/README
new file mode 100644
index 0000000000..7097707264
--- /dev/null
+++ b/crypto/ripemd/README
@@ -0,0 +1,15 @@
+RIPEMD-160
+http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
+
+This is my implementation of RIPEMD-160.  The pentium assember is a little
+off the pace since I only get 1050 cycles, while the best is 1013.
+I have a few ideas for how to get another 20 or so cycles, but at
+this point I will not bother right now.  I belive the trick will be
+to remove my 'copy X array onto stack' until inside the RIP1() finctions the
+first time round.  To do this I need another register and will only have one
+temporary one.  A bit tricky....  I can also cleanup the saving of the 5 words
+after the first half of the calculation.  I should read the origional
+value, add then write.  Currently I just save the new and read the origioal.
+I then read both at the end.  Bad.
+
+eric (20-Jan-1998)
diff --git a/crypto/ripemd/asm/rips.cpp b/crypto/ripemd/asm/rips.cpp
new file mode 100644
index 0000000000..78a933c448
--- /dev/null
+++ b/crypto/ripemd/asm/rips.cpp
@@ -0,0 +1,78 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "ripemd.h"
+
+extern "C" {
+void ripemd160_block_x86(RIPEMD160_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[64*256];
+	RIPEMD160_CTX ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=0,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=16;
+	if (num > 250) num=16;
+	numm=num+2;
+	num*=64;
+	numm*=64;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			ripemd160_block_x86(&ctx,buffer,numm);
+			GetTSC(s1);
+			ripemd160_block_x86(&ctx,buffer,numm);
+			GetTSC(e1);
+			GetTSC(s2);
+			ripemd160_block_x86(&ctx,buffer,num);
+			GetTSC(e2);
+			ripemd160_block_x86(&ctx,buffer,num);
+			}
+		printf("ripemd160 (%d bytes) %d %d (%.2f)\n",num,
+			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+		}
+	}
+
diff --git a/crypto/ripemd/asm/rm-win32.asm b/crypto/ripemd/asm/rm-win32.asm
new file mode 100644
index 0000000000..bd38791c13
--- /dev/null
+++ b/crypto/ripemd/asm/rm-win32.asm
@@ -0,0 +1,1972 @@
+	; Don't even think of reading this code
+	; It was automatically generated by rmd-586.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, BSDI,Win32, or Solaris
+	; eric <eay@cryptsoft.com>
+	; 
+	TITLE	rmd-586.asm
+        .386
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_ripemd160_block_x86
+
+_ripemd160_block_x86 PROC NEAR
+	push	esi
+	mov	ecx,		DWORD PTR 16[esp]
+	push	edi
+	mov	esi,		DWORD PTR 16[esp]
+	push	ebp
+	add	ecx,		esi
+	push	ebx
+	sub	ecx,		64
+	sub	esp,		88
+	mov	DWORD PTR [esp],ecx
+	mov	edi,		DWORD PTR 108[esp]
+L000start:
+	; 
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	mov	DWORD PTR 4[esp],eax
+	mov	DWORD PTR 8[esp],ebx
+	mov	eax,		DWORD PTR 8[esi]
+	mov	ebx,		DWORD PTR 12[esi]
+	mov	DWORD PTR 12[esp],eax
+	mov	DWORD PTR 16[esp],ebx
+	mov	eax,		DWORD PTR 16[esi]
+	mov	ebx,		DWORD PTR 20[esi]
+	mov	DWORD PTR 20[esp],eax
+	mov	DWORD PTR 24[esp],ebx
+	mov	eax,		DWORD PTR 24[esi]
+	mov	ebx,		DWORD PTR 28[esi]
+	mov	DWORD PTR 28[esp],eax
+	mov	DWORD PTR 32[esp],ebx
+	mov	eax,		DWORD PTR 32[esi]
+	mov	ebx,		DWORD PTR 36[esi]
+	mov	DWORD PTR 36[esp],eax
+	mov	DWORD PTR 40[esp],ebx
+	mov	eax,		DWORD PTR 40[esi]
+	mov	ebx,		DWORD PTR 44[esi]
+	mov	DWORD PTR 44[esp],eax
+	mov	DWORD PTR 48[esp],ebx
+	mov	eax,		DWORD PTR 48[esi]
+	mov	ebx,		DWORD PTR 52[esi]
+	mov	DWORD PTR 52[esp],eax
+	mov	DWORD PTR 56[esp],ebx
+	mov	eax,		DWORD PTR 56[esi]
+	mov	ebx,		DWORD PTR 60[esi]
+	mov	DWORD PTR 60[esp],eax
+	mov	DWORD PTR 64[esp],ebx
+	add	esi,		64
+	mov	eax,		DWORD PTR [edi]
+	mov	DWORD PTR 112[esp],esi
+	mov	ebx,		DWORD PTR 4[edi]
+	mov	ecx,		DWORD PTR 8[edi]
+	mov	edx,		DWORD PTR 12[edi]
+	mov	ebp,		DWORD PTR 16[edi]
+	; 0
+	mov	esi,		ecx
+	xor	esi,		edx
+	mov	edi,		DWORD PTR 4[esp]
+	xor	esi,		ebx
+	add	eax,		edi
+	rol	ecx,		10
+	add	eax,		esi
+	mov	esi,		ebx
+	rol	eax,		11
+	add	eax,		ebp
+	; 1
+	xor	esi,		ecx
+	mov	edi,		DWORD PTR 8[esp]
+	xor	esi,		eax
+	add	ebp,		esi
+	mov	esi,		eax
+	rol	ebx,		10
+	add	ebp,		edi
+	xor	esi,		ebx
+	rol	ebp,		14
+	add	ebp,		edx
+	; 2
+	mov	edi,		DWORD PTR 12[esp]
+	xor	esi,		ebp
+	add	edx,		edi
+	rol	eax,		10
+	add	edx,		esi
+	mov	esi,		ebp
+	rol	edx,		15
+	add	edx,		ecx
+	; 3
+	xor	esi,		eax
+	mov	edi,		DWORD PTR 16[esp]
+	xor	esi,		edx
+	add	ecx,		esi
+	mov	esi,		edx
+	rol	ebp,		10
+	add	ecx,		edi
+	xor	esi,		ebp
+	rol	ecx,		12
+	add	ecx,		ebx
+	; 4
+	mov	edi,		DWORD PTR 20[esp]
+	xor	esi,		ecx
+	add	ebx,		edi
+	rol	edx,		10
+	add	ebx,		esi
+	mov	esi,		ecx
+	rol	ebx,		5
+	add	ebx,		eax
+	; 5
+	xor	esi,		edx
+	mov	edi,		DWORD PTR 24[esp]
+	xor	esi,		ebx
+	add	eax,		esi
+	mov	esi,		ebx
+	rol	ecx,		10
+	add	eax,		edi
+	xor	esi,		ecx
+	rol	eax,		8
+	add	eax,		ebp
+	; 6
+	mov	edi,		DWORD PTR 28[esp]
+	xor	esi,		eax
+	add	ebp,		edi
+	rol	ebx,		10
+	add	ebp,		esi
+	mov	esi,		eax
+	rol	ebp,		7
+	add	ebp,		edx
+	; 7
+	xor	esi,		ebx
+	mov	edi,		DWORD PTR 32[esp]
+	xor	esi,		ebp
+	add	edx,		esi
+	mov	esi,		ebp
+	rol	eax,		10
+	add	edx,		edi
+	xor	esi,		eax
+	rol	edx,		9
+	add	edx,		ecx
+	; 8
+	mov	edi,		DWORD PTR 36[esp]
+	xor	esi,		edx
+	add	ecx,		edi
+	rol	ebp,		10
+	add	ecx,		esi
+	mov	esi,		edx
+	rol	ecx,		11
+	add	ecx,		ebx
+	; 9
+	xor	esi,		ebp
+	mov	edi,		DWORD PTR 40[esp]
+	xor	esi,		ecx
+	add	ebx,		esi
+	mov	esi,		ecx
+	rol	edx,		10
+	add	ebx,		edi
+	xor	esi,		edx
+	rol	ebx,		13
+	add	ebx,		eax
+	; 10
+	mov	edi,		DWORD PTR 44[esp]
+	xor	esi,		ebx
+	add	eax,		edi
+	rol	ecx,		10
+	add	eax,		esi
+	mov	esi,		ebx
+	rol	eax,		14
+	add	eax,		ebp
+	; 11
+	xor	esi,		ecx
+	mov	edi,		DWORD PTR 48[esp]
+	xor	esi,		eax
+	add	ebp,		esi
+	mov	esi,		eax
+	rol	ebx,		10
+	add	ebp,		edi
+	xor	esi,		ebx
+	rol	ebp,		15
+	add	ebp,		edx
+	; 12
+	mov	edi,		DWORD PTR 52[esp]
+	xor	esi,		ebp
+	add	edx,		edi
+	rol	eax,		10
+	add	edx,		esi
+	mov	esi,		ebp
+	rol	edx,		6
+	add	edx,		ecx
+	; 13
+	xor	esi,		eax
+	mov	edi,		DWORD PTR 56[esp]
+	xor	esi,		edx
+	add	ecx,		esi
+	mov	esi,		edx
+	rol	ebp,		10
+	add	ecx,		edi
+	xor	esi,		ebp
+	rol	ecx,		7
+	add	ecx,		ebx
+	; 14
+	mov	edi,		DWORD PTR 60[esp]
+	xor	esi,		ecx
+	add	ebx,		edi
+	rol	edx,		10
+	add	ebx,		esi
+	mov	esi,		ecx
+	rol	ebx,		9
+	add	ebx,		eax
+	; 15
+	xor	esi,		edx
+	mov	edi,		DWORD PTR 64[esp]
+	xor	esi,		ebx
+	add	eax,		esi
+	mov	esi,		-1
+	rol	ecx,		10
+	add	eax,		edi
+	mov	edi,		DWORD PTR 32[esp]
+	rol	eax,		8
+	add	eax,		ebp
+	; 16
+	add	ebp,		edi
+	mov	edi,		ebx
+	sub	esi,		eax
+	and	edi,		eax
+	and	esi,		ecx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 20[esp]
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1518500249[edi*1+ebp]
+	mov	edi,		-1
+	rol	ebp,		7
+	add	ebp,		edx
+	; 17
+	add	edx,		esi
+	mov	esi,		eax
+	sub	edi,		ebp
+	and	esi,		ebp
+	and	edi,		ebx
+	or	esi,		edi
+	mov	edi,		DWORD PTR 56[esp]
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1518500249[esi*1+edx]
+	mov	esi,		-1
+	rol	edx,		6
+	add	edx,		ecx
+	; 18
+	add	ecx,		edi
+	mov	edi,		ebp
+	sub	esi,		edx
+	and	edi,		edx
+	and	esi,		eax
+	or	edi,		esi
+	mov	esi,		DWORD PTR 8[esp]
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1518500249[edi*1+ecx]
+	mov	edi,		-1
+	rol	ecx,		8
+	add	ecx,		ebx
+	; 19
+	add	ebx,		esi
+	mov	esi,		edx
+	sub	edi,		ecx
+	and	esi,		ecx
+	and	edi,		ebp
+	or	esi,		edi
+	mov	edi,		DWORD PTR 44[esp]
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1518500249[esi*1+ebx]
+	mov	esi,		-1
+	rol	ebx,		13
+	add	ebx,		eax
+	; 20
+	add	eax,		edi
+	mov	edi,		ecx
+	sub	esi,		ebx
+	and	edi,		ebx
+	and	esi,		edx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 28[esp]
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1518500249[edi*1+eax]
+	mov	edi,		-1
+	rol	eax,		11
+	add	eax,		ebp
+	; 21
+	add	ebp,		esi
+	mov	esi,		ebx
+	sub	edi,		eax
+	and	esi,		eax
+	and	edi,		ecx
+	or	esi,		edi
+	mov	edi,		DWORD PTR 64[esp]
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1518500249[esi*1+ebp]
+	mov	esi,		-1
+	rol	ebp,		9
+	add	ebp,		edx
+	; 22
+	add	edx,		edi
+	mov	edi,		eax
+	sub	esi,		ebp
+	and	edi,		ebp
+	and	esi,		ebx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 16[esp]
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1518500249[edi*1+edx]
+	mov	edi,		-1
+	rol	edx,		7
+	add	edx,		ecx
+	; 23
+	add	ecx,		esi
+	mov	esi,		ebp
+	sub	edi,		edx
+	and	esi,		edx
+	and	edi,		eax
+	or	esi,		edi
+	mov	edi,		DWORD PTR 52[esp]
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1518500249[esi*1+ecx]
+	mov	esi,		-1
+	rol	ecx,		15
+	add	ecx,		ebx
+	; 24
+	add	ebx,		edi
+	mov	edi,		edx
+	sub	esi,		ecx
+	and	edi,		ecx
+	and	esi,		ebp
+	or	edi,		esi
+	mov	esi,		DWORD PTR 4[esp]
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1518500249[edi*1+ebx]
+	mov	edi,		-1
+	rol	ebx,		7
+	add	ebx,		eax
+	; 25
+	add	eax,		esi
+	mov	esi,		ecx
+	sub	edi,		ebx
+	and	esi,		ebx
+	and	edi,		edx
+	or	esi,		edi
+	mov	edi,		DWORD PTR 40[esp]
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1518500249[esi*1+eax]
+	mov	esi,		-1
+	rol	eax,		12
+	add	eax,		ebp
+	; 26
+	add	ebp,		edi
+	mov	edi,		ebx
+	sub	esi,		eax
+	and	edi,		eax
+	and	esi,		ecx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 24[esp]
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1518500249[edi*1+ebp]
+	mov	edi,		-1
+	rol	ebp,		15
+	add	ebp,		edx
+	; 27
+	add	edx,		esi
+	mov	esi,		eax
+	sub	edi,		ebp
+	and	esi,		ebp
+	and	edi,		ebx
+	or	esi,		edi
+	mov	edi,		DWORD PTR 12[esp]
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1518500249[esi*1+edx]
+	mov	esi,		-1
+	rol	edx,		9
+	add	edx,		ecx
+	; 28
+	add	ecx,		edi
+	mov	edi,		ebp
+	sub	esi,		edx
+	and	edi,		edx
+	and	esi,		eax
+	or	edi,		esi
+	mov	esi,		DWORD PTR 60[esp]
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1518500249[edi*1+ecx]
+	mov	edi,		-1
+	rol	ecx,		11
+	add	ecx,		ebx
+	; 29
+	add	ebx,		esi
+	mov	esi,		edx
+	sub	edi,		ecx
+	and	esi,		ecx
+	and	edi,		ebp
+	or	esi,		edi
+	mov	edi,		DWORD PTR 48[esp]
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1518500249[esi*1+ebx]
+	mov	esi,		-1
+	rol	ebx,		7
+	add	ebx,		eax
+	; 30
+	add	eax,		edi
+	mov	edi,		ecx
+	sub	esi,		ebx
+	and	edi,		ebx
+	and	esi,		edx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 36[esp]
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1518500249[edi*1+eax]
+	mov	edi,		-1
+	rol	eax,		13
+	add	eax,		ebp
+	; 31
+	add	ebp,		esi
+	mov	esi,		ebx
+	sub	edi,		eax
+	and	esi,		eax
+	and	edi,		ecx
+	or	esi,		edi
+	mov	edi,		-1
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1518500249[esi*1+ebp]
+	sub	edi,		eax
+	rol	ebp,		12
+	add	ebp,		edx
+	; 32
+	mov	esi,		DWORD PTR 16[esp]
+	or	edi,		ebp
+	add	edx,		esi
+	xor	edi,		ebx
+	mov	esi,		-1
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1859775393[edi*1+edx]
+	sub	esi,		ebp
+	rol	edx,		11
+	add	edx,		ecx
+	; 33
+	mov	edi,		DWORD PTR 44[esp]
+	or	esi,		edx
+	add	ecx,		edi
+	xor	esi,		eax
+	mov	edi,		-1
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1859775393[esi*1+ecx]
+	sub	edi,		edx
+	rol	ecx,		13
+	add	ecx,		ebx
+	; 34
+	mov	esi,		DWORD PTR 60[esp]
+	or	edi,		ecx
+	add	ebx,		esi
+	xor	edi,		ebp
+	mov	esi,		-1
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1859775393[edi*1+ebx]
+	sub	esi,		ecx
+	rol	ebx,		6
+	add	ebx,		eax
+	; 35
+	mov	edi,		DWORD PTR 20[esp]
+	or	esi,		ebx
+	add	eax,		edi
+	xor	esi,		edx
+	mov	edi,		-1
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1859775393[esi*1+eax]
+	sub	edi,		ebx
+	rol	eax,		7
+	add	eax,		ebp
+	; 36
+	mov	esi,		DWORD PTR 40[esp]
+	or	edi,		eax
+	add	ebp,		esi
+	xor	edi,		ecx
+	mov	esi,		-1
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1859775393[edi*1+ebp]
+	sub	esi,		eax
+	rol	ebp,		14
+	add	ebp,		edx
+	; 37
+	mov	edi,		DWORD PTR 64[esp]
+	or	esi,		ebp
+	add	edx,		edi
+	xor	esi,		ebx
+	mov	edi,		-1
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1859775393[esi*1+edx]
+	sub	edi,		ebp
+	rol	edx,		9
+	add	edx,		ecx
+	; 38
+	mov	esi,		DWORD PTR 36[esp]
+	or	edi,		edx
+	add	ecx,		esi
+	xor	edi,		eax
+	mov	esi,		-1
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1859775393[edi*1+ecx]
+	sub	esi,		edx
+	rol	ecx,		13
+	add	ecx,		ebx
+	; 39
+	mov	edi,		DWORD PTR 8[esp]
+	or	esi,		ecx
+	add	ebx,		edi
+	xor	esi,		ebp
+	mov	edi,		-1
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1859775393[esi*1+ebx]
+	sub	edi,		ecx
+	rol	ebx,		15
+	add	ebx,		eax
+	; 40
+	mov	esi,		DWORD PTR 12[esp]
+	or	edi,		ebx
+	add	eax,		esi
+	xor	edi,		edx
+	mov	esi,		-1
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1859775393[edi*1+eax]
+	sub	esi,		ebx
+	rol	eax,		14
+	add	eax,		ebp
+	; 41
+	mov	edi,		DWORD PTR 32[esp]
+	or	esi,		eax
+	add	ebp,		edi
+	xor	esi,		ecx
+	mov	edi,		-1
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1859775393[esi*1+ebp]
+	sub	edi,		eax
+	rol	ebp,		8
+	add	ebp,		edx
+	; 42
+	mov	esi,		DWORD PTR 4[esp]
+	or	edi,		ebp
+	add	edx,		esi
+	xor	edi,		ebx
+	mov	esi,		-1
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1859775393[edi*1+edx]
+	sub	esi,		ebp
+	rol	edx,		13
+	add	edx,		ecx
+	; 43
+	mov	edi,		DWORD PTR 28[esp]
+	or	esi,		edx
+	add	ecx,		edi
+	xor	esi,		eax
+	mov	edi,		-1
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1859775393[esi*1+ecx]
+	sub	edi,		edx
+	rol	ecx,		6
+	add	ecx,		ebx
+	; 44
+	mov	esi,		DWORD PTR 56[esp]
+	or	edi,		ecx
+	add	ebx,		esi
+	xor	edi,		ebp
+	mov	esi,		-1
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1859775393[edi*1+ebx]
+	sub	esi,		ecx
+	rol	ebx,		5
+	add	ebx,		eax
+	; 45
+	mov	edi,		DWORD PTR 48[esp]
+	or	esi,		ebx
+	add	eax,		edi
+	xor	esi,		edx
+	mov	edi,		-1
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1859775393[esi*1+eax]
+	sub	edi,		ebx
+	rol	eax,		12
+	add	eax,		ebp
+	; 46
+	mov	esi,		DWORD PTR 24[esp]
+	or	edi,		eax
+	add	ebp,		esi
+	xor	edi,		ecx
+	mov	esi,		-1
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1859775393[edi*1+ebp]
+	sub	esi,		eax
+	rol	ebp,		7
+	add	ebp,		edx
+	; 47
+	mov	edi,		DWORD PTR 52[esp]
+	or	esi,		ebp
+	add	edx,		edi
+	xor	esi,		ebx
+	mov	edi,		-1
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1859775393[esi*1+edx]
+	mov	esi,		eax
+	rol	edx,		5
+	add	edx,		ecx
+	; 48
+	sub	edi,		eax
+	and	esi,		edx
+	and	edi,		ebp
+	or	edi,		esi
+	mov	esi,		DWORD PTR 8[esp]
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 2400959708[edi+ecx]
+	mov	edi,		-1
+	add	ecx,		esi
+	mov	esi,		ebp
+	rol	ecx,		11
+	add	ecx,		ebx
+	; 49
+	sub	edi,		ebp
+	and	esi,		ecx
+	and	edi,		edx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 40[esp]
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 2400959708[edi+ebx]
+	mov	edi,		-1
+	add	ebx,		esi
+	mov	esi,		edx
+	rol	ebx,		12
+	add	ebx,		eax
+	; 50
+	sub	edi,		edx
+	and	esi,		ebx
+	and	edi,		ecx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 48[esp]
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 2400959708[edi+eax]
+	mov	edi,		-1
+	add	eax,		esi
+	mov	esi,		ecx
+	rol	eax,		14
+	add	eax,		ebp
+	; 51
+	sub	edi,		ecx
+	and	esi,		eax
+	and	edi,		ebx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 44[esp]
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 2400959708[edi+ebp]
+	mov	edi,		-1
+	add	ebp,		esi
+	mov	esi,		ebx
+	rol	ebp,		15
+	add	ebp,		edx
+	; 52
+	sub	edi,		ebx
+	and	esi,		ebp
+	and	edi,		eax
+	or	edi,		esi
+	mov	esi,		DWORD PTR 4[esp]
+	rol	eax,		10
+	lea	edx,		DWORD PTR 2400959708[edi+edx]
+	mov	edi,		-1
+	add	edx,		esi
+	mov	esi,		eax
+	rol	edx,		14
+	add	edx,		ecx
+	; 53
+	sub	edi,		eax
+	and	esi,		edx
+	and	edi,		ebp
+	or	edi,		esi
+	mov	esi,		DWORD PTR 36[esp]
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 2400959708[edi+ecx]
+	mov	edi,		-1
+	add	ecx,		esi
+	mov	esi,		ebp
+	rol	ecx,		15
+	add	ecx,		ebx
+	; 54
+	sub	edi,		ebp
+	and	esi,		ecx
+	and	edi,		edx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 52[esp]
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 2400959708[edi+ebx]
+	mov	edi,		-1
+	add	ebx,		esi
+	mov	esi,		edx
+	rol	ebx,		9
+	add	ebx,		eax
+	; 55
+	sub	edi,		edx
+	and	esi,		ebx
+	and	edi,		ecx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 20[esp]
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 2400959708[edi+eax]
+	mov	edi,		-1
+	add	eax,		esi
+	mov	esi,		ecx
+	rol	eax,		8
+	add	eax,		ebp
+	; 56
+	sub	edi,		ecx
+	and	esi,		eax
+	and	edi,		ebx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 56[esp]
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 2400959708[edi+ebp]
+	mov	edi,		-1
+	add	ebp,		esi
+	mov	esi,		ebx
+	rol	ebp,		9
+	add	ebp,		edx
+	; 57
+	sub	edi,		ebx
+	and	esi,		ebp
+	and	edi,		eax
+	or	edi,		esi
+	mov	esi,		DWORD PTR 16[esp]
+	rol	eax,		10
+	lea	edx,		DWORD PTR 2400959708[edi+edx]
+	mov	edi,		-1
+	add	edx,		esi
+	mov	esi,		eax
+	rol	edx,		14
+	add	edx,		ecx
+	; 58
+	sub	edi,		eax
+	and	esi,		edx
+	and	edi,		ebp
+	or	edi,		esi
+	mov	esi,		DWORD PTR 32[esp]
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 2400959708[edi+ecx]
+	mov	edi,		-1
+	add	ecx,		esi
+	mov	esi,		ebp
+	rol	ecx,		5
+	add	ecx,		ebx
+	; 59
+	sub	edi,		ebp
+	and	esi,		ecx
+	and	edi,		edx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 64[esp]
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 2400959708[edi+ebx]
+	mov	edi,		-1
+	add	ebx,		esi
+	mov	esi,		edx
+	rol	ebx,		6
+	add	ebx,		eax
+	; 60
+	sub	edi,		edx
+	and	esi,		ebx
+	and	edi,		ecx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 60[esp]
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 2400959708[edi+eax]
+	mov	edi,		-1
+	add	eax,		esi
+	mov	esi,		ecx
+	rol	eax,		8
+	add	eax,		ebp
+	; 61
+	sub	edi,		ecx
+	and	esi,		eax
+	and	edi,		ebx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 24[esp]
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 2400959708[edi+ebp]
+	mov	edi,		-1
+	add	ebp,		esi
+	mov	esi,		ebx
+	rol	ebp,		6
+	add	ebp,		edx
+	; 62
+	sub	edi,		ebx
+	and	esi,		ebp
+	and	edi,		eax
+	or	edi,		esi
+	mov	esi,		DWORD PTR 28[esp]
+	rol	eax,		10
+	lea	edx,		DWORD PTR 2400959708[edi+edx]
+	mov	edi,		-1
+	add	edx,		esi
+	mov	esi,		eax
+	rol	edx,		5
+	add	edx,		ecx
+	; 63
+	sub	edi,		eax
+	and	esi,		edx
+	and	edi,		ebp
+	or	edi,		esi
+	mov	esi,		DWORD PTR 12[esp]
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 2400959708[edi+ecx]
+	mov	edi,		-1
+	add	ecx,		esi
+	sub	edi,		ebp
+	rol	ecx,		12
+	add	ecx,		ebx
+	; 64
+	mov	esi,		DWORD PTR 20[esp]
+	or	edi,		edx
+	add	ebx,		esi
+	xor	edi,		ecx
+	mov	esi,		-1
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 2840853838[edi*1+ebx]
+	sub	esi,		edx
+	rol	ebx,		9
+	add	ebx,		eax
+	; 65
+	mov	edi,		DWORD PTR 4[esp]
+	or	esi,		ecx
+	add	eax,		edi
+	xor	esi,		ebx
+	mov	edi,		-1
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 2840853838[esi*1+eax]
+	sub	edi,		ecx
+	rol	eax,		15
+	add	eax,		ebp
+	; 66
+	mov	esi,		DWORD PTR 24[esp]
+	or	edi,		ebx
+	add	ebp,		esi
+	xor	edi,		eax
+	mov	esi,		-1
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 2840853838[edi*1+ebp]
+	sub	esi,		ebx
+	rol	ebp,		5
+	add	ebp,		edx
+	; 67
+	mov	edi,		DWORD PTR 40[esp]
+	or	esi,		eax
+	add	edx,		edi
+	xor	esi,		ebp
+	mov	edi,		-1
+	rol	eax,		10
+	lea	edx,		DWORD PTR 2840853838[esi*1+edx]
+	sub	edi,		eax
+	rol	edx,		11
+	add	edx,		ecx
+	; 68
+	mov	esi,		DWORD PTR 32[esp]
+	or	edi,		ebp
+	add	ecx,		esi
+	xor	edi,		edx
+	mov	esi,		-1
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 2840853838[edi*1+ecx]
+	sub	esi,		ebp
+	rol	ecx,		6
+	add	ecx,		ebx
+	; 69
+	mov	edi,		DWORD PTR 52[esp]
+	or	esi,		edx
+	add	ebx,		edi
+	xor	esi,		ecx
+	mov	edi,		-1
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 2840853838[esi*1+ebx]
+	sub	edi,		edx
+	rol	ebx,		8
+	add	ebx,		eax
+	; 70
+	mov	esi,		DWORD PTR 12[esp]
+	or	edi,		ecx
+	add	eax,		esi
+	xor	edi,		ebx
+	mov	esi,		-1
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 2840853838[edi*1+eax]
+	sub	esi,		ecx
+	rol	eax,		13
+	add	eax,		ebp
+	; 71
+	mov	edi,		DWORD PTR 44[esp]
+	or	esi,		ebx
+	add	ebp,		edi
+	xor	esi,		eax
+	mov	edi,		-1
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 2840853838[esi*1+ebp]
+	sub	edi,		ebx
+	rol	ebp,		12
+	add	ebp,		edx
+	; 72
+	mov	esi,		DWORD PTR 60[esp]
+	or	edi,		eax
+	add	edx,		esi
+	xor	edi,		ebp
+	mov	esi,		-1
+	rol	eax,		10
+	lea	edx,		DWORD PTR 2840853838[edi*1+edx]
+	sub	esi,		eax
+	rol	edx,		5
+	add	edx,		ecx
+	; 73
+	mov	edi,		DWORD PTR 8[esp]
+	or	esi,		ebp
+	add	ecx,		edi
+	xor	esi,		edx
+	mov	edi,		-1
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 2840853838[esi*1+ecx]
+	sub	edi,		ebp
+	rol	ecx,		12
+	add	ecx,		ebx
+	; 74
+	mov	esi,		DWORD PTR 16[esp]
+	or	edi,		edx
+	add	ebx,		esi
+	xor	edi,		ecx
+	mov	esi,		-1
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 2840853838[edi*1+ebx]
+	sub	esi,		edx
+	rol	ebx,		13
+	add	ebx,		eax
+	; 75
+	mov	edi,		DWORD PTR 36[esp]
+	or	esi,		ecx
+	add	eax,		edi
+	xor	esi,		ebx
+	mov	edi,		-1
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 2840853838[esi*1+eax]
+	sub	edi,		ecx
+	rol	eax,		14
+	add	eax,		ebp
+	; 76
+	mov	esi,		DWORD PTR 48[esp]
+	or	edi,		ebx
+	add	ebp,		esi
+	xor	edi,		eax
+	mov	esi,		-1
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 2840853838[edi*1+ebp]
+	sub	esi,		ebx
+	rol	ebp,		11
+	add	ebp,		edx
+	; 77
+	mov	edi,		DWORD PTR 28[esp]
+	or	esi,		eax
+	add	edx,		edi
+	xor	esi,		ebp
+	mov	edi,		-1
+	rol	eax,		10
+	lea	edx,		DWORD PTR 2840853838[esi*1+edx]
+	sub	edi,		eax
+	rol	edx,		8
+	add	edx,		ecx
+	; 78
+	mov	esi,		DWORD PTR 64[esp]
+	or	edi,		ebp
+	add	ecx,		esi
+	xor	edi,		edx
+	mov	esi,		-1
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 2840853838[edi*1+ecx]
+	sub	esi,		ebp
+	rol	ecx,		5
+	add	ecx,		ebx
+	; 79
+	mov	edi,		DWORD PTR 56[esp]
+	or	esi,		edx
+	add	ebx,		edi
+	xor	esi,		ecx
+	mov	edi,		DWORD PTR 108[esp]
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 2840853838[esi*1+ebx]
+	mov	DWORD PTR 68[esp],eax
+	rol	ebx,		6
+	add	ebx,		eax
+	mov	eax,		DWORD PTR [edi]
+	mov	DWORD PTR 72[esp],ebx
+	mov	DWORD PTR 76[esp],ecx
+	mov	ebx,		DWORD PTR 4[edi]
+	mov	DWORD PTR 80[esp],edx
+	mov	ecx,		DWORD PTR 8[edi]
+	mov	DWORD PTR 84[esp],ebp
+	mov	edx,		DWORD PTR 12[edi]
+	mov	ebp,		DWORD PTR 16[edi]
+	; 80
+	mov	edi,		-1
+	sub	edi,		edx
+	mov	esi,		DWORD PTR 24[esp]
+	or	edi,		ecx
+	add	eax,		esi
+	xor	edi,		ebx
+	mov	esi,		-1
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1352829926[edi*1+eax]
+	sub	esi,		ecx
+	rol	eax,		8
+	add	eax,		ebp
+	; 81
+	mov	edi,		DWORD PTR 60[esp]
+	or	esi,		ebx
+	add	ebp,		edi
+	xor	esi,		eax
+	mov	edi,		-1
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1352829926[esi*1+ebp]
+	sub	edi,		ebx
+	rol	ebp,		9
+	add	ebp,		edx
+	; 82
+	mov	esi,		DWORD PTR 32[esp]
+	or	edi,		eax
+	add	edx,		esi
+	xor	edi,		ebp
+	mov	esi,		-1
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1352829926[edi*1+edx]
+	sub	esi,		eax
+	rol	edx,		9
+	add	edx,		ecx
+	; 83
+	mov	edi,		DWORD PTR 4[esp]
+	or	esi,		ebp
+	add	ecx,		edi
+	xor	esi,		edx
+	mov	edi,		-1
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1352829926[esi*1+ecx]
+	sub	edi,		ebp
+	rol	ecx,		11
+	add	ecx,		ebx
+	; 84
+	mov	esi,		DWORD PTR 40[esp]
+	or	edi,		edx
+	add	ebx,		esi
+	xor	edi,		ecx
+	mov	esi,		-1
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1352829926[edi*1+ebx]
+	sub	esi,		edx
+	rol	ebx,		13
+	add	ebx,		eax
+	; 85
+	mov	edi,		DWORD PTR 12[esp]
+	or	esi,		ecx
+	add	eax,		edi
+	xor	esi,		ebx
+	mov	edi,		-1
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1352829926[esi*1+eax]
+	sub	edi,		ecx
+	rol	eax,		15
+	add	eax,		ebp
+	; 86
+	mov	esi,		DWORD PTR 48[esp]
+	or	edi,		ebx
+	add	ebp,		esi
+	xor	edi,		eax
+	mov	esi,		-1
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1352829926[edi*1+ebp]
+	sub	esi,		ebx
+	rol	ebp,		15
+	add	ebp,		edx
+	; 87
+	mov	edi,		DWORD PTR 20[esp]
+	or	esi,		eax
+	add	edx,		edi
+	xor	esi,		ebp
+	mov	edi,		-1
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1352829926[esi*1+edx]
+	sub	edi,		eax
+	rol	edx,		5
+	add	edx,		ecx
+	; 88
+	mov	esi,		DWORD PTR 56[esp]
+	or	edi,		ebp
+	add	ecx,		esi
+	xor	edi,		edx
+	mov	esi,		-1
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1352829926[edi*1+ecx]
+	sub	esi,		ebp
+	rol	ecx,		7
+	add	ecx,		ebx
+	; 89
+	mov	edi,		DWORD PTR 28[esp]
+	or	esi,		edx
+	add	ebx,		edi
+	xor	esi,		ecx
+	mov	edi,		-1
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1352829926[esi*1+ebx]
+	sub	edi,		edx
+	rol	ebx,		7
+	add	ebx,		eax
+	; 90
+	mov	esi,		DWORD PTR 64[esp]
+	or	edi,		ecx
+	add	eax,		esi
+	xor	edi,		ebx
+	mov	esi,		-1
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1352829926[edi*1+eax]
+	sub	esi,		ecx
+	rol	eax,		8
+	add	eax,		ebp
+	; 91
+	mov	edi,		DWORD PTR 36[esp]
+	or	esi,		ebx
+	add	ebp,		edi
+	xor	esi,		eax
+	mov	edi,		-1
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1352829926[esi*1+ebp]
+	sub	edi,		ebx
+	rol	ebp,		11
+	add	ebp,		edx
+	; 92
+	mov	esi,		DWORD PTR 8[esp]
+	or	edi,		eax
+	add	edx,		esi
+	xor	edi,		ebp
+	mov	esi,		-1
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1352829926[edi*1+edx]
+	sub	esi,		eax
+	rol	edx,		14
+	add	edx,		ecx
+	; 93
+	mov	edi,		DWORD PTR 44[esp]
+	or	esi,		ebp
+	add	ecx,		edi
+	xor	esi,		edx
+	mov	edi,		-1
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1352829926[esi*1+ecx]
+	sub	edi,		ebp
+	rol	ecx,		14
+	add	ecx,		ebx
+	; 94
+	mov	esi,		DWORD PTR 16[esp]
+	or	edi,		edx
+	add	ebx,		esi
+	xor	edi,		ecx
+	mov	esi,		-1
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1352829926[edi*1+ebx]
+	sub	esi,		edx
+	rol	ebx,		12
+	add	ebx,		eax
+	; 95
+	mov	edi,		DWORD PTR 52[esp]
+	or	esi,		ecx
+	add	eax,		edi
+	xor	esi,		ebx
+	mov	edi,		-1
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1352829926[esi*1+eax]
+	mov	esi,		ecx
+	rol	eax,		6
+	add	eax,		ebp
+	; 96
+	sub	edi,		ecx
+	and	esi,		eax
+	and	edi,		ebx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 28[esp]
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1548603684[edi+ebp]
+	mov	edi,		-1
+	add	ebp,		esi
+	mov	esi,		ebx
+	rol	ebp,		9
+	add	ebp,		edx
+	; 97
+	sub	edi,		ebx
+	and	esi,		ebp
+	and	edi,		eax
+	or	edi,		esi
+	mov	esi,		DWORD PTR 48[esp]
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1548603684[edi+edx]
+	mov	edi,		-1
+	add	edx,		esi
+	mov	esi,		eax
+	rol	edx,		13
+	add	edx,		ecx
+	; 98
+	sub	edi,		eax
+	and	esi,		edx
+	and	edi,		ebp
+	or	edi,		esi
+	mov	esi,		DWORD PTR 16[esp]
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1548603684[edi+ecx]
+	mov	edi,		-1
+	add	ecx,		esi
+	mov	esi,		ebp
+	rol	ecx,		15
+	add	ecx,		ebx
+	; 99
+	sub	edi,		ebp
+	and	esi,		ecx
+	and	edi,		edx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 32[esp]
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1548603684[edi+ebx]
+	mov	edi,		-1
+	add	ebx,		esi
+	mov	esi,		edx
+	rol	ebx,		7
+	add	ebx,		eax
+	; 100
+	sub	edi,		edx
+	and	esi,		ebx
+	and	edi,		ecx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 4[esp]
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1548603684[edi+eax]
+	mov	edi,		-1
+	add	eax,		esi
+	mov	esi,		ecx
+	rol	eax,		12
+	add	eax,		ebp
+	; 101
+	sub	edi,		ecx
+	and	esi,		eax
+	and	edi,		ebx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 56[esp]
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1548603684[edi+ebp]
+	mov	edi,		-1
+	add	ebp,		esi
+	mov	esi,		ebx
+	rol	ebp,		8
+	add	ebp,		edx
+	; 102
+	sub	edi,		ebx
+	and	esi,		ebp
+	and	edi,		eax
+	or	edi,		esi
+	mov	esi,		DWORD PTR 24[esp]
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1548603684[edi+edx]
+	mov	edi,		-1
+	add	edx,		esi
+	mov	esi,		eax
+	rol	edx,		9
+	add	edx,		ecx
+	; 103
+	sub	edi,		eax
+	and	esi,		edx
+	and	edi,		ebp
+	or	edi,		esi
+	mov	esi,		DWORD PTR 44[esp]
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1548603684[edi+ecx]
+	mov	edi,		-1
+	add	ecx,		esi
+	mov	esi,		ebp
+	rol	ecx,		11
+	add	ecx,		ebx
+	; 104
+	sub	edi,		ebp
+	and	esi,		ecx
+	and	edi,		edx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 60[esp]
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1548603684[edi+ebx]
+	mov	edi,		-1
+	add	ebx,		esi
+	mov	esi,		edx
+	rol	ebx,		7
+	add	ebx,		eax
+	; 105
+	sub	edi,		edx
+	and	esi,		ebx
+	and	edi,		ecx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 64[esp]
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1548603684[edi+eax]
+	mov	edi,		-1
+	add	eax,		esi
+	mov	esi,		ecx
+	rol	eax,		7
+	add	eax,		ebp
+	; 106
+	sub	edi,		ecx
+	and	esi,		eax
+	and	edi,		ebx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 36[esp]
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1548603684[edi+ebp]
+	mov	edi,		-1
+	add	ebp,		esi
+	mov	esi,		ebx
+	rol	ebp,		12
+	add	ebp,		edx
+	; 107
+	sub	edi,		ebx
+	and	esi,		ebp
+	and	edi,		eax
+	or	edi,		esi
+	mov	esi,		DWORD PTR 52[esp]
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1548603684[edi+edx]
+	mov	edi,		-1
+	add	edx,		esi
+	mov	esi,		eax
+	rol	edx,		7
+	add	edx,		ecx
+	; 108
+	sub	edi,		eax
+	and	esi,		edx
+	and	edi,		ebp
+	or	edi,		esi
+	mov	esi,		DWORD PTR 20[esp]
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1548603684[edi+ecx]
+	mov	edi,		-1
+	add	ecx,		esi
+	mov	esi,		ebp
+	rol	ecx,		6
+	add	ecx,		ebx
+	; 109
+	sub	edi,		ebp
+	and	esi,		ecx
+	and	edi,		edx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 40[esp]
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1548603684[edi+ebx]
+	mov	edi,		-1
+	add	ebx,		esi
+	mov	esi,		edx
+	rol	ebx,		15
+	add	ebx,		eax
+	; 110
+	sub	edi,		edx
+	and	esi,		ebx
+	and	edi,		ecx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 8[esp]
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1548603684[edi+eax]
+	mov	edi,		-1
+	add	eax,		esi
+	mov	esi,		ecx
+	rol	eax,		13
+	add	eax,		ebp
+	; 111
+	sub	edi,		ecx
+	and	esi,		eax
+	and	edi,		ebx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 12[esp]
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1548603684[edi+ebp]
+	mov	edi,		-1
+	add	ebp,		esi
+	sub	edi,		eax
+	rol	ebp,		11
+	add	ebp,		edx
+	; 112
+	mov	esi,		DWORD PTR 64[esp]
+	or	edi,		ebp
+	add	edx,		esi
+	xor	edi,		ebx
+	mov	esi,		-1
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1836072691[edi*1+edx]
+	sub	esi,		ebp
+	rol	edx,		9
+	add	edx,		ecx
+	; 113
+	mov	edi,		DWORD PTR 24[esp]
+	or	esi,		edx
+	add	ecx,		edi
+	xor	esi,		eax
+	mov	edi,		-1
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1836072691[esi*1+ecx]
+	sub	edi,		edx
+	rol	ecx,		7
+	add	ecx,		ebx
+	; 114
+	mov	esi,		DWORD PTR 8[esp]
+	or	edi,		ecx
+	add	ebx,		esi
+	xor	edi,		ebp
+	mov	esi,		-1
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1836072691[edi*1+ebx]
+	sub	esi,		ecx
+	rol	ebx,		15
+	add	ebx,		eax
+	; 115
+	mov	edi,		DWORD PTR 16[esp]
+	or	esi,		ebx
+	add	eax,		edi
+	xor	esi,		edx
+	mov	edi,		-1
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1836072691[esi*1+eax]
+	sub	edi,		ebx
+	rol	eax,		11
+	add	eax,		ebp
+	; 116
+	mov	esi,		DWORD PTR 32[esp]
+	or	edi,		eax
+	add	ebp,		esi
+	xor	edi,		ecx
+	mov	esi,		-1
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1836072691[edi*1+ebp]
+	sub	esi,		eax
+	rol	ebp,		8
+	add	ebp,		edx
+	; 117
+	mov	edi,		DWORD PTR 60[esp]
+	or	esi,		ebp
+	add	edx,		edi
+	xor	esi,		ebx
+	mov	edi,		-1
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1836072691[esi*1+edx]
+	sub	edi,		ebp
+	rol	edx,		6
+	add	edx,		ecx
+	; 118
+	mov	esi,		DWORD PTR 28[esp]
+	or	edi,		edx
+	add	ecx,		esi
+	xor	edi,		eax
+	mov	esi,		-1
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1836072691[edi*1+ecx]
+	sub	esi,		edx
+	rol	ecx,		6
+	add	ecx,		ebx
+	; 119
+	mov	edi,		DWORD PTR 40[esp]
+	or	esi,		ecx
+	add	ebx,		edi
+	xor	esi,		ebp
+	mov	edi,		-1
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1836072691[esi*1+ebx]
+	sub	edi,		ecx
+	rol	ebx,		14
+	add	ebx,		eax
+	; 120
+	mov	esi,		DWORD PTR 48[esp]
+	or	edi,		ebx
+	add	eax,		esi
+	xor	edi,		edx
+	mov	esi,		-1
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1836072691[edi*1+eax]
+	sub	esi,		ebx
+	rol	eax,		12
+	add	eax,		ebp
+	; 121
+	mov	edi,		DWORD PTR 36[esp]
+	or	esi,		eax
+	add	ebp,		edi
+	xor	esi,		ecx
+	mov	edi,		-1
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1836072691[esi*1+ebp]
+	sub	edi,		eax
+	rol	ebp,		13
+	add	ebp,		edx
+	; 122
+	mov	esi,		DWORD PTR 52[esp]
+	or	edi,		ebp
+	add	edx,		esi
+	xor	edi,		ebx
+	mov	esi,		-1
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1836072691[edi*1+edx]
+	sub	esi,		ebp
+	rol	edx,		5
+	add	edx,		ecx
+	; 123
+	mov	edi,		DWORD PTR 12[esp]
+	or	esi,		edx
+	add	ecx,		edi
+	xor	esi,		eax
+	mov	edi,		-1
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 1836072691[esi*1+ecx]
+	sub	edi,		edx
+	rol	ecx,		14
+	add	ecx,		ebx
+	; 124
+	mov	esi,		DWORD PTR 44[esp]
+	or	edi,		ecx
+	add	ebx,		esi
+	xor	edi,		ebp
+	mov	esi,		-1
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 1836072691[edi*1+ebx]
+	sub	esi,		ecx
+	rol	ebx,		13
+	add	ebx,		eax
+	; 125
+	mov	edi,		DWORD PTR 4[esp]
+	or	esi,		ebx
+	add	eax,		edi
+	xor	esi,		edx
+	mov	edi,		-1
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 1836072691[esi*1+eax]
+	sub	edi,		ebx
+	rol	eax,		13
+	add	eax,		ebp
+	; 126
+	mov	esi,		DWORD PTR 20[esp]
+	or	edi,		eax
+	add	ebp,		esi
+	xor	edi,		ecx
+	mov	esi,		-1
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 1836072691[edi*1+ebp]
+	sub	esi,		eax
+	rol	ebp,		7
+	add	ebp,		edx
+	; 127
+	mov	edi,		DWORD PTR 56[esp]
+	or	esi,		ebp
+	add	edx,		edi
+	xor	esi,		ebx
+	mov	edi,		DWORD PTR 36[esp]
+	rol	eax,		10
+	lea	edx,		DWORD PTR 1836072691[esi*1+edx]
+	mov	esi,		-1
+	rol	edx,		5
+	add	edx,		ecx
+	; 128
+	add	ecx,		edi
+	mov	edi,		ebp
+	sub	esi,		edx
+	and	edi,		edx
+	and	esi,		eax
+	or	edi,		esi
+	mov	esi,		DWORD PTR 28[esp]
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 2053994217[edi*1+ecx]
+	mov	edi,		-1
+	rol	ecx,		15
+	add	ecx,		ebx
+	; 129
+	add	ebx,		esi
+	mov	esi,		edx
+	sub	edi,		ecx
+	and	esi,		ecx
+	and	edi,		ebp
+	or	esi,		edi
+	mov	edi,		DWORD PTR 20[esp]
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 2053994217[esi*1+ebx]
+	mov	esi,		-1
+	rol	ebx,		5
+	add	ebx,		eax
+	; 130
+	add	eax,		edi
+	mov	edi,		ecx
+	sub	esi,		ebx
+	and	edi,		ebx
+	and	esi,		edx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 8[esp]
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 2053994217[edi*1+eax]
+	mov	edi,		-1
+	rol	eax,		8
+	add	eax,		ebp
+	; 131
+	add	ebp,		esi
+	mov	esi,		ebx
+	sub	edi,		eax
+	and	esi,		eax
+	and	edi,		ecx
+	or	esi,		edi
+	mov	edi,		DWORD PTR 16[esp]
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 2053994217[esi*1+ebp]
+	mov	esi,		-1
+	rol	ebp,		11
+	add	ebp,		edx
+	; 132
+	add	edx,		edi
+	mov	edi,		eax
+	sub	esi,		ebp
+	and	edi,		ebp
+	and	esi,		ebx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 48[esp]
+	rol	eax,		10
+	lea	edx,		DWORD PTR 2053994217[edi*1+edx]
+	mov	edi,		-1
+	rol	edx,		14
+	add	edx,		ecx
+	; 133
+	add	ecx,		esi
+	mov	esi,		ebp
+	sub	edi,		edx
+	and	esi,		edx
+	and	edi,		eax
+	or	esi,		edi
+	mov	edi,		DWORD PTR 64[esp]
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 2053994217[esi*1+ecx]
+	mov	esi,		-1
+	rol	ecx,		14
+	add	ecx,		ebx
+	; 134
+	add	ebx,		edi
+	mov	edi,		edx
+	sub	esi,		ecx
+	and	edi,		ecx
+	and	esi,		ebp
+	or	edi,		esi
+	mov	esi,		DWORD PTR 4[esp]
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 2053994217[edi*1+ebx]
+	mov	edi,		-1
+	rol	ebx,		6
+	add	ebx,		eax
+	; 135
+	add	eax,		esi
+	mov	esi,		ecx
+	sub	edi,		ebx
+	and	esi,		ebx
+	and	edi,		edx
+	or	esi,		edi
+	mov	edi,		DWORD PTR 24[esp]
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 2053994217[esi*1+eax]
+	mov	esi,		-1
+	rol	eax,		14
+	add	eax,		ebp
+	; 136
+	add	ebp,		edi
+	mov	edi,		ebx
+	sub	esi,		eax
+	and	edi,		eax
+	and	esi,		ecx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 52[esp]
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 2053994217[edi*1+ebp]
+	mov	edi,		-1
+	rol	ebp,		6
+	add	ebp,		edx
+	; 137
+	add	edx,		esi
+	mov	esi,		eax
+	sub	edi,		ebp
+	and	esi,		ebp
+	and	edi,		ebx
+	or	esi,		edi
+	mov	edi,		DWORD PTR 12[esp]
+	rol	eax,		10
+	lea	edx,		DWORD PTR 2053994217[esi*1+edx]
+	mov	esi,		-1
+	rol	edx,		9
+	add	edx,		ecx
+	; 138
+	add	ecx,		edi
+	mov	edi,		ebp
+	sub	esi,		edx
+	and	edi,		edx
+	and	esi,		eax
+	or	edi,		esi
+	mov	esi,		DWORD PTR 56[esp]
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 2053994217[edi*1+ecx]
+	mov	edi,		-1
+	rol	ecx,		12
+	add	ecx,		ebx
+	; 139
+	add	ebx,		esi
+	mov	esi,		edx
+	sub	edi,		ecx
+	and	esi,		ecx
+	and	edi,		ebp
+	or	esi,		edi
+	mov	edi,		DWORD PTR 40[esp]
+	rol	edx,		10
+	lea	ebx,		DWORD PTR 2053994217[esi*1+ebx]
+	mov	esi,		-1
+	rol	ebx,		9
+	add	ebx,		eax
+	; 140
+	add	eax,		edi
+	mov	edi,		ecx
+	sub	esi,		ebx
+	and	edi,		ebx
+	and	esi,		edx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 32[esp]
+	rol	ecx,		10
+	lea	eax,		DWORD PTR 2053994217[edi*1+eax]
+	mov	edi,		-1
+	rol	eax,		12
+	add	eax,		ebp
+	; 141
+	add	ebp,		esi
+	mov	esi,		ebx
+	sub	edi,		eax
+	and	esi,		eax
+	and	edi,		ecx
+	or	esi,		edi
+	mov	edi,		DWORD PTR 44[esp]
+	rol	ebx,		10
+	lea	ebp,		DWORD PTR 2053994217[esi*1+ebp]
+	mov	esi,		-1
+	rol	ebp,		5
+	add	ebp,		edx
+	; 142
+	add	edx,		edi
+	mov	edi,		eax
+	sub	esi,		ebp
+	and	edi,		ebp
+	and	esi,		ebx
+	or	edi,		esi
+	mov	esi,		DWORD PTR 60[esp]
+	rol	eax,		10
+	lea	edx,		DWORD PTR 2053994217[edi*1+edx]
+	mov	edi,		-1
+	rol	edx,		15
+	add	edx,		ecx
+	; 143
+	add	ecx,		esi
+	mov	esi,		ebp
+	sub	edi,		edx
+	and	esi,		edx
+	and	edi,		eax
+	or	edi,		esi
+	mov	esi,		edx
+	rol	ebp,		10
+	lea	ecx,		DWORD PTR 2053994217[edi*1+ecx]
+	xor	esi,		ebp
+	rol	ecx,		8
+	add	ecx,		ebx
+	; 144
+	mov	edi,		DWORD PTR 52[esp]
+	xor	esi,		ecx
+	add	ebx,		edi
+	rol	edx,		10
+	add	ebx,		esi
+	mov	esi,		ecx
+	rol	ebx,		8
+	add	ebx,		eax
+	; 145
+	xor	esi,		edx
+	mov	edi,		DWORD PTR 64[esp]
+	xor	esi,		ebx
+	add	eax,		esi
+	mov	esi,		ebx
+	rol	ecx,		10
+	add	eax,		edi
+	xor	esi,		ecx
+	rol	eax,		5
+	add	eax,		ebp
+	; 146
+	mov	edi,		DWORD PTR 44[esp]
+	xor	esi,		eax
+	add	ebp,		edi
+	rol	ebx,		10
+	add	ebp,		esi
+	mov	esi,		eax
+	rol	ebp,		12
+	add	ebp,		edx
+	; 147
+	xor	esi,		ebx
+	mov	edi,		DWORD PTR 20[esp]
+	xor	esi,		ebp
+	add	edx,		esi
+	mov	esi,		ebp
+	rol	eax,		10
+	add	edx,		edi
+	xor	esi,		eax
+	rol	edx,		9
+	add	edx,		ecx
+	; 148
+	mov	edi,		DWORD PTR 8[esp]
+	xor	esi,		edx
+	add	ecx,		edi
+	rol	ebp,		10
+	add	ecx,		esi
+	mov	esi,		edx
+	rol	ecx,		12
+	add	ecx,		ebx
+	; 149
+	xor	esi,		ebp
+	mov	edi,		DWORD PTR 24[esp]
+	xor	esi,		ecx
+	add	ebx,		esi
+	mov	esi,		ecx
+	rol	edx,		10
+	add	ebx,		edi
+	xor	esi,		edx
+	rol	ebx,		5
+	add	ebx,		eax
+	; 150
+	mov	edi,		DWORD PTR 36[esp]
+	xor	esi,		ebx
+	add	eax,		edi
+	rol	ecx,		10
+	add	eax,		esi
+	mov	esi,		ebx
+	rol	eax,		14
+	add	eax,		ebp
+	; 151
+	xor	esi,		ecx
+	mov	edi,		DWORD PTR 32[esp]
+	xor	esi,		eax
+	add	ebp,		esi
+	mov	esi,		eax
+	rol	ebx,		10
+	add	ebp,		edi
+	xor	esi,		ebx
+	rol	ebp,		6
+	add	ebp,		edx
+	; 152
+	mov	edi,		DWORD PTR 28[esp]
+	xor	esi,		ebp
+	add	edx,		edi
+	rol	eax,		10
+	add	edx,		esi
+	mov	esi,		ebp
+	rol	edx,		8
+	add	edx,		ecx
+	; 153
+	xor	esi,		eax
+	mov	edi,		DWORD PTR 12[esp]
+	xor	esi,		edx
+	add	ecx,		esi
+	mov	esi,		edx
+	rol	ebp,		10
+	add	ecx,		edi
+	xor	esi,		ebp
+	rol	ecx,		13
+	add	ecx,		ebx
+	; 154
+	mov	edi,		DWORD PTR 56[esp]
+	xor	esi,		ecx
+	add	ebx,		edi
+	rol	edx,		10
+	add	ebx,		esi
+	mov	esi,		ecx
+	rol	ebx,		6
+	add	ebx,		eax
+	; 155
+	xor	esi,		edx
+	mov	edi,		DWORD PTR 60[esp]
+	xor	esi,		ebx
+	add	eax,		esi
+	mov	esi,		ebx
+	rol	ecx,		10
+	add	eax,		edi
+	xor	esi,		ecx
+	rol	eax,		5
+	add	eax,		ebp
+	; 156
+	mov	edi,		DWORD PTR 4[esp]
+	xor	esi,		eax
+	add	ebp,		edi
+	rol	ebx,		10
+	add	ebp,		esi
+	mov	esi,		eax
+	rol	ebp,		15
+	add	ebp,		edx
+	; 157
+	xor	esi,		ebx
+	mov	edi,		DWORD PTR 16[esp]
+	xor	esi,		ebp
+	add	edx,		esi
+	mov	esi,		ebp
+	rol	eax,		10
+	add	edx,		edi
+	xor	esi,		eax
+	rol	edx,		13
+	add	edx,		ecx
+	; 158
+	mov	edi,		DWORD PTR 40[esp]
+	xor	esi,		edx
+	add	ecx,		edi
+	rol	ebp,		10
+	add	ecx,		esi
+	mov	esi,		edx
+	rol	ecx,		11
+	add	ecx,		ebx
+	; 159
+	xor	esi,		ebp
+	mov	edi,		DWORD PTR 48[esp]
+	xor	esi,		ecx
+	add	ebx,		esi
+	rol	edx,		10
+	add	ebx,		edi
+	mov	edi,		DWORD PTR 108[esp]
+	rol	ebx,		11
+	add	ebx,		eax
+	mov	esi,		DWORD PTR 4[edi]
+	add	edx,		esi
+	mov	esi,		DWORD PTR 76[esp]
+	add	edx,		esi
+	mov	esi,		DWORD PTR 8[edi]
+	add	ebp,		esi
+	mov	esi,		DWORD PTR 80[esp]
+	add	ebp,		esi
+	mov	esi,		DWORD PTR 12[edi]
+	add	eax,		esi
+	mov	esi,		DWORD PTR 84[esp]
+	add	eax,		esi
+	mov	esi,		DWORD PTR 16[edi]
+	add	ebx,		esi
+	mov	esi,		DWORD PTR 68[esp]
+	add	ebx,		esi
+	mov	esi,		DWORD PTR [edi]
+	add	ecx,		esi
+	mov	esi,		DWORD PTR 72[esp]
+	add	ecx,		esi
+	mov	DWORD PTR [edi],edx
+	mov	DWORD PTR 4[edi],ebp
+	mov	DWORD PTR 8[edi],eax
+	mov	DWORD PTR 12[edi],ebx
+	mov	DWORD PTR 16[edi],ecx
+	mov	edi,		DWORD PTR [esp]
+	mov	esi,		DWORD PTR 112[esp]
+	cmp	edi,		esi
+	mov	edi,		DWORD PTR 108[esp]
+	jge	L000start
+	add	esp,		88
+	pop	ebx
+	pop	ebp
+	pop	edi
+	pop	esi
+	ret
+_ripemd160_block_x86 ENDP
+_TEXT	ENDS
+END
diff --git a/crypto/ripemd/asm/rm86unix.cpp b/crypto/ripemd/asm/rm86unix.cpp
new file mode 100644
index 0000000000..f90f6f2fd6
--- /dev/null
+++ b/crypto/ripemd/asm/rm86unix.cpp
@@ -0,0 +1,2016 @@
+/* Run the C pre-processor over this file with one of the following defined
+ * ELF - elf object files,
+ * OUT - a.out object files,
+ * BSDI - BSDI style a.out object files
+ * SOL - Solaris style elf
+ */
+
+#define TYPE(a,b)       .type   a,b
+#define SIZE(a,b)       .size   a,b
+
+#if defined(OUT) || defined(BSDI)
+#define ripemd160_block_x86 _ripemd160_block_x86
+
+#endif
+
+#ifdef OUT
+#define OK	1
+#define ALIGN	4
+#endif
+
+#ifdef BSDI
+#define OK              1
+#define ALIGN           4
+#undef SIZE
+#undef TYPE
+#define SIZE(a,b)
+#define TYPE(a,b)
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK              1
+#define ALIGN           16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+/* Let the Assembler begin :-) */
+	/* Don't even think of reading this code */
+	/* It was automatically generated by rmd-586.pl */
+	/* Which is a perl program used to generate the x86 assember for */
+	/* any of elf, a.out, BSDI,Win32, or Solaris */
+	/* eric <eay@cryptsoft.com> */
+
+	.file	"rmd-586.s"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align ALIGN
+.globl ripemd160_block_x86
+	TYPE(ripemd160_block_x86,@function)
+ripemd160_block_x86:
+	pushl	%esi
+	movl	16(%esp),	%ecx
+	pushl	%edi
+	movl	16(%esp),	%esi
+	pushl	%ebp
+	addl	%esi,		%ecx
+	pushl	%ebx
+	subl	$64,		%ecx
+	subl	$88,		%esp
+	movl	%ecx,		(%esp)
+	movl	108(%esp),	%edi
+.L000start:
+
+	movl	(%esi),		%eax
+	movl	4(%esi),	%ebx
+	movl	%eax,		4(%esp)
+	movl	%ebx,		8(%esp)
+	movl	8(%esi),	%eax
+	movl	12(%esi),	%ebx
+	movl	%eax,		12(%esp)
+	movl	%ebx,		16(%esp)
+	movl	16(%esi),	%eax
+	movl	20(%esi),	%ebx
+	movl	%eax,		20(%esp)
+	movl	%ebx,		24(%esp)
+	movl	24(%esi),	%eax
+	movl	28(%esi),	%ebx
+	movl	%eax,		28(%esp)
+	movl	%ebx,		32(%esp)
+	movl	32(%esi),	%eax
+	movl	36(%esi),	%ebx
+	movl	%eax,		36(%esp)
+	movl	%ebx,		40(%esp)
+	movl	40(%esi),	%eax
+	movl	44(%esi),	%ebx
+	movl	%eax,		44(%esp)
+	movl	%ebx,		48(%esp)
+	movl	48(%esi),	%eax
+	movl	52(%esi),	%ebx
+	movl	%eax,		52(%esp)
+	movl	%ebx,		56(%esp)
+	movl	56(%esi),	%eax
+	movl	60(%esi),	%ebx
+	movl	%eax,		60(%esp)
+	movl	%ebx,		64(%esp)
+	addl	$64,		%esi
+	movl	(%edi),		%eax
+	movl	%esi,		112(%esp)
+	movl	4(%edi),	%ebx
+	movl	8(%edi),	%ecx
+	movl	12(%edi),	%edx
+	movl	16(%edi),	%ebp
+	/* 0 */
+	movl	%ecx,		%esi
+	xorl	%edx,		%esi
+	movl	4(%esp),	%edi
+	xorl	%ebx,		%esi
+	addl	%edi,		%eax
+	roll	$10,		%ecx
+	addl	%esi,		%eax
+	movl	%ebx,		%esi
+	roll	$11,		%eax
+	addl	%ebp,		%eax
+	/* 1 */
+	xorl	%ecx,		%esi
+	movl	8(%esp),	%edi
+	xorl	%eax,		%esi
+	addl	%esi,		%ebp
+	movl	%eax,		%esi
+	roll	$10,		%ebx
+	addl	%edi,		%ebp
+	xorl	%ebx,		%esi
+	roll	$14,		%ebp
+	addl	%edx,		%ebp
+	/* 2 */
+	movl	12(%esp),	%edi
+	xorl	%ebp,		%esi
+	addl	%edi,		%edx
+	roll	$10,		%eax
+	addl	%esi,		%edx
+	movl	%ebp,		%esi
+	roll	$15,		%edx
+	addl	%ecx,		%edx
+	/* 3 */
+	xorl	%eax,		%esi
+	movl	16(%esp),	%edi
+	xorl	%edx,		%esi
+	addl	%esi,		%ecx
+	movl	%edx,		%esi
+	roll	$10,		%ebp
+	addl	%edi,		%ecx
+	xorl	%ebp,		%esi
+	roll	$12,		%ecx
+	addl	%ebx,		%ecx
+	/* 4 */
+	movl	20(%esp),	%edi
+	xorl	%ecx,		%esi
+	addl	%edi,		%ebx
+	roll	$10,		%edx
+	addl	%esi,		%ebx
+	movl	%ecx,		%esi
+	roll	$5,		%ebx
+	addl	%eax,		%ebx
+	/* 5 */
+	xorl	%edx,		%esi
+	movl	24(%esp),	%edi
+	xorl	%ebx,		%esi
+	addl	%esi,		%eax
+	movl	%ebx,		%esi
+	roll	$10,		%ecx
+	addl	%edi,		%eax
+	xorl	%ecx,		%esi
+	roll	$8,		%eax
+	addl	%ebp,		%eax
+	/* 6 */
+	movl	28(%esp),	%edi
+	xorl	%eax,		%esi
+	addl	%edi,		%ebp
+	roll	$10,		%ebx
+	addl	%esi,		%ebp
+	movl	%eax,		%esi
+	roll	$7,		%ebp
+	addl	%edx,		%ebp
+	/* 7 */
+	xorl	%ebx,		%esi
+	movl	32(%esp),	%edi
+	xorl	%ebp,		%esi
+	addl	%esi,		%edx
+	movl	%ebp,		%esi
+	roll	$10,		%eax
+	addl	%edi,		%edx
+	xorl	%eax,		%esi
+	roll	$9,		%edx
+	addl	%ecx,		%edx
+	/* 8 */
+	movl	36(%esp),	%edi
+	xorl	%edx,		%esi
+	addl	%edi,		%ecx
+	roll	$10,		%ebp
+	addl	%esi,		%ecx
+	movl	%edx,		%esi
+	roll	$11,		%ecx
+	addl	%ebx,		%ecx
+	/* 9 */
+	xorl	%ebp,		%esi
+	movl	40(%esp),	%edi
+	xorl	%ecx,		%esi
+	addl	%esi,		%ebx
+	movl	%ecx,		%esi
+	roll	$10,		%edx
+	addl	%edi,		%ebx
+	xorl	%edx,		%esi
+	roll	$13,		%ebx
+	addl	%eax,		%ebx
+	/* 10 */
+	movl	44(%esp),	%edi
+	xorl	%ebx,		%esi
+	addl	%edi,		%eax
+	roll	$10,		%ecx
+	addl	%esi,		%eax
+	movl	%ebx,		%esi
+	roll	$14,		%eax
+	addl	%ebp,		%eax
+	/* 11 */
+	xorl	%ecx,		%esi
+	movl	48(%esp),	%edi
+	xorl	%eax,		%esi
+	addl	%esi,		%ebp
+	movl	%eax,		%esi
+	roll	$10,		%ebx
+	addl	%edi,		%ebp
+	xorl	%ebx,		%esi
+	roll	$15,		%ebp
+	addl	%edx,		%ebp
+	/* 12 */
+	movl	52(%esp),	%edi
+	xorl	%ebp,		%esi
+	addl	%edi,		%edx
+	roll	$10,		%eax
+	addl	%esi,		%edx
+	movl	%ebp,		%esi
+	roll	$6,		%edx
+	addl	%ecx,		%edx
+	/* 13 */
+	xorl	%eax,		%esi
+	movl	56(%esp),	%edi
+	xorl	%edx,		%esi
+	addl	%esi,		%ecx
+	movl	%edx,		%esi
+	roll	$10,		%ebp
+	addl	%edi,		%ecx
+	xorl	%ebp,		%esi
+	roll	$7,		%ecx
+	addl	%ebx,		%ecx
+	/* 14 */
+	movl	60(%esp),	%edi
+	xorl	%ecx,		%esi
+	addl	%edi,		%ebx
+	roll	$10,		%edx
+	addl	%esi,		%ebx
+	movl	%ecx,		%esi
+	roll	$9,		%ebx
+	addl	%eax,		%ebx
+	/* 15 */
+	xorl	%edx,		%esi
+	movl	64(%esp),	%edi
+	xorl	%ebx,		%esi
+	addl	%esi,		%eax
+	movl	$-1,		%esi
+	roll	$10,		%ecx
+	addl	%edi,		%eax
+	movl	32(%esp),	%edi
+	roll	$8,		%eax
+	addl	%ebp,		%eax
+	/* 16 */
+	addl	%edi,		%ebp
+	movl	%ebx,		%edi
+	subl	%eax,		%esi
+	andl	%eax,		%edi
+	andl	%ecx,		%esi
+	orl	%esi,		%edi
+	movl	20(%esp),	%esi
+	roll	$10,		%ebx
+	leal	1518500249(%ebp,%edi,1),%ebp
+	movl	$-1,		%edi
+	roll	$7,		%ebp
+	addl	%edx,		%ebp
+	/* 17 */
+	addl	%esi,		%edx
+	movl	%eax,		%esi
+	subl	%ebp,		%edi
+	andl	%ebp,		%esi
+	andl	%ebx,		%edi
+	orl	%edi,		%esi
+	movl	56(%esp),	%edi
+	roll	$10,		%eax
+	leal	1518500249(%edx,%esi,1),%edx
+	movl	$-1,		%esi
+	roll	$6,		%edx
+	addl	%ecx,		%edx
+	/* 18 */
+	addl	%edi,		%ecx
+	movl	%ebp,		%edi
+	subl	%edx,		%esi
+	andl	%edx,		%edi
+	andl	%eax,		%esi
+	orl	%esi,		%edi
+	movl	8(%esp),	%esi
+	roll	$10,		%ebp
+	leal	1518500249(%ecx,%edi,1),%ecx
+	movl	$-1,		%edi
+	roll	$8,		%ecx
+	addl	%ebx,		%ecx
+	/* 19 */
+	addl	%esi,		%ebx
+	movl	%edx,		%esi
+	subl	%ecx,		%edi
+	andl	%ecx,		%esi
+	andl	%ebp,		%edi
+	orl	%edi,		%esi
+	movl	44(%esp),	%edi
+	roll	$10,		%edx
+	leal	1518500249(%ebx,%esi,1),%ebx
+	movl	$-1,		%esi
+	roll	$13,		%ebx
+	addl	%eax,		%ebx
+	/* 20 */
+	addl	%edi,		%eax
+	movl	%ecx,		%edi
+	subl	%ebx,		%esi
+	andl	%ebx,		%edi
+	andl	%edx,		%esi
+	orl	%esi,		%edi
+	movl	28(%esp),	%esi
+	roll	$10,		%ecx
+	leal	1518500249(%eax,%edi,1),%eax
+	movl	$-1,		%edi
+	roll	$11,		%eax
+	addl	%ebp,		%eax
+	/* 21 */
+	addl	%esi,		%ebp
+	movl	%ebx,		%esi
+	subl	%eax,		%edi
+	andl	%eax,		%esi
+	andl	%ecx,		%edi
+	orl	%edi,		%esi
+	movl	64(%esp),	%edi
+	roll	$10,		%ebx
+	leal	1518500249(%ebp,%esi,1),%ebp
+	movl	$-1,		%esi
+	roll	$9,		%ebp
+	addl	%edx,		%ebp
+	/* 22 */
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	subl	%ebp,		%esi
+	andl	%ebp,		%edi
+	andl	%ebx,		%esi
+	orl	%esi,		%edi
+	movl	16(%esp),	%esi
+	roll	$10,		%eax
+	leal	1518500249(%edx,%edi,1),%edx
+	movl	$-1,		%edi
+	roll	$7,		%edx
+	addl	%ecx,		%edx
+	/* 23 */
+	addl	%esi,		%ecx
+	movl	%ebp,		%esi
+	subl	%edx,		%edi
+	andl	%edx,		%esi
+	andl	%eax,		%edi
+	orl	%edi,		%esi
+	movl	52(%esp),	%edi
+	roll	$10,		%ebp
+	leal	1518500249(%ecx,%esi,1),%ecx
+	movl	$-1,		%esi
+	roll	$15,		%ecx
+	addl	%ebx,		%ecx
+	/* 24 */
+	addl	%edi,		%ebx
+	movl	%edx,		%edi
+	subl	%ecx,		%esi
+	andl	%ecx,		%edi
+	andl	%ebp,		%esi
+	orl	%esi,		%edi
+	movl	4(%esp),	%esi
+	roll	$10,		%edx
+	leal	1518500249(%ebx,%edi,1),%ebx
+	movl	$-1,		%edi
+	roll	$7,		%ebx
+	addl	%eax,		%ebx
+	/* 25 */
+	addl	%esi,		%eax
+	movl	%ecx,		%esi
+	subl	%ebx,		%edi
+	andl	%ebx,		%esi
+	andl	%edx,		%edi
+	orl	%edi,		%esi
+	movl	40(%esp),	%edi
+	roll	$10,		%ecx
+	leal	1518500249(%eax,%esi,1),%eax
+	movl	$-1,		%esi
+	roll	$12,		%eax
+	addl	%ebp,		%eax
+	/* 26 */
+	addl	%edi,		%ebp
+	movl	%ebx,		%edi
+	subl	%eax,		%esi
+	andl	%eax,		%edi
+	andl	%ecx,		%esi
+	orl	%esi,		%edi
+	movl	24(%esp),	%esi
+	roll	$10,		%ebx
+	leal	1518500249(%ebp,%edi,1),%ebp
+	movl	$-1,		%edi
+	roll	$15,		%ebp
+	addl	%edx,		%ebp
+	/* 27 */
+	addl	%esi,		%edx
+	movl	%eax,		%esi
+	subl	%ebp,		%edi
+	andl	%ebp,		%esi
+	andl	%ebx,		%edi
+	orl	%edi,		%esi
+	movl	12(%esp),	%edi
+	roll	$10,		%eax
+	leal	1518500249(%edx,%esi,1),%edx
+	movl	$-1,		%esi
+	roll	$9,		%edx
+	addl	%ecx,		%edx
+	/* 28 */
+	addl	%edi,		%ecx
+	movl	%ebp,		%edi
+	subl	%edx,		%esi
+	andl	%edx,		%edi
+	andl	%eax,		%esi
+	orl	%esi,		%edi
+	movl	60(%esp),	%esi
+	roll	$10,		%ebp
+	leal	1518500249(%ecx,%edi,1),%ecx
+	movl	$-1,		%edi
+	roll	$11,		%ecx
+	addl	%ebx,		%ecx
+	/* 29 */
+	addl	%esi,		%ebx
+	movl	%edx,		%esi
+	subl	%ecx,		%edi
+	andl	%ecx,		%esi
+	andl	%ebp,		%edi
+	orl	%edi,		%esi
+	movl	48(%esp),	%edi
+	roll	$10,		%edx
+	leal	1518500249(%ebx,%esi,1),%ebx
+	movl	$-1,		%esi
+	roll	$7,		%ebx
+	addl	%eax,		%ebx
+	/* 30 */
+	addl	%edi,		%eax
+	movl	%ecx,		%edi
+	subl	%ebx,		%esi
+	andl	%ebx,		%edi
+	andl	%edx,		%esi
+	orl	%esi,		%edi
+	movl	36(%esp),	%esi
+	roll	$10,		%ecx
+	leal	1518500249(%eax,%edi,1),%eax
+	movl	$-1,		%edi
+	roll	$13,		%eax
+	addl	%ebp,		%eax
+	/* 31 */
+	addl	%esi,		%ebp
+	movl	%ebx,		%esi
+	subl	%eax,		%edi
+	andl	%eax,		%esi
+	andl	%ecx,		%edi
+	orl	%edi,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ebx
+	leal	1518500249(%ebp,%esi,1),%ebp
+	subl	%eax,		%edi
+	roll	$12,		%ebp
+	addl	%edx,		%ebp
+	/* 32 */
+	movl	16(%esp),	%esi
+	orl	%ebp,		%edi
+	addl	%esi,		%edx
+	xorl	%ebx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%eax
+	leal	1859775393(%edx,%edi,1),%edx
+	subl	%ebp,		%esi
+	roll	$11,		%edx
+	addl	%ecx,		%edx
+	/* 33 */
+	movl	44(%esp),	%edi
+	orl	%edx,		%esi
+	addl	%edi,		%ecx
+	xorl	%eax,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ebp
+	leal	1859775393(%ecx,%esi,1),%ecx
+	subl	%edx,		%edi
+	roll	$13,		%ecx
+	addl	%ebx,		%ecx
+	/* 34 */
+	movl	60(%esp),	%esi
+	orl	%ecx,		%edi
+	addl	%esi,		%ebx
+	xorl	%ebp,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%edx
+	leal	1859775393(%ebx,%edi,1),%ebx
+	subl	%ecx,		%esi
+	roll	$6,		%ebx
+	addl	%eax,		%ebx
+	/* 35 */
+	movl	20(%esp),	%edi
+	orl	%ebx,		%esi
+	addl	%edi,		%eax
+	xorl	%edx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ecx
+	leal	1859775393(%eax,%esi,1),%eax
+	subl	%ebx,		%edi
+	roll	$7,		%eax
+	addl	%ebp,		%eax
+	/* 36 */
+	movl	40(%esp),	%esi
+	orl	%eax,		%edi
+	addl	%esi,		%ebp
+	xorl	%ecx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ebx
+	leal	1859775393(%ebp,%edi,1),%ebp
+	subl	%eax,		%esi
+	roll	$14,		%ebp
+	addl	%edx,		%ebp
+	/* 37 */
+	movl	64(%esp),	%edi
+	orl	%ebp,		%esi
+	addl	%edi,		%edx
+	xorl	%ebx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%eax
+	leal	1859775393(%edx,%esi,1),%edx
+	subl	%ebp,		%edi
+	roll	$9,		%edx
+	addl	%ecx,		%edx
+	/* 38 */
+	movl	36(%esp),	%esi
+	orl	%edx,		%edi
+	addl	%esi,		%ecx
+	xorl	%eax,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ebp
+	leal	1859775393(%ecx,%edi,1),%ecx
+	subl	%edx,		%esi
+	roll	$13,		%ecx
+	addl	%ebx,		%ecx
+	/* 39 */
+	movl	8(%esp),	%edi
+	orl	%ecx,		%esi
+	addl	%edi,		%ebx
+	xorl	%ebp,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%edx
+	leal	1859775393(%ebx,%esi,1),%ebx
+	subl	%ecx,		%edi
+	roll	$15,		%ebx
+	addl	%eax,		%ebx
+	/* 40 */
+	movl	12(%esp),	%esi
+	orl	%ebx,		%edi
+	addl	%esi,		%eax
+	xorl	%edx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ecx
+	leal	1859775393(%eax,%edi,1),%eax
+	subl	%ebx,		%esi
+	roll	$14,		%eax
+	addl	%ebp,		%eax
+	/* 41 */
+	movl	32(%esp),	%edi
+	orl	%eax,		%esi
+	addl	%edi,		%ebp
+	xorl	%ecx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ebx
+	leal	1859775393(%ebp,%esi,1),%ebp
+	subl	%eax,		%edi
+	roll	$8,		%ebp
+	addl	%edx,		%ebp
+	/* 42 */
+	movl	4(%esp),	%esi
+	orl	%ebp,		%edi
+	addl	%esi,		%edx
+	xorl	%ebx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%eax
+	leal	1859775393(%edx,%edi,1),%edx
+	subl	%ebp,		%esi
+	roll	$13,		%edx
+	addl	%ecx,		%edx
+	/* 43 */
+	movl	28(%esp),	%edi
+	orl	%edx,		%esi
+	addl	%edi,		%ecx
+	xorl	%eax,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ebp
+	leal	1859775393(%ecx,%esi,1),%ecx
+	subl	%edx,		%edi
+	roll	$6,		%ecx
+	addl	%ebx,		%ecx
+	/* 44 */
+	movl	56(%esp),	%esi
+	orl	%ecx,		%edi
+	addl	%esi,		%ebx
+	xorl	%ebp,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%edx
+	leal	1859775393(%ebx,%edi,1),%ebx
+	subl	%ecx,		%esi
+	roll	$5,		%ebx
+	addl	%eax,		%ebx
+	/* 45 */
+	movl	48(%esp),	%edi
+	orl	%ebx,		%esi
+	addl	%edi,		%eax
+	xorl	%edx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ecx
+	leal	1859775393(%eax,%esi,1),%eax
+	subl	%ebx,		%edi
+	roll	$12,		%eax
+	addl	%ebp,		%eax
+	/* 46 */
+	movl	24(%esp),	%esi
+	orl	%eax,		%edi
+	addl	%esi,		%ebp
+	xorl	%ecx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ebx
+	leal	1859775393(%ebp,%edi,1),%ebp
+	subl	%eax,		%esi
+	roll	$7,		%ebp
+	addl	%edx,		%ebp
+	/* 47 */
+	movl	52(%esp),	%edi
+	orl	%ebp,		%esi
+	addl	%edi,		%edx
+	xorl	%ebx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%eax
+	leal	1859775393(%edx,%esi,1),%edx
+	movl	%eax,		%esi
+	roll	$5,		%edx
+	addl	%ecx,		%edx
+	/* 48 */
+	subl	%eax,		%edi
+	andl	%edx,		%esi
+	andl	%ebp,		%edi
+	orl	%esi,		%edi
+	movl	8(%esp),	%esi
+	roll	$10,		%ebp
+	leal	2400959708(%ecx,%edi,),%ecx
+	movl	$-1,		%edi
+	addl	%esi,		%ecx
+	movl	%ebp,		%esi
+	roll	$11,		%ecx
+	addl	%ebx,		%ecx
+	/* 49 */
+	subl	%ebp,		%edi
+	andl	%ecx,		%esi
+	andl	%edx,		%edi
+	orl	%esi,		%edi
+	movl	40(%esp),	%esi
+	roll	$10,		%edx
+	leal	2400959708(%ebx,%edi,),%ebx
+	movl	$-1,		%edi
+	addl	%esi,		%ebx
+	movl	%edx,		%esi
+	roll	$12,		%ebx
+	addl	%eax,		%ebx
+	/* 50 */
+	subl	%edx,		%edi
+	andl	%ebx,		%esi
+	andl	%ecx,		%edi
+	orl	%esi,		%edi
+	movl	48(%esp),	%esi
+	roll	$10,		%ecx
+	leal	2400959708(%eax,%edi,),%eax
+	movl	$-1,		%edi
+	addl	%esi,		%eax
+	movl	%ecx,		%esi
+	roll	$14,		%eax
+	addl	%ebp,		%eax
+	/* 51 */
+	subl	%ecx,		%edi
+	andl	%eax,		%esi
+	andl	%ebx,		%edi
+	orl	%esi,		%edi
+	movl	44(%esp),	%esi
+	roll	$10,		%ebx
+	leal	2400959708(%ebp,%edi,),%ebp
+	movl	$-1,		%edi
+	addl	%esi,		%ebp
+	movl	%ebx,		%esi
+	roll	$15,		%ebp
+	addl	%edx,		%ebp
+	/* 52 */
+	subl	%ebx,		%edi
+	andl	%ebp,		%esi
+	andl	%eax,		%edi
+	orl	%esi,		%edi
+	movl	4(%esp),	%esi
+	roll	$10,		%eax
+	leal	2400959708(%edx,%edi,),%edx
+	movl	$-1,		%edi
+	addl	%esi,		%edx
+	movl	%eax,		%esi
+	roll	$14,		%edx
+	addl	%ecx,		%edx
+	/* 53 */
+	subl	%eax,		%edi
+	andl	%edx,		%esi
+	andl	%ebp,		%edi
+	orl	%esi,		%edi
+	movl	36(%esp),	%esi
+	roll	$10,		%ebp
+	leal	2400959708(%ecx,%edi,),%ecx
+	movl	$-1,		%edi
+	addl	%esi,		%ecx
+	movl	%ebp,		%esi
+	roll	$15,		%ecx
+	addl	%ebx,		%ecx
+	/* 54 */
+	subl	%ebp,		%edi
+	andl	%ecx,		%esi
+	andl	%edx,		%edi
+	orl	%esi,		%edi
+	movl	52(%esp),	%esi
+	roll	$10,		%edx
+	leal	2400959708(%ebx,%edi,),%ebx
+	movl	$-1,		%edi
+	addl	%esi,		%ebx
+	movl	%edx,		%esi
+	roll	$9,		%ebx
+	addl	%eax,		%ebx
+	/* 55 */
+	subl	%edx,		%edi
+	andl	%ebx,		%esi
+	andl	%ecx,		%edi
+	orl	%esi,		%edi
+	movl	20(%esp),	%esi
+	roll	$10,		%ecx
+	leal	2400959708(%eax,%edi,),%eax
+	movl	$-1,		%edi
+	addl	%esi,		%eax
+	movl	%ecx,		%esi
+	roll	$8,		%eax
+	addl	%ebp,		%eax
+	/* 56 */
+	subl	%ecx,		%edi
+	andl	%eax,		%esi
+	andl	%ebx,		%edi
+	orl	%esi,		%edi
+	movl	56(%esp),	%esi
+	roll	$10,		%ebx
+	leal	2400959708(%ebp,%edi,),%ebp
+	movl	$-1,		%edi
+	addl	%esi,		%ebp
+	movl	%ebx,		%esi
+	roll	$9,		%ebp
+	addl	%edx,		%ebp
+	/* 57 */
+	subl	%ebx,		%edi
+	andl	%ebp,		%esi
+	andl	%eax,		%edi
+	orl	%esi,		%edi
+	movl	16(%esp),	%esi
+	roll	$10,		%eax
+	leal	2400959708(%edx,%edi,),%edx
+	movl	$-1,		%edi
+	addl	%esi,		%edx
+	movl	%eax,		%esi
+	roll	$14,		%edx
+	addl	%ecx,		%edx
+	/* 58 */
+	subl	%eax,		%edi
+	andl	%edx,		%esi
+	andl	%ebp,		%edi
+	orl	%esi,		%edi
+	movl	32(%esp),	%esi
+	roll	$10,		%ebp
+	leal	2400959708(%ecx,%edi,),%ecx
+	movl	$-1,		%edi
+	addl	%esi,		%ecx
+	movl	%ebp,		%esi
+	roll	$5,		%ecx
+	addl	%ebx,		%ecx
+	/* 59 */
+	subl	%ebp,		%edi
+	andl	%ecx,		%esi
+	andl	%edx,		%edi
+	orl	%esi,		%edi
+	movl	64(%esp),	%esi
+	roll	$10,		%edx
+	leal	2400959708(%ebx,%edi,),%ebx
+	movl	$-1,		%edi
+	addl	%esi,		%ebx
+	movl	%edx,		%esi
+	roll	$6,		%ebx
+	addl	%eax,		%ebx
+	/* 60 */
+	subl	%edx,		%edi
+	andl	%ebx,		%esi
+	andl	%ecx,		%edi
+	orl	%esi,		%edi
+	movl	60(%esp),	%esi
+	roll	$10,		%ecx
+	leal	2400959708(%eax,%edi,),%eax
+	movl	$-1,		%edi
+	addl	%esi,		%eax
+	movl	%ecx,		%esi
+	roll	$8,		%eax
+	addl	%ebp,		%eax
+	/* 61 */
+	subl	%ecx,		%edi
+	andl	%eax,		%esi
+	andl	%ebx,		%edi
+	orl	%esi,		%edi
+	movl	24(%esp),	%esi
+	roll	$10,		%ebx
+	leal	2400959708(%ebp,%edi,),%ebp
+	movl	$-1,		%edi
+	addl	%esi,		%ebp
+	movl	%ebx,		%esi
+	roll	$6,		%ebp
+	addl	%edx,		%ebp
+	/* 62 */
+	subl	%ebx,		%edi
+	andl	%ebp,		%esi
+	andl	%eax,		%edi
+	orl	%esi,		%edi
+	movl	28(%esp),	%esi
+	roll	$10,		%eax
+	leal	2400959708(%edx,%edi,),%edx
+	movl	$-1,		%edi
+	addl	%esi,		%edx
+	movl	%eax,		%esi
+	roll	$5,		%edx
+	addl	%ecx,		%edx
+	/* 63 */
+	subl	%eax,		%edi
+	andl	%edx,		%esi
+	andl	%ebp,		%edi
+	orl	%esi,		%edi
+	movl	12(%esp),	%esi
+	roll	$10,		%ebp
+	leal	2400959708(%ecx,%edi,),%ecx
+	movl	$-1,		%edi
+	addl	%esi,		%ecx
+	subl	%ebp,		%edi
+	roll	$12,		%ecx
+	addl	%ebx,		%ecx
+	/* 64 */
+	movl	20(%esp),	%esi
+	orl	%edx,		%edi
+	addl	%esi,		%ebx
+	xorl	%ecx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%edx
+	leal	2840853838(%ebx,%edi,1),%ebx
+	subl	%edx,		%esi
+	roll	$9,		%ebx
+	addl	%eax,		%ebx
+	/* 65 */
+	movl	4(%esp),	%edi
+	orl	%ecx,		%esi
+	addl	%edi,		%eax
+	xorl	%ebx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ecx
+	leal	2840853838(%eax,%esi,1),%eax
+	subl	%ecx,		%edi
+	roll	$15,		%eax
+	addl	%ebp,		%eax
+	/* 66 */
+	movl	24(%esp),	%esi
+	orl	%ebx,		%edi
+	addl	%esi,		%ebp
+	xorl	%eax,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ebx
+	leal	2840853838(%ebp,%edi,1),%ebp
+	subl	%ebx,		%esi
+	roll	$5,		%ebp
+	addl	%edx,		%ebp
+	/* 67 */
+	movl	40(%esp),	%edi
+	orl	%eax,		%esi
+	addl	%edi,		%edx
+	xorl	%ebp,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%eax
+	leal	2840853838(%edx,%esi,1),%edx
+	subl	%eax,		%edi
+	roll	$11,		%edx
+	addl	%ecx,		%edx
+	/* 68 */
+	movl	32(%esp),	%esi
+	orl	%ebp,		%edi
+	addl	%esi,		%ecx
+	xorl	%edx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ebp
+	leal	2840853838(%ecx,%edi,1),%ecx
+	subl	%ebp,		%esi
+	roll	$6,		%ecx
+	addl	%ebx,		%ecx
+	/* 69 */
+	movl	52(%esp),	%edi
+	orl	%edx,		%esi
+	addl	%edi,		%ebx
+	xorl	%ecx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%edx
+	leal	2840853838(%ebx,%esi,1),%ebx
+	subl	%edx,		%edi
+	roll	$8,		%ebx
+	addl	%eax,		%ebx
+	/* 70 */
+	movl	12(%esp),	%esi
+	orl	%ecx,		%edi
+	addl	%esi,		%eax
+	xorl	%ebx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ecx
+	leal	2840853838(%eax,%edi,1),%eax
+	subl	%ecx,		%esi
+	roll	$13,		%eax
+	addl	%ebp,		%eax
+	/* 71 */
+	movl	44(%esp),	%edi
+	orl	%ebx,		%esi
+	addl	%edi,		%ebp
+	xorl	%eax,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ebx
+	leal	2840853838(%ebp,%esi,1),%ebp
+	subl	%ebx,		%edi
+	roll	$12,		%ebp
+	addl	%edx,		%ebp
+	/* 72 */
+	movl	60(%esp),	%esi
+	orl	%eax,		%edi
+	addl	%esi,		%edx
+	xorl	%ebp,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%eax
+	leal	2840853838(%edx,%edi,1),%edx
+	subl	%eax,		%esi
+	roll	$5,		%edx
+	addl	%ecx,		%edx
+	/* 73 */
+	movl	8(%esp),	%edi
+	orl	%ebp,		%esi
+	addl	%edi,		%ecx
+	xorl	%edx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ebp
+	leal	2840853838(%ecx,%esi,1),%ecx
+	subl	%ebp,		%edi
+	roll	$12,		%ecx
+	addl	%ebx,		%ecx
+	/* 74 */
+	movl	16(%esp),	%esi
+	orl	%edx,		%edi
+	addl	%esi,		%ebx
+	xorl	%ecx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%edx
+	leal	2840853838(%ebx,%edi,1),%ebx
+	subl	%edx,		%esi
+	roll	$13,		%ebx
+	addl	%eax,		%ebx
+	/* 75 */
+	movl	36(%esp),	%edi
+	orl	%ecx,		%esi
+	addl	%edi,		%eax
+	xorl	%ebx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ecx
+	leal	2840853838(%eax,%esi,1),%eax
+	subl	%ecx,		%edi
+	roll	$14,		%eax
+	addl	%ebp,		%eax
+	/* 76 */
+	movl	48(%esp),	%esi
+	orl	%ebx,		%edi
+	addl	%esi,		%ebp
+	xorl	%eax,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ebx
+	leal	2840853838(%ebp,%edi,1),%ebp
+	subl	%ebx,		%esi
+	roll	$11,		%ebp
+	addl	%edx,		%ebp
+	/* 77 */
+	movl	28(%esp),	%edi
+	orl	%eax,		%esi
+	addl	%edi,		%edx
+	xorl	%ebp,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%eax
+	leal	2840853838(%edx,%esi,1),%edx
+	subl	%eax,		%edi
+	roll	$8,		%edx
+	addl	%ecx,		%edx
+	/* 78 */
+	movl	64(%esp),	%esi
+	orl	%ebp,		%edi
+	addl	%esi,		%ecx
+	xorl	%edx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ebp
+	leal	2840853838(%ecx,%edi,1),%ecx
+	subl	%ebp,		%esi
+	roll	$5,		%ecx
+	addl	%ebx,		%ecx
+	/* 79 */
+	movl	56(%esp),	%edi
+	orl	%edx,		%esi
+	addl	%edi,		%ebx
+	xorl	%ecx,		%esi
+	movl	108(%esp),	%edi
+	roll	$10,		%edx
+	leal	2840853838(%ebx,%esi,1),%ebx
+	movl	%eax,		68(%esp)
+	roll	$6,		%ebx
+	addl	%eax,		%ebx
+	movl	(%edi),		%eax
+	movl	%ebx,		72(%esp)
+	movl	%ecx,		76(%esp)
+	movl	4(%edi),	%ebx
+	movl	%edx,		80(%esp)
+	movl	8(%edi),	%ecx
+	movl	%ebp,		84(%esp)
+	movl	12(%edi),	%edx
+	movl	16(%edi),	%ebp
+	/* 80 */
+	movl	$-1,		%edi
+	subl	%edx,		%edi
+	movl	24(%esp),	%esi
+	orl	%ecx,		%edi
+	addl	%esi,		%eax
+	xorl	%ebx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ecx
+	leal	1352829926(%eax,%edi,1),%eax
+	subl	%ecx,		%esi
+	roll	$8,		%eax
+	addl	%ebp,		%eax
+	/* 81 */
+	movl	60(%esp),	%edi
+	orl	%ebx,		%esi
+	addl	%edi,		%ebp
+	xorl	%eax,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ebx
+	leal	1352829926(%ebp,%esi,1),%ebp
+	subl	%ebx,		%edi
+	roll	$9,		%ebp
+	addl	%edx,		%ebp
+	/* 82 */
+	movl	32(%esp),	%esi
+	orl	%eax,		%edi
+	addl	%esi,		%edx
+	xorl	%ebp,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%eax
+	leal	1352829926(%edx,%edi,1),%edx
+	subl	%eax,		%esi
+	roll	$9,		%edx
+	addl	%ecx,		%edx
+	/* 83 */
+	movl	4(%esp),	%edi
+	orl	%ebp,		%esi
+	addl	%edi,		%ecx
+	xorl	%edx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ebp
+	leal	1352829926(%ecx,%esi,1),%ecx
+	subl	%ebp,		%edi
+	roll	$11,		%ecx
+	addl	%ebx,		%ecx
+	/* 84 */
+	movl	40(%esp),	%esi
+	orl	%edx,		%edi
+	addl	%esi,		%ebx
+	xorl	%ecx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%edx
+	leal	1352829926(%ebx,%edi,1),%ebx
+	subl	%edx,		%esi
+	roll	$13,		%ebx
+	addl	%eax,		%ebx
+	/* 85 */
+	movl	12(%esp),	%edi
+	orl	%ecx,		%esi
+	addl	%edi,		%eax
+	xorl	%ebx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ecx
+	leal	1352829926(%eax,%esi,1),%eax
+	subl	%ecx,		%edi
+	roll	$15,		%eax
+	addl	%ebp,		%eax
+	/* 86 */
+	movl	48(%esp),	%esi
+	orl	%ebx,		%edi
+	addl	%esi,		%ebp
+	xorl	%eax,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ebx
+	leal	1352829926(%ebp,%edi,1),%ebp
+	subl	%ebx,		%esi
+	roll	$15,		%ebp
+	addl	%edx,		%ebp
+	/* 87 */
+	movl	20(%esp),	%edi
+	orl	%eax,		%esi
+	addl	%edi,		%edx
+	xorl	%ebp,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%eax
+	leal	1352829926(%edx,%esi,1),%edx
+	subl	%eax,		%edi
+	roll	$5,		%edx
+	addl	%ecx,		%edx
+	/* 88 */
+	movl	56(%esp),	%esi
+	orl	%ebp,		%edi
+	addl	%esi,		%ecx
+	xorl	%edx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ebp
+	leal	1352829926(%ecx,%edi,1),%ecx
+	subl	%ebp,		%esi
+	roll	$7,		%ecx
+	addl	%ebx,		%ecx
+	/* 89 */
+	movl	28(%esp),	%edi
+	orl	%edx,		%esi
+	addl	%edi,		%ebx
+	xorl	%ecx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%edx
+	leal	1352829926(%ebx,%esi,1),%ebx
+	subl	%edx,		%edi
+	roll	$7,		%ebx
+	addl	%eax,		%ebx
+	/* 90 */
+	movl	64(%esp),	%esi
+	orl	%ecx,		%edi
+	addl	%esi,		%eax
+	xorl	%ebx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ecx
+	leal	1352829926(%eax,%edi,1),%eax
+	subl	%ecx,		%esi
+	roll	$8,		%eax
+	addl	%ebp,		%eax
+	/* 91 */
+	movl	36(%esp),	%edi
+	orl	%ebx,		%esi
+	addl	%edi,		%ebp
+	xorl	%eax,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ebx
+	leal	1352829926(%ebp,%esi,1),%ebp
+	subl	%ebx,		%edi
+	roll	$11,		%ebp
+	addl	%edx,		%ebp
+	/* 92 */
+	movl	8(%esp),	%esi
+	orl	%eax,		%edi
+	addl	%esi,		%edx
+	xorl	%ebp,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%eax
+	leal	1352829926(%edx,%edi,1),%edx
+	subl	%eax,		%esi
+	roll	$14,		%edx
+	addl	%ecx,		%edx
+	/* 93 */
+	movl	44(%esp),	%edi
+	orl	%ebp,		%esi
+	addl	%edi,		%ecx
+	xorl	%edx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ebp
+	leal	1352829926(%ecx,%esi,1),%ecx
+	subl	%ebp,		%edi
+	roll	$14,		%ecx
+	addl	%ebx,		%ecx
+	/* 94 */
+	movl	16(%esp),	%esi
+	orl	%edx,		%edi
+	addl	%esi,		%ebx
+	xorl	%ecx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%edx
+	leal	1352829926(%ebx,%edi,1),%ebx
+	subl	%edx,		%esi
+	roll	$12,		%ebx
+	addl	%eax,		%ebx
+	/* 95 */
+	movl	52(%esp),	%edi
+	orl	%ecx,		%esi
+	addl	%edi,		%eax
+	xorl	%ebx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ecx
+	leal	1352829926(%eax,%esi,1),%eax
+	movl	%ecx,		%esi
+	roll	$6,		%eax
+	addl	%ebp,		%eax
+	/* 96 */
+	subl	%ecx,		%edi
+	andl	%eax,		%esi
+	andl	%ebx,		%edi
+	orl	%esi,		%edi
+	movl	28(%esp),	%esi
+	roll	$10,		%ebx
+	leal	1548603684(%ebp,%edi,),%ebp
+	movl	$-1,		%edi
+	addl	%esi,		%ebp
+	movl	%ebx,		%esi
+	roll	$9,		%ebp
+	addl	%edx,		%ebp
+	/* 97 */
+	subl	%ebx,		%edi
+	andl	%ebp,		%esi
+	andl	%eax,		%edi
+	orl	%esi,		%edi
+	movl	48(%esp),	%esi
+	roll	$10,		%eax
+	leal	1548603684(%edx,%edi,),%edx
+	movl	$-1,		%edi
+	addl	%esi,		%edx
+	movl	%eax,		%esi
+	roll	$13,		%edx
+	addl	%ecx,		%edx
+	/* 98 */
+	subl	%eax,		%edi
+	andl	%edx,		%esi
+	andl	%ebp,		%edi
+	orl	%esi,		%edi
+	movl	16(%esp),	%esi
+	roll	$10,		%ebp
+	leal	1548603684(%ecx,%edi,),%ecx
+	movl	$-1,		%edi
+	addl	%esi,		%ecx
+	movl	%ebp,		%esi
+	roll	$15,		%ecx
+	addl	%ebx,		%ecx
+	/* 99 */
+	subl	%ebp,		%edi
+	andl	%ecx,		%esi
+	andl	%edx,		%edi
+	orl	%esi,		%edi
+	movl	32(%esp),	%esi
+	roll	$10,		%edx
+	leal	1548603684(%ebx,%edi,),%ebx
+	movl	$-1,		%edi
+	addl	%esi,		%ebx
+	movl	%edx,		%esi
+	roll	$7,		%ebx
+	addl	%eax,		%ebx
+	/* 100 */
+	subl	%edx,		%edi
+	andl	%ebx,		%esi
+	andl	%ecx,		%edi
+	orl	%esi,		%edi
+	movl	4(%esp),	%esi
+	roll	$10,		%ecx
+	leal	1548603684(%eax,%edi,),%eax
+	movl	$-1,		%edi
+	addl	%esi,		%eax
+	movl	%ecx,		%esi
+	roll	$12,		%eax
+	addl	%ebp,		%eax
+	/* 101 */
+	subl	%ecx,		%edi
+	andl	%eax,		%esi
+	andl	%ebx,		%edi
+	orl	%esi,		%edi
+	movl	56(%esp),	%esi
+	roll	$10,		%ebx
+	leal	1548603684(%ebp,%edi,),%ebp
+	movl	$-1,		%edi
+	addl	%esi,		%ebp
+	movl	%ebx,		%esi
+	roll	$8,		%ebp
+	addl	%edx,		%ebp
+	/* 102 */
+	subl	%ebx,		%edi
+	andl	%ebp,		%esi
+	andl	%eax,		%edi
+	orl	%esi,		%edi
+	movl	24(%esp),	%esi
+	roll	$10,		%eax
+	leal	1548603684(%edx,%edi,),%edx
+	movl	$-1,		%edi
+	addl	%esi,		%edx
+	movl	%eax,		%esi
+	roll	$9,		%edx
+	addl	%ecx,		%edx
+	/* 103 */
+	subl	%eax,		%edi
+	andl	%edx,		%esi
+	andl	%ebp,		%edi
+	orl	%esi,		%edi
+	movl	44(%esp),	%esi
+	roll	$10,		%ebp
+	leal	1548603684(%ecx,%edi,),%ecx
+	movl	$-1,		%edi
+	addl	%esi,		%ecx
+	movl	%ebp,		%esi
+	roll	$11,		%ecx
+	addl	%ebx,		%ecx
+	/* 104 */
+	subl	%ebp,		%edi
+	andl	%ecx,		%esi
+	andl	%edx,		%edi
+	orl	%esi,		%edi
+	movl	60(%esp),	%esi
+	roll	$10,		%edx
+	leal	1548603684(%ebx,%edi,),%ebx
+	movl	$-1,		%edi
+	addl	%esi,		%ebx
+	movl	%edx,		%esi
+	roll	$7,		%ebx
+	addl	%eax,		%ebx
+	/* 105 */
+	subl	%edx,		%edi
+	andl	%ebx,		%esi
+	andl	%ecx,		%edi
+	orl	%esi,		%edi
+	movl	64(%esp),	%esi
+	roll	$10,		%ecx
+	leal	1548603684(%eax,%edi,),%eax
+	movl	$-1,		%edi
+	addl	%esi,		%eax
+	movl	%ecx,		%esi
+	roll	$7,		%eax
+	addl	%ebp,		%eax
+	/* 106 */
+	subl	%ecx,		%edi
+	andl	%eax,		%esi
+	andl	%ebx,		%edi
+	orl	%esi,		%edi
+	movl	36(%esp),	%esi
+	roll	$10,		%ebx
+	leal	1548603684(%ebp,%edi,),%ebp
+	movl	$-1,		%edi
+	addl	%esi,		%ebp
+	movl	%ebx,		%esi
+	roll	$12,		%ebp
+	addl	%edx,		%ebp
+	/* 107 */
+	subl	%ebx,		%edi
+	andl	%ebp,		%esi
+	andl	%eax,		%edi
+	orl	%esi,		%edi
+	movl	52(%esp),	%esi
+	roll	$10,		%eax
+	leal	1548603684(%edx,%edi,),%edx
+	movl	$-1,		%edi
+	addl	%esi,		%edx
+	movl	%eax,		%esi
+	roll	$7,		%edx
+	addl	%ecx,		%edx
+	/* 108 */
+	subl	%eax,		%edi
+	andl	%edx,		%esi
+	andl	%ebp,		%edi
+	orl	%esi,		%edi
+	movl	20(%esp),	%esi
+	roll	$10,		%ebp
+	leal	1548603684(%ecx,%edi,),%ecx
+	movl	$-1,		%edi
+	addl	%esi,		%ecx
+	movl	%ebp,		%esi
+	roll	$6,		%ecx
+	addl	%ebx,		%ecx
+	/* 109 */
+	subl	%ebp,		%edi
+	andl	%ecx,		%esi
+	andl	%edx,		%edi
+	orl	%esi,		%edi
+	movl	40(%esp),	%esi
+	roll	$10,		%edx
+	leal	1548603684(%ebx,%edi,),%ebx
+	movl	$-1,		%edi
+	addl	%esi,		%ebx
+	movl	%edx,		%esi
+	roll	$15,		%ebx
+	addl	%eax,		%ebx
+	/* 110 */
+	subl	%edx,		%edi
+	andl	%ebx,		%esi
+	andl	%ecx,		%edi
+	orl	%esi,		%edi
+	movl	8(%esp),	%esi
+	roll	$10,		%ecx
+	leal	1548603684(%eax,%edi,),%eax
+	movl	$-1,		%edi
+	addl	%esi,		%eax
+	movl	%ecx,		%esi
+	roll	$13,		%eax
+	addl	%ebp,		%eax
+	/* 111 */
+	subl	%ecx,		%edi
+	andl	%eax,		%esi
+	andl	%ebx,		%edi
+	orl	%esi,		%edi
+	movl	12(%esp),	%esi
+	roll	$10,		%ebx
+	leal	1548603684(%ebp,%edi,),%ebp
+	movl	$-1,		%edi
+	addl	%esi,		%ebp
+	subl	%eax,		%edi
+	roll	$11,		%ebp
+	addl	%edx,		%ebp
+	/* 112 */
+	movl	64(%esp),	%esi
+	orl	%ebp,		%edi
+	addl	%esi,		%edx
+	xorl	%ebx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%eax
+	leal	1836072691(%edx,%edi,1),%edx
+	subl	%ebp,		%esi
+	roll	$9,		%edx
+	addl	%ecx,		%edx
+	/* 113 */
+	movl	24(%esp),	%edi
+	orl	%edx,		%esi
+	addl	%edi,		%ecx
+	xorl	%eax,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ebp
+	leal	1836072691(%ecx,%esi,1),%ecx
+	subl	%edx,		%edi
+	roll	$7,		%ecx
+	addl	%ebx,		%ecx
+	/* 114 */
+	movl	8(%esp),	%esi
+	orl	%ecx,		%edi
+	addl	%esi,		%ebx
+	xorl	%ebp,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%edx
+	leal	1836072691(%ebx,%edi,1),%ebx
+	subl	%ecx,		%esi
+	roll	$15,		%ebx
+	addl	%eax,		%ebx
+	/* 115 */
+	movl	16(%esp),	%edi
+	orl	%ebx,		%esi
+	addl	%edi,		%eax
+	xorl	%edx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ecx
+	leal	1836072691(%eax,%esi,1),%eax
+	subl	%ebx,		%edi
+	roll	$11,		%eax
+	addl	%ebp,		%eax
+	/* 116 */
+	movl	32(%esp),	%esi
+	orl	%eax,		%edi
+	addl	%esi,		%ebp
+	xorl	%ecx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ebx
+	leal	1836072691(%ebp,%edi,1),%ebp
+	subl	%eax,		%esi
+	roll	$8,		%ebp
+	addl	%edx,		%ebp
+	/* 117 */
+	movl	60(%esp),	%edi
+	orl	%ebp,		%esi
+	addl	%edi,		%edx
+	xorl	%ebx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%eax
+	leal	1836072691(%edx,%esi,1),%edx
+	subl	%ebp,		%edi
+	roll	$6,		%edx
+	addl	%ecx,		%edx
+	/* 118 */
+	movl	28(%esp),	%esi
+	orl	%edx,		%edi
+	addl	%esi,		%ecx
+	xorl	%eax,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ebp
+	leal	1836072691(%ecx,%edi,1),%ecx
+	subl	%edx,		%esi
+	roll	$6,		%ecx
+	addl	%ebx,		%ecx
+	/* 119 */
+	movl	40(%esp),	%edi
+	orl	%ecx,		%esi
+	addl	%edi,		%ebx
+	xorl	%ebp,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%edx
+	leal	1836072691(%ebx,%esi,1),%ebx
+	subl	%ecx,		%edi
+	roll	$14,		%ebx
+	addl	%eax,		%ebx
+	/* 120 */
+	movl	48(%esp),	%esi
+	orl	%ebx,		%edi
+	addl	%esi,		%eax
+	xorl	%edx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ecx
+	leal	1836072691(%eax,%edi,1),%eax
+	subl	%ebx,		%esi
+	roll	$12,		%eax
+	addl	%ebp,		%eax
+	/* 121 */
+	movl	36(%esp),	%edi
+	orl	%eax,		%esi
+	addl	%edi,		%ebp
+	xorl	%ecx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ebx
+	leal	1836072691(%ebp,%esi,1),%ebp
+	subl	%eax,		%edi
+	roll	$13,		%ebp
+	addl	%edx,		%ebp
+	/* 122 */
+	movl	52(%esp),	%esi
+	orl	%ebp,		%edi
+	addl	%esi,		%edx
+	xorl	%ebx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%eax
+	leal	1836072691(%edx,%edi,1),%edx
+	subl	%ebp,		%esi
+	roll	$5,		%edx
+	addl	%ecx,		%edx
+	/* 123 */
+	movl	12(%esp),	%edi
+	orl	%edx,		%esi
+	addl	%edi,		%ecx
+	xorl	%eax,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ebp
+	leal	1836072691(%ecx,%esi,1),%ecx
+	subl	%edx,		%edi
+	roll	$14,		%ecx
+	addl	%ebx,		%ecx
+	/* 124 */
+	movl	44(%esp),	%esi
+	orl	%ecx,		%edi
+	addl	%esi,		%ebx
+	xorl	%ebp,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%edx
+	leal	1836072691(%ebx,%edi,1),%ebx
+	subl	%ecx,		%esi
+	roll	$13,		%ebx
+	addl	%eax,		%ebx
+	/* 125 */
+	movl	4(%esp),	%edi
+	orl	%ebx,		%esi
+	addl	%edi,		%eax
+	xorl	%edx,		%esi
+	movl	$-1,		%edi
+	roll	$10,		%ecx
+	leal	1836072691(%eax,%esi,1),%eax
+	subl	%ebx,		%edi
+	roll	$13,		%eax
+	addl	%ebp,		%eax
+	/* 126 */
+	movl	20(%esp),	%esi
+	orl	%eax,		%edi
+	addl	%esi,		%ebp
+	xorl	%ecx,		%edi
+	movl	$-1,		%esi
+	roll	$10,		%ebx
+	leal	1836072691(%ebp,%edi,1),%ebp
+	subl	%eax,		%esi
+	roll	$7,		%ebp
+	addl	%edx,		%ebp
+	/* 127 */
+	movl	56(%esp),	%edi
+	orl	%ebp,		%esi
+	addl	%edi,		%edx
+	xorl	%ebx,		%esi
+	movl	36(%esp),	%edi
+	roll	$10,		%eax
+	leal	1836072691(%edx,%esi,1),%edx
+	movl	$-1,		%esi
+	roll	$5,		%edx
+	addl	%ecx,		%edx
+	/* 128 */
+	addl	%edi,		%ecx
+	movl	%ebp,		%edi
+	subl	%edx,		%esi
+	andl	%edx,		%edi
+	andl	%eax,		%esi
+	orl	%esi,		%edi
+	movl	28(%esp),	%esi
+	roll	$10,		%ebp
+	leal	2053994217(%ecx,%edi,1),%ecx
+	movl	$-1,		%edi
+	roll	$15,		%ecx
+	addl	%ebx,		%ecx
+	/* 129 */
+	addl	%esi,		%ebx
+	movl	%edx,		%esi
+	subl	%ecx,		%edi
+	andl	%ecx,		%esi
+	andl	%ebp,		%edi
+	orl	%edi,		%esi
+	movl	20(%esp),	%edi
+	roll	$10,		%edx
+	leal	2053994217(%ebx,%esi,1),%ebx
+	movl	$-1,		%esi
+	roll	$5,		%ebx
+	addl	%eax,		%ebx
+	/* 130 */
+	addl	%edi,		%eax
+	movl	%ecx,		%edi
+	subl	%ebx,		%esi
+	andl	%ebx,		%edi
+	andl	%edx,		%esi
+	orl	%esi,		%edi
+	movl	8(%esp),	%esi
+	roll	$10,		%ecx
+	leal	2053994217(%eax,%edi,1),%eax
+	movl	$-1,		%edi
+	roll	$8,		%eax
+	addl	%ebp,		%eax
+	/* 131 */
+	addl	%esi,		%ebp
+	movl	%ebx,		%esi
+	subl	%eax,		%edi
+	andl	%eax,		%esi
+	andl	%ecx,		%edi
+	orl	%edi,		%esi
+	movl	16(%esp),	%edi
+	roll	$10,		%ebx
+	leal	2053994217(%ebp,%esi,1),%ebp
+	movl	$-1,		%esi
+	roll	$11,		%ebp
+	addl	%edx,		%ebp
+	/* 132 */
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	subl	%ebp,		%esi
+	andl	%ebp,		%edi
+	andl	%ebx,		%esi
+	orl	%esi,		%edi
+	movl	48(%esp),	%esi
+	roll	$10,		%eax
+	leal	2053994217(%edx,%edi,1),%edx
+	movl	$-1,		%edi
+	roll	$14,		%edx
+	addl	%ecx,		%edx
+	/* 133 */
+	addl	%esi,		%ecx
+	movl	%ebp,		%esi
+	subl	%edx,		%edi
+	andl	%edx,		%esi
+	andl	%eax,		%edi
+	orl	%edi,		%esi
+	movl	64(%esp),	%edi
+	roll	$10,		%ebp
+	leal	2053994217(%ecx,%esi,1),%ecx
+	movl	$-1,		%esi
+	roll	$14,		%ecx
+	addl	%ebx,		%ecx
+	/* 134 */
+	addl	%edi,		%ebx
+	movl	%edx,		%edi
+	subl	%ecx,		%esi
+	andl	%ecx,		%edi
+	andl	%ebp,		%esi
+	orl	%esi,		%edi
+	movl	4(%esp),	%esi
+	roll	$10,		%edx
+	leal	2053994217(%ebx,%edi,1),%ebx
+	movl	$-1,		%edi
+	roll	$6,		%ebx
+	addl	%eax,		%ebx
+	/* 135 */
+	addl	%esi,		%eax
+	movl	%ecx,		%esi
+	subl	%ebx,		%edi
+	andl	%ebx,		%esi
+	andl	%edx,		%edi
+	orl	%edi,		%esi
+	movl	24(%esp),	%edi
+	roll	$10,		%ecx
+	leal	2053994217(%eax,%esi,1),%eax
+	movl	$-1,		%esi
+	roll	$14,		%eax
+	addl	%ebp,		%eax
+	/* 136 */
+	addl	%edi,		%ebp
+	movl	%ebx,		%edi
+	subl	%eax,		%esi
+	andl	%eax,		%edi
+	andl	%ecx,		%esi
+	orl	%esi,		%edi
+	movl	52(%esp),	%esi
+	roll	$10,		%ebx
+	leal	2053994217(%ebp,%edi,1),%ebp
+	movl	$-1,		%edi
+	roll	$6,		%ebp
+	addl	%edx,		%ebp
+	/* 137 */
+	addl	%esi,		%edx
+	movl	%eax,		%esi
+	subl	%ebp,		%edi
+	andl	%ebp,		%esi
+	andl	%ebx,		%edi
+	orl	%edi,		%esi
+	movl	12(%esp),	%edi
+	roll	$10,		%eax
+	leal	2053994217(%edx,%esi,1),%edx
+	movl	$-1,		%esi
+	roll	$9,		%edx
+	addl	%ecx,		%edx
+	/* 138 */
+	addl	%edi,		%ecx
+	movl	%ebp,		%edi
+	subl	%edx,		%esi
+	andl	%edx,		%edi
+	andl	%eax,		%esi
+	orl	%esi,		%edi
+	movl	56(%esp),	%esi
+	roll	$10,		%ebp
+	leal	2053994217(%ecx,%edi,1),%ecx
+	movl	$-1,		%edi
+	roll	$12,		%ecx
+	addl	%ebx,		%ecx
+	/* 139 */
+	addl	%esi,		%ebx
+	movl	%edx,		%esi
+	subl	%ecx,		%edi
+	andl	%ecx,		%esi
+	andl	%ebp,		%edi
+	orl	%edi,		%esi
+	movl	40(%esp),	%edi
+	roll	$10,		%edx
+	leal	2053994217(%ebx,%esi,1),%ebx
+	movl	$-1,		%esi
+	roll	$9,		%ebx
+	addl	%eax,		%ebx
+	/* 140 */
+	addl	%edi,		%eax
+	movl	%ecx,		%edi
+	subl	%ebx,		%esi
+	andl	%ebx,		%edi
+	andl	%edx,		%esi
+	orl	%esi,		%edi
+	movl	32(%esp),	%esi
+	roll	$10,		%ecx
+	leal	2053994217(%eax,%edi,1),%eax
+	movl	$-1,		%edi
+	roll	$12,		%eax
+	addl	%ebp,		%eax
+	/* 141 */
+	addl	%esi,		%ebp
+	movl	%ebx,		%esi
+	subl	%eax,		%edi
+	andl	%eax,		%esi
+	andl	%ecx,		%edi
+	orl	%edi,		%esi
+	movl	44(%esp),	%edi
+	roll	$10,		%ebx
+	leal	2053994217(%ebp,%esi,1),%ebp
+	movl	$-1,		%esi
+	roll	$5,		%ebp
+	addl	%edx,		%ebp
+	/* 142 */
+	addl	%edi,		%edx
+	movl	%eax,		%edi
+	subl	%ebp,		%esi
+	andl	%ebp,		%edi
+	andl	%ebx,		%esi
+	orl	%esi,		%edi
+	movl	60(%esp),	%esi
+	roll	$10,		%eax
+	leal	2053994217(%edx,%edi,1),%edx
+	movl	$-1,		%edi
+	roll	$15,		%edx
+	addl	%ecx,		%edx
+	/* 143 */
+	addl	%esi,		%ecx
+	movl	%ebp,		%esi
+	subl	%edx,		%edi
+	andl	%edx,		%esi
+	andl	%eax,		%edi
+	orl	%esi,		%edi
+	movl	%edx,		%esi
+	roll	$10,		%ebp
+	leal	2053994217(%ecx,%edi,1),%ecx
+	xorl	%ebp,		%esi
+	roll	$8,		%ecx
+	addl	%ebx,		%ecx
+	/* 144 */
+	movl	52(%esp),	%edi
+	xorl	%ecx,		%esi
+	addl	%edi,		%ebx
+	roll	$10,		%edx
+	addl	%esi,		%ebx
+	movl	%ecx,		%esi
+	roll	$8,		%ebx
+	addl	%eax,		%ebx
+	/* 145 */
+	xorl	%edx,		%esi
+	movl	64(%esp),	%edi
+	xorl	%ebx,		%esi
+	addl	%esi,		%eax
+	movl	%ebx,		%esi
+	roll	$10,		%ecx
+	addl	%edi,		%eax
+	xorl	%ecx,		%esi
+	roll	$5,		%eax
+	addl	%ebp,		%eax
+	/* 146 */
+	movl	44(%esp),	%edi
+	xorl	%eax,		%esi
+	addl	%edi,		%ebp
+	roll	$10,		%ebx
+	addl	%esi,		%ebp
+	movl	%eax,		%esi
+	roll	$12,		%ebp
+	addl	%edx,		%ebp
+	/* 147 */
+	xorl	%ebx,		%esi
+	movl	20(%esp),	%edi
+	xorl	%ebp,		%esi
+	addl	%esi,		%edx
+	movl	%ebp,		%esi
+	roll	$10,		%eax
+	addl	%edi,		%edx
+	xorl	%eax,		%esi
+	roll	$9,		%edx
+	addl	%ecx,		%edx
+	/* 148 */
+	movl	8(%esp),	%edi
+	xorl	%edx,		%esi
+	addl	%edi,		%ecx
+	roll	$10,		%ebp
+	addl	%esi,		%ecx
+	movl	%edx,		%esi
+	roll	$12,		%ecx
+	addl	%ebx,		%ecx
+	/* 149 */
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%edi
+	xorl	%ecx,		%esi
+	addl	%esi,		%ebx
+	movl	%ecx,		%esi
+	roll	$10,		%edx
+	addl	%edi,		%ebx
+	xorl	%edx,		%esi
+	roll	$5,		%ebx
+	addl	%eax,		%ebx
+	/* 150 */
+	movl	36(%esp),	%edi
+	xorl	%ebx,		%esi
+	addl	%edi,		%eax
+	roll	$10,		%ecx
+	addl	%esi,		%eax
+	movl	%ebx,		%esi
+	roll	$14,		%eax
+	addl	%ebp,		%eax
+	/* 151 */
+	xorl	%ecx,		%esi
+	movl	32(%esp),	%edi
+	xorl	%eax,		%esi
+	addl	%esi,		%ebp
+	movl	%eax,		%esi
+	roll	$10,		%ebx
+	addl	%edi,		%ebp
+	xorl	%ebx,		%esi
+	roll	$6,		%ebp
+	addl	%edx,		%ebp
+	/* 152 */
+	movl	28(%esp),	%edi
+	xorl	%ebp,		%esi
+	addl	%edi,		%edx
+	roll	$10,		%eax
+	addl	%esi,		%edx
+	movl	%ebp,		%esi
+	roll	$8,		%edx
+	addl	%ecx,		%edx
+	/* 153 */
+	xorl	%eax,		%esi
+	movl	12(%esp),	%edi
+	xorl	%edx,		%esi
+	addl	%esi,		%ecx
+	movl	%edx,		%esi
+	roll	$10,		%ebp
+	addl	%edi,		%ecx
+	xorl	%ebp,		%esi
+	roll	$13,		%ecx
+	addl	%ebx,		%ecx
+	/* 154 */
+	movl	56(%esp),	%edi
+	xorl	%ecx,		%esi
+	addl	%edi,		%ebx
+	roll	$10,		%edx
+	addl	%esi,		%ebx
+	movl	%ecx,		%esi
+	roll	$6,		%ebx
+	addl	%eax,		%ebx
+	/* 155 */
+	xorl	%edx,		%esi
+	movl	60(%esp),	%edi
+	xorl	%ebx,		%esi
+	addl	%esi,		%eax
+	movl	%ebx,		%esi
+	roll	$10,		%ecx
+	addl	%edi,		%eax
+	xorl	%ecx,		%esi
+	roll	$5,		%eax
+	addl	%ebp,		%eax
+	/* 156 */
+	movl	4(%esp),	%edi
+	xorl	%eax,		%esi
+	addl	%edi,		%ebp
+	roll	$10,		%ebx
+	addl	%esi,		%ebp
+	movl	%eax,		%esi
+	roll	$15,		%ebp
+	addl	%edx,		%ebp
+	/* 157 */
+	xorl	%ebx,		%esi
+	movl	16(%esp),	%edi
+	xorl	%ebp,		%esi
+	addl	%esi,		%edx
+	movl	%ebp,		%esi
+	roll	$10,		%eax
+	addl	%edi,		%edx
+	xorl	%eax,		%esi
+	roll	$13,		%edx
+	addl	%ecx,		%edx
+	/* 158 */
+	movl	40(%esp),	%edi
+	xorl	%edx,		%esi
+	addl	%edi,		%ecx
+	roll	$10,		%ebp
+	addl	%esi,		%ecx
+	movl	%edx,		%esi
+	roll	$11,		%ecx
+	addl	%ebx,		%ecx
+	/* 159 */
+	xorl	%ebp,		%esi
+	movl	48(%esp),	%edi
+	xorl	%ecx,		%esi
+	addl	%esi,		%ebx
+	roll	$10,		%edx
+	addl	%edi,		%ebx
+	movl	108(%esp),	%edi
+	roll	$11,		%ebx
+	addl	%eax,		%ebx
+	movl	4(%edi),	%esi
+	addl	%esi,		%edx
+	movl	76(%esp),	%esi
+	addl	%esi,		%edx
+	movl	8(%edi),	%esi
+	addl	%esi,		%ebp
+	movl	80(%esp),	%esi
+	addl	%esi,		%ebp
+	movl	12(%edi),	%esi
+	addl	%esi,		%eax
+	movl	84(%esp),	%esi
+	addl	%esi,		%eax
+	movl	16(%edi),	%esi
+	addl	%esi,		%ebx
+	movl	68(%esp),	%esi
+	addl	%esi,		%ebx
+	movl	(%edi),		%esi
+	addl	%esi,		%ecx
+	movl	72(%esp),	%esi
+	addl	%esi,		%ecx
+	movl	%edx,		(%edi)
+	movl	%ebp,		4(%edi)
+	movl	%eax,		8(%edi)
+	movl	%ebx,		12(%edi)
+	movl	%ecx,		16(%edi)
+	movl	(%esp),		%edi
+	movl	112(%esp),	%esi
+	cmpl	%esi,		%edi
+	movl	108(%esp),	%edi
+	jge	.L000start
+	addl	$88,		%esp
+	popl	%ebx
+	popl	%ebp
+	popl	%edi
+	popl	%esi
+	ret
+.ripemd160_block_x86_end:
+	SIZE(ripemd160_block_x86,.ripemd160_block_x86_end-ripemd160_block_x86)
+.ident	"desasm.pl"
diff --git a/crypto/ripemd/asm/rmd-586.pl b/crypto/ripemd/asm/rmd-586.pl
new file mode 100644
index 0000000000..4c8098ac67
--- /dev/null
+++ b/crypto/ripemd/asm/rmd-586.pl
@@ -0,0 +1,582 @@
+#!/usr/local/bin/perl
+
+# Normal is the
+# ripemd160_block_x86(MD5_CTX *c, ULONG *X);
+# version, non-normal is the
+# ripemd160_block_x86(MD5_CTX *c, ULONG *X,int blocks);
+
+$normal=0;
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+$A="eax";
+$B="ebx";
+$C="ecx";
+$D="edx";
+$E="ebp";
+$tmp1="esi";
+$tmp2="edi";
+
+$KL1=0x5A827999;
+$KL2=0x6ED9EBA1;
+$KL3=0x8F1BBCDC;
+$KL4=0xA953FD4E;
+$KR0=0x50A28BE6;
+$KR1=0x5C4DD124; 
+$KR2=0x6D703EF3;
+$KR3=0x7A6D76E9;
+
+
+@wl=(	 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15,
+	 7, 4,13, 1,10, 6,15, 3,12, 0, 9, 5, 2,14,11, 8,
+	 3,10,14, 4, 9,15, 8, 1, 2, 7, 0, 6,13,11, 5,12,
+	 1, 9,11,10, 0, 8,12, 4,13, 3, 7,15,14, 5, 6, 2,
+	 4, 0, 5, 9, 7,12, 2,10,14, 1, 3, 8,11, 6,15,13,
+	 );
+
+@wr=(	 5,14, 7, 0, 9, 2,11, 4,13, 6,15, 8, 1,10, 3,12,
+	 6,11, 3, 7, 0,13, 5,10,14,15, 8,12, 4, 9, 1, 2,
+	15, 5, 1, 3, 7,14, 6, 9,11, 8,12, 2,10, 0, 4,13,
+	 8, 6, 4, 1, 3,11,15, 0, 5,12, 2,13, 9, 7,10,14,
+	12,15,10, 4, 1, 5, 8, 7, 6, 2,13,14, 0, 3, 9,11,
+	);
+
+@sl=(	11,14,15,12, 5, 8, 7, 9,11,13,14,15, 6, 7, 9, 8,
+	 7, 6, 8,13,11, 9, 7,15, 7,12,15, 9,11, 7,13,12,
+	11,13, 6, 7,14, 9,13,15,14, 8,13, 6, 5,12, 7, 5,
+	11,12,14,15,14,15, 9, 8, 9,14, 5, 6, 8, 6, 5,12,
+	 9,15, 5,11, 6, 8,13,12, 5,12,13,14,11, 8, 5, 6,
+	 );
+
+@sr=(	 8, 9, 9,11,13,15,15, 5, 7, 7, 8,11,14,14,12, 6,
+	 9,13,15, 7,12, 8, 9,11, 7, 7,12, 7, 6,15,13,11,
+	 9, 7,15,11, 8, 6, 6,14,12,13, 5,14,13,13, 7, 5,
+	15, 5, 8,11,14,14, 6,14, 6, 9,12, 9,12, 5,15, 8,
+	 8, 5,12, 9,12, 5,14, 6, 8,13, 6, 5,15,13,11,11,
+ 	);
+
+&ripemd160_block("ripemd160_block_x86");
+&asm_finish();
+
+sub Xv
+	{
+	local($n)=@_;
+	return(&swtmp($n+1));
+	# tmp on stack
+	}
+
+sub Np
+	{
+	local($p)=@_;
+	local(%n)=($A,$E,$B,$A,$C,$B,$D,$C,$E,$D);
+	return($n{$p});
+	}
+
+sub RIP1
+	{
+	local($a,$b,$c,$d,$e,$pos,$s,$o,$pos2)=@_;
+
+	&comment($p++);
+	if ($p & 1)
+		{
+	 &mov($tmp1,	$c) if $o == -1;
+	&xor($tmp1,	$d) if $o == -1;
+	 &mov($tmp2,	&Xv($pos));
+	&xor($tmp1,	$b);
+	 &add($a,	$tmp2);
+	&rotl($c,	10);
+	&add($a,	$tmp1);
+	 &mov($tmp1,	&Np($c));	# NEXT
+	 # XXX
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	else
+		{
+	 &xor($tmp1,	$d);
+	&mov($tmp2,	&Xv($pos));
+	 &xor($tmp1,	$b);
+	&add($a,	$tmp1);
+	 &mov($tmp1,	&Np($c)) if $o <= 0;
+	 &mov($tmp1,	-1) if $o == 1;
+	 # XXX if $o == 2;
+	&rotl($c,	10);
+	&add($a,	$tmp2);
+	 &xor($tmp1,	&Np($d)) if $o <= 0;
+	 &mov($tmp2,	&Xv($pos2)) if $o == 1;
+	 &mov($tmp2,	&wparam(0)) if $o == 2;
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	}
+
+sub RIP2
+	{
+	local($a,$b,$c,$d,$e,$pos,$pos2,$s,$K,$o)=@_;
+
+# XXXXXX
+	&comment($p++);
+	if ($p & 1)
+		{
+#	 &mov($tmp2,	&Xv($pos)) if $o < -1;
+#	&mov($tmp1,	-1) if $o < -1;
+
+	 &add($a,	$tmp2);
+	&mov($tmp2,	$c);
+	 &sub($tmp1,	$b);
+	&and($tmp2,	$b);
+	 &and($tmp1,	$d);
+	&or($tmp2,	$tmp1);
+	 &mov($tmp1,	&Xv($pos2)) if $o <= 0; # XXXXXXXXXXXXXX
+	 # XXX
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp2,1));
+	 &mov($tmp2,	-1) if $o <= 0;
+	 # XXX
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	else
+		{
+	 # XXX
+	 &add($a,	$tmp1);
+	&mov($tmp1,	$c);
+	 &sub($tmp2,	$b);
+	&and($tmp1,	$b);
+	 &and($tmp2,	$d);
+	if ($o != 2)
+		{
+	&or($tmp1,	$tmp2);
+	 &mov($tmp2,	&Xv($pos2)) if $o <= 0;
+	 &mov($tmp2,	-1) if $o == 1;
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp1,1));
+	 &mov($tmp1,	-1) if $o <= 0;
+	 &sub($tmp2,	&Np($c)) if $o == 1;
+		} else {
+	&or($tmp2,	$tmp1);
+	 &mov($tmp1,	&Np($c));
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp2,1));
+	 &xor($tmp1,	&Np($d));
+		}
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	}
+
+sub RIP3
+	{
+	local($a,$b,$c,$d,$e,$pos,$s,$K,$o,$pos2)=@_;
+
+	&comment($p++);
+	if ($p & 1)
+		{
+#	 &mov($tmp2,	-1) if $o < -1;
+#	&sub($tmp2,	$c) if $o < -1;
+	 &mov($tmp1,	&Xv($pos));
+	&or($tmp2,	$b);
+	 &add($a,	$tmp1);
+	&xor($tmp2,	$d);
+	 &mov($tmp1,	-1) if $o <= 0;		# NEXT
+	 # XXX
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp2,1));
+	 &sub($tmp1,	&Np($c)) if $o <= 0;	# NEXT
+	 # XXX
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	else
+		{
+	 &mov($tmp2,	&Xv($pos));
+	&or($tmp1,	$b);
+	 &add($a,	$tmp2);
+	&xor($tmp1,	$d);
+	 &mov($tmp2,	-1) if $o <= 0;		# NEXT
+	 &mov($tmp2,	-1) if $o == 1;
+	 &mov($tmp2,	&Xv($pos2)) if $o == 2;
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp1,1));
+	 &sub($tmp2,	&Np($c)) if $o <= 0;	# NEXT
+	 &mov($tmp1,	&Np($d)) if $o == 1;
+	 &mov($tmp1,	-1) if $o == 2;
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	}
+
+sub RIP4
+	{
+	local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_;
+
+	&comment($p++);
+	if ($p & 1)
+		{
+#	 &mov($tmp2,	-1) if $o == -2;
+#	&mov($tmp1,	$d) if $o == -2;
+	 &sub($tmp2,	$d);
+	&and($tmp1,	$b);
+	 &and($tmp2,	$c);
+	&or($tmp2,	$tmp1);
+	 &mov($tmp1,	&Xv($pos));
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp2));
+	 &mov($tmp2,	-1) unless $o > 0;	# NEXT
+	 # XXX
+	&add($a,	$tmp1);
+	 &mov($tmp1,	&Np($d)) unless $o > 0; # NEXT
+	 # XXX
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	else
+		{
+	 &sub($tmp2,	$d);
+	&and($tmp1,	$b);
+	 &and($tmp2,	$c);
+	&or($tmp2,	$tmp1);
+	 &mov($tmp1,	&Xv($pos));
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp2));
+	 &mov($tmp2,	-1) if $o == 0;	# NEXT
+	 &mov($tmp2,	-1) if $o == 1;
+	 &mov($tmp2,	-1) if $o == 2;
+	 # XXX
+	&add($a,	$tmp1);
+	 &mov($tmp1,	&Np($d)) if $o == 0;	# NEXT
+	 &sub($tmp2,	&Np($d)) if $o == 1;
+	 &sub($tmp2,	&Np($c)) if $o == 2;
+	 # XXX
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	}
+
+sub RIP5
+	{
+	local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_;
+
+	&comment($p++);
+	if ($p & 1)
+		{
+	 &mov($tmp2,	-1) if $o == -2;
+	&sub($tmp2,	$d) if $o == -2;
+	 &mov($tmp1,	&Xv($pos));
+	&or($tmp2,	$c);
+	 &add($a,	$tmp1);
+	&xor($tmp2,	$b);
+	 &mov($tmp1,	-1) if $o <= 0;
+	 # XXX
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp2,1));
+	 &sub($tmp1,	&Np($d)) if $o <= 0;
+	 # XXX
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	else
+		{
+	 &mov($tmp2,	&Xv($pos));
+	&or($tmp1,	$c);
+	 &add($a,	$tmp2);
+	&xor($tmp1,	$b);
+	 &mov($tmp2,	-1) if $o <= 0;
+	 &mov($tmp2,	&wparam(0)) if $o == 1;	# Middle code
+	 &mov($tmp2,	-1) if $o == 2;
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp1,1));
+	 &sub($tmp2,	&Np($d)) if $o <= 0;
+	 &mov(&swtmp(1+16),	$A) if $o == 1;
+	 &mov($tmp1,	&Np($d)) if $o == 2;
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	}
+
+sub ripemd160_block
+	{
+	local($name)=@_;
+
+	&function_begin_B($name,"",3);
+
+	# parameter 1 is the RIPEMD160_CTX structure.
+	# A	0
+	# B	4
+	# C	8
+	# D 	12
+	# E 	16
+
+	&push("esi");
+	 &mov($C,	&wparam(2));
+	&push("edi");
+	 &mov($tmp1,	&wparam(1)); # edi
+	&push("ebp");
+	 &add($C,	$tmp1); # offset we end at
+	&push("ebx");
+	 &sub($C,	64);
+	&stack_push(16+5+1);
+	 # XXX
+
+	&mov(&swtmp(0),	$C);
+	 &mov($tmp2,	&wparam(0)); # Done at end of loop
+
+	&set_label("start") unless $normal;
+	&comment("");
+
+	# &mov($tmp1,	&wparam(1)); # Done at end of loop
+	# &mov($tmp2,	&wparam(0)); # Done at end of loop
+
+	for ($z=0; $z<16; $z+=2)
+		{
+		&mov($A,		&DWP( $z*4,$tmp1,"",0));
+		 &mov($B,		&DWP( ($z+1)*4,$tmp1,"",0));
+		&mov(&swtmp(1+$z),	$A);
+		 &mov(&swtmp(1+$z+1),	$B);
+		}
+	&add($tmp1,	64);
+	 &mov($A,	&DWP( 0,$tmp2,"",0));
+	&mov(&wparam(1),$tmp1);
+	 &mov($B,	&DWP( 4,$tmp2,"",0));
+	&mov($C,	&DWP( 8,$tmp2,"",0));
+	 &mov($D,	&DWP(12,$tmp2,"",0));
+	&mov($E,	&DWP(16,$tmp2,"",0));
+
+	&RIP1($A,$B,$C,$D,$E,$wl[ 0],$sl[ 0],-1);
+	&RIP1($E,$A,$B,$C,$D,$wl[ 1],$sl[ 1],0);
+	&RIP1($D,$E,$A,$B,$C,$wl[ 2],$sl[ 2],0);
+	&RIP1($C,$D,$E,$A,$B,$wl[ 3],$sl[ 3],0);
+	&RIP1($B,$C,$D,$E,$A,$wl[ 4],$sl[ 4],0);
+	&RIP1($A,$B,$C,$D,$E,$wl[ 5],$sl[ 5],0);
+	&RIP1($E,$A,$B,$C,$D,$wl[ 6],$sl[ 6],0);
+	&RIP1($D,$E,$A,$B,$C,$wl[ 7],$sl[ 7],0);
+	&RIP1($C,$D,$E,$A,$B,$wl[ 8],$sl[ 8],0);
+	&RIP1($B,$C,$D,$E,$A,$wl[ 9],$sl[ 9],0);
+	&RIP1($A,$B,$C,$D,$E,$wl[10],$sl[10],0);
+	&RIP1($E,$A,$B,$C,$D,$wl[11],$sl[11],0);
+	&RIP1($D,$E,$A,$B,$C,$wl[12],$sl[12],0);
+	&RIP1($C,$D,$E,$A,$B,$wl[13],$sl[13],0);
+	&RIP1($B,$C,$D,$E,$A,$wl[14],$sl[14],0);
+	&RIP1($A,$B,$C,$D,$E,$wl[15],$sl[15],1,$wl[16]);
+
+	&RIP2($E,$A,$B,$C,$D,$wl[16],$wl[17],$sl[16],$KL1,-1);
+	&RIP2($D,$E,$A,$B,$C,$wl[17],$wl[18],$sl[17],$KL1,0);
+	&RIP2($C,$D,$E,$A,$B,$wl[18],$wl[19],$sl[18],$KL1,0);
+	&RIP2($B,$C,$D,$E,$A,$wl[19],$wl[20],$sl[19],$KL1,0);
+	&RIP2($A,$B,$C,$D,$E,$wl[20],$wl[21],$sl[20],$KL1,0);
+	&RIP2($E,$A,$B,$C,$D,$wl[21],$wl[22],$sl[21],$KL1,0);
+	&RIP2($D,$E,$A,$B,$C,$wl[22],$wl[23],$sl[22],$KL1,0);
+	&RIP2($C,$D,$E,$A,$B,$wl[23],$wl[24],$sl[23],$KL1,0);
+	&RIP2($B,$C,$D,$E,$A,$wl[24],$wl[25],$sl[24],$KL1,0);
+	&RIP2($A,$B,$C,$D,$E,$wl[25],$wl[26],$sl[25],$KL1,0);
+	&RIP2($E,$A,$B,$C,$D,$wl[26],$wl[27],$sl[26],$KL1,0);
+	&RIP2($D,$E,$A,$B,$C,$wl[27],$wl[28],$sl[27],$KL1,0);
+	&RIP2($C,$D,$E,$A,$B,$wl[28],$wl[29],$sl[28],$KL1,0);
+	&RIP2($B,$C,$D,$E,$A,$wl[29],$wl[30],$sl[29],$KL1,0);
+	&RIP2($A,$B,$C,$D,$E,$wl[30],$wl[31],$sl[30],$KL1,0);
+	&RIP2($E,$A,$B,$C,$D,$wl[31],$wl[32],$sl[31],$KL1,1);
+
+	&RIP3($D,$E,$A,$B,$C,$wl[32],$sl[32],$KL2,-1);
+	&RIP3($C,$D,$E,$A,$B,$wl[33],$sl[33],$KL2,0);
+	&RIP3($B,$C,$D,$E,$A,$wl[34],$sl[34],$KL2,0);
+	&RIP3($A,$B,$C,$D,$E,$wl[35],$sl[35],$KL2,0);
+	&RIP3($E,$A,$B,$C,$D,$wl[36],$sl[36],$KL2,0);
+	&RIP3($D,$E,$A,$B,$C,$wl[37],$sl[37],$KL2,0);
+	&RIP3($C,$D,$E,$A,$B,$wl[38],$sl[38],$KL2,0);
+	&RIP3($B,$C,$D,$E,$A,$wl[39],$sl[39],$KL2,0);
+	&RIP3($A,$B,$C,$D,$E,$wl[40],$sl[40],$KL2,0);
+	&RIP3($E,$A,$B,$C,$D,$wl[41],$sl[41],$KL2,0);
+	&RIP3($D,$E,$A,$B,$C,$wl[42],$sl[42],$KL2,0);
+	&RIP3($C,$D,$E,$A,$B,$wl[43],$sl[43],$KL2,0);
+	&RIP3($B,$C,$D,$E,$A,$wl[44],$sl[44],$KL2,0);
+	&RIP3($A,$B,$C,$D,$E,$wl[45],$sl[45],$KL2,0);
+	&RIP3($E,$A,$B,$C,$D,$wl[46],$sl[46],$KL2,0);
+	&RIP3($D,$E,$A,$B,$C,$wl[47],$sl[47],$KL2,1);
+
+	&RIP4($C,$D,$E,$A,$B,$wl[48],$sl[48],$KL3,-1);
+	&RIP4($B,$C,$D,$E,$A,$wl[49],$sl[49],$KL3,0);
+	&RIP4($A,$B,$C,$D,$E,$wl[50],$sl[50],$KL3,0);
+	&RIP4($E,$A,$B,$C,$D,$wl[51],$sl[51],$KL3,0);
+	&RIP4($D,$E,$A,$B,$C,$wl[52],$sl[52],$KL3,0);
+	&RIP4($C,$D,$E,$A,$B,$wl[53],$sl[53],$KL3,0);
+	&RIP4($B,$C,$D,$E,$A,$wl[54],$sl[54],$KL3,0);
+	&RIP4($A,$B,$C,$D,$E,$wl[55],$sl[55],$KL3,0);
+	&RIP4($E,$A,$B,$C,$D,$wl[56],$sl[56],$KL3,0);
+	&RIP4($D,$E,$A,$B,$C,$wl[57],$sl[57],$KL3,0);
+	&RIP4($C,$D,$E,$A,$B,$wl[58],$sl[58],$KL3,0);
+	&RIP4($B,$C,$D,$E,$A,$wl[59],$sl[59],$KL3,0);
+	&RIP4($A,$B,$C,$D,$E,$wl[60],$sl[60],$KL3,0);
+	&RIP4($E,$A,$B,$C,$D,$wl[61],$sl[61],$KL3,0);
+	&RIP4($D,$E,$A,$B,$C,$wl[62],$sl[62],$KL3,0);
+	&RIP4($C,$D,$E,$A,$B,$wl[63],$sl[63],$KL3,1);
+
+	&RIP5($B,$C,$D,$E,$A,$wl[64],$sl[64],$KL4,-1);
+	&RIP5($A,$B,$C,$D,$E,$wl[65],$sl[65],$KL4,0);
+	&RIP5($E,$A,$B,$C,$D,$wl[66],$sl[66],$KL4,0);
+	&RIP5($D,$E,$A,$B,$C,$wl[67],$sl[67],$KL4,0);
+	&RIP5($C,$D,$E,$A,$B,$wl[68],$sl[68],$KL4,0);
+	&RIP5($B,$C,$D,$E,$A,$wl[69],$sl[69],$KL4,0);
+	&RIP5($A,$B,$C,$D,$E,$wl[70],$sl[70],$KL4,0);
+	&RIP5($E,$A,$B,$C,$D,$wl[71],$sl[71],$KL4,0);
+	&RIP5($D,$E,$A,$B,$C,$wl[72],$sl[72],$KL4,0);
+	&RIP5($C,$D,$E,$A,$B,$wl[73],$sl[73],$KL4,0);
+	&RIP5($B,$C,$D,$E,$A,$wl[74],$sl[74],$KL4,0);
+	&RIP5($A,$B,$C,$D,$E,$wl[75],$sl[75],$KL4,0);
+	&RIP5($E,$A,$B,$C,$D,$wl[76],$sl[76],$KL4,0);
+	&RIP5($D,$E,$A,$B,$C,$wl[77],$sl[77],$KL4,0);
+	&RIP5($C,$D,$E,$A,$B,$wl[78],$sl[78],$KL4,0);
+	&RIP5($B,$C,$D,$E,$A,$wl[79],$sl[79],$KL4,1);
+
+	# &mov($tmp2,	&wparam(0)); # moved into last RIP5
+	# &mov(&swtmp(1+16),	$A);
+	 &mov($A,	&DWP( 0,$tmp2,"",0));
+	&mov(&swtmp(1+17),	$B);
+	 &mov(&swtmp(1+18),	$C);
+	&mov($B,	&DWP( 4,$tmp2,"",0));
+	 &mov(&swtmp(1+19),	$D);
+	&mov($C,	&DWP( 8,$tmp2,"",0));
+	 &mov(&swtmp(1+20),	$E);
+	&mov($D,	&DWP(12,$tmp2,"",0));
+	 &mov($E,	&DWP(16,$tmp2,"",0));
+
+	&RIP5($A,$B,$C,$D,$E,$wr[ 0],$sr[ 0],$KR0,-2);
+	&RIP5($E,$A,$B,$C,$D,$wr[ 1],$sr[ 1],$KR0,0);
+	&RIP5($D,$E,$A,$B,$C,$wr[ 2],$sr[ 2],$KR0,0);
+	&RIP5($C,$D,$E,$A,$B,$wr[ 3],$sr[ 3],$KR0,0);
+	&RIP5($B,$C,$D,$E,$A,$wr[ 4],$sr[ 4],$KR0,0);
+	&RIP5($A,$B,$C,$D,$E,$wr[ 5],$sr[ 5],$KR0,0);
+	&RIP5($E,$A,$B,$C,$D,$wr[ 6],$sr[ 6],$KR0,0);
+	&RIP5($D,$E,$A,$B,$C,$wr[ 7],$sr[ 7],$KR0,0);
+	&RIP5($C,$D,$E,$A,$B,$wr[ 8],$sr[ 8],$KR0,0);
+	&RIP5($B,$C,$D,$E,$A,$wr[ 9],$sr[ 9],$KR0,0);
+	&RIP5($A,$B,$C,$D,$E,$wr[10],$sr[10],$KR0,0);
+	&RIP5($E,$A,$B,$C,$D,$wr[11],$sr[11],$KR0,0);
+	&RIP5($D,$E,$A,$B,$C,$wr[12],$sr[12],$KR0,0);
+	&RIP5($C,$D,$E,$A,$B,$wr[13],$sr[13],$KR0,0);
+	&RIP5($B,$C,$D,$E,$A,$wr[14],$sr[14],$KR0,0);
+	&RIP5($A,$B,$C,$D,$E,$wr[15],$sr[15],$KR0,2);
+
+	&RIP4($E,$A,$B,$C,$D,$wr[16],$sr[16],$KR1,-2);
+	&RIP4($D,$E,$A,$B,$C,$wr[17],$sr[17],$KR1,0);
+	&RIP4($C,$D,$E,$A,$B,$wr[18],$sr[18],$KR1,0);
+	&RIP4($B,$C,$D,$E,$A,$wr[19],$sr[19],$KR1,0);
+	&RIP4($A,$B,$C,$D,$E,$wr[20],$sr[20],$KR1,0);
+	&RIP4($E,$A,$B,$C,$D,$wr[21],$sr[21],$KR1,0);
+	&RIP4($D,$E,$A,$B,$C,$wr[22],$sr[22],$KR1,0);
+	&RIP4($C,$D,$E,$A,$B,$wr[23],$sr[23],$KR1,0);
+	&RIP4($B,$C,$D,$E,$A,$wr[24],$sr[24],$KR1,0);
+	&RIP4($A,$B,$C,$D,$E,$wr[25],$sr[25],$KR1,0);
+	&RIP4($E,$A,$B,$C,$D,$wr[26],$sr[26],$KR1,0);
+	&RIP4($D,$E,$A,$B,$C,$wr[27],$sr[27],$KR1,0);
+	&RIP4($C,$D,$E,$A,$B,$wr[28],$sr[28],$KR1,0);
+	&RIP4($B,$C,$D,$E,$A,$wr[29],$sr[29],$KR1,0);
+	&RIP4($A,$B,$C,$D,$E,$wr[30],$sr[30],$KR1,0);
+	&RIP4($E,$A,$B,$C,$D,$wr[31],$sr[31],$KR1,2);
+
+	&RIP3($D,$E,$A,$B,$C,$wr[32],$sr[32],$KR2,-2);
+	&RIP3($C,$D,$E,$A,$B,$wr[33],$sr[33],$KR2,0);
+	&RIP3($B,$C,$D,$E,$A,$wr[34],$sr[34],$KR2,0);
+	&RIP3($A,$B,$C,$D,$E,$wr[35],$sr[35],$KR2,0);
+	&RIP3($E,$A,$B,$C,$D,$wr[36],$sr[36],$KR2,0);
+	&RIP3($D,$E,$A,$B,$C,$wr[37],$sr[37],$KR2,0);
+	&RIP3($C,$D,$E,$A,$B,$wr[38],$sr[38],$KR2,0);
+	&RIP3($B,$C,$D,$E,$A,$wr[39],$sr[39],$KR2,0);
+	&RIP3($A,$B,$C,$D,$E,$wr[40],$sr[40],$KR2,0);
+	&RIP3($E,$A,$B,$C,$D,$wr[41],$sr[41],$KR2,0);
+	&RIP3($D,$E,$A,$B,$C,$wr[42],$sr[42],$KR2,0);
+	&RIP3($C,$D,$E,$A,$B,$wr[43],$sr[43],$KR2,0);
+	&RIP3($B,$C,$D,$E,$A,$wr[44],$sr[44],$KR2,0);
+	&RIP3($A,$B,$C,$D,$E,$wr[45],$sr[45],$KR2,0);
+	&RIP3($E,$A,$B,$C,$D,$wr[46],$sr[46],$KR2,0);
+	&RIP3($D,$E,$A,$B,$C,$wr[47],$sr[47],$KR2,2,$wr[48]);
+
+	&RIP2($C,$D,$E,$A,$B,$wr[48],$wr[49],$sr[48],$KR3,-2);
+	&RIP2($B,$C,$D,$E,$A,$wr[49],$wr[50],$sr[49],$KR3,0);
+	&RIP2($A,$B,$C,$D,$E,$wr[50],$wr[51],$sr[50],$KR3,0);
+	&RIP2($E,$A,$B,$C,$D,$wr[51],$wr[52],$sr[51],$KR3,0);
+	&RIP2($D,$E,$A,$B,$C,$wr[52],$wr[53],$sr[52],$KR3,0);
+	&RIP2($C,$D,$E,$A,$B,$wr[53],$wr[54],$sr[53],$KR3,0);
+	&RIP2($B,$C,$D,$E,$A,$wr[54],$wr[55],$sr[54],$KR3,0);
+	&RIP2($A,$B,$C,$D,$E,$wr[55],$wr[56],$sr[55],$KR3,0);
+	&RIP2($E,$A,$B,$C,$D,$wr[56],$wr[57],$sr[56],$KR3,0);
+	&RIP2($D,$E,$A,$B,$C,$wr[57],$wr[58],$sr[57],$KR3,0);
+	&RIP2($C,$D,$E,$A,$B,$wr[58],$wr[59],$sr[58],$KR3,0);
+	&RIP2($B,$C,$D,$E,$A,$wr[59],$wr[60],$sr[59],$KR3,0);
+	&RIP2($A,$B,$C,$D,$E,$wr[60],$wr[61],$sr[60],$KR3,0);
+	&RIP2($E,$A,$B,$C,$D,$wr[61],$wr[62],$sr[61],$KR3,0);
+	&RIP2($D,$E,$A,$B,$C,$wr[62],$wr[63],$sr[62],$KR3,0);
+	&RIP2($C,$D,$E,$A,$B,$wr[63],$wr[64],$sr[63],$KR3,2);
+
+	&RIP1($B,$C,$D,$E,$A,$wr[64],$sr[64],-2);
+	&RIP1($A,$B,$C,$D,$E,$wr[65],$sr[65],0);
+	&RIP1($E,$A,$B,$C,$D,$wr[66],$sr[66],0);
+	&RIP1($D,$E,$A,$B,$C,$wr[67],$sr[67],0);
+	&RIP1($C,$D,$E,$A,$B,$wr[68],$sr[68],0);
+	&RIP1($B,$C,$D,$E,$A,$wr[69],$sr[69],0);
+	&RIP1($A,$B,$C,$D,$E,$wr[70],$sr[70],0);
+	&RIP1($E,$A,$B,$C,$D,$wr[71],$sr[71],0);
+	&RIP1($D,$E,$A,$B,$C,$wr[72],$sr[72],0);
+	&RIP1($C,$D,$E,$A,$B,$wr[73],$sr[73],0);
+	&RIP1($B,$C,$D,$E,$A,$wr[74],$sr[74],0);
+	&RIP1($A,$B,$C,$D,$E,$wr[75],$sr[75],0);
+	&RIP1($E,$A,$B,$C,$D,$wr[76],$sr[76],0);
+	&RIP1($D,$E,$A,$B,$C,$wr[77],$sr[77],0);
+	&RIP1($C,$D,$E,$A,$B,$wr[78],$sr[78],0);
+	&RIP1($B,$C,$D,$E,$A,$wr[79],$sr[79],2);
+
+	# &mov($tmp2,	&wparam(0)); # Moved into last round
+
+	 &mov($tmp1,	&DWP( 4,$tmp2,"",0));	# ctx->B
+	&add($D,	$tmp1);	
+	 &mov($tmp1,	&swtmp(1+18));		# $c
+	&add($D,	$tmp1);
+
+	 &mov($tmp1,	&DWP( 8,$tmp2,"",0));	# ctx->C
+	&add($E,	$tmp1);	
+	 &mov($tmp1,	&swtmp(1+19));		# $d
+	&add($E,	$tmp1);
+
+	 &mov($tmp1,	&DWP(12,$tmp2,"",0));	# ctx->D
+	&add($A,	$tmp1);	
+	 &mov($tmp1,	&swtmp(1+20));		# $e
+	&add($A,	$tmp1);
+
+
+	 &mov($tmp1,	&DWP(16,$tmp2,"",0));	# ctx->E
+	&add($B,	$tmp1);	
+	 &mov($tmp1,	&swtmp(1+16));		# $a
+	&add($B,	$tmp1);
+
+	 &mov($tmp1,	&DWP( 0,$tmp2,"",0));	# ctx->A
+	&add($C,	$tmp1);	
+	 &mov($tmp1,	&swtmp(1+17));		# $b
+	&add($C,	$tmp1);
+
+	&mov(&DWP( 0,$tmp2,"",0),	$D);
+	 &mov(&DWP( 4,$tmp2,"",0),	$E);
+	&mov(&DWP( 8,$tmp2,"",0),	$A);
+	 &mov(&DWP(12,$tmp2,"",0),	$B);
+	&mov(&DWP(16,$tmp2,"",0),	$C);
+
+	&mov($tmp2,		&swtmp(0));
+	 &mov($tmp1,		&wparam(1));
+
+	&cmp($tmp2,$tmp1);
+	 &mov($tmp2,	&wparam(0));
+
+	# XXX
+	 &jge(&label("start"));
+
+	&stack_pop(16+5+1);
+
+	&pop("ebx");
+	&pop("ebp");
+	&pop("edi");
+	&pop("esi");
+	&ret();
+	&function_end_B($name);
+	}
+
diff --git a/crypto/ripemd/ripemd.h b/crypto/ripemd/ripemd.h
new file mode 100644
index 0000000000..a3bc6e3ab2
--- /dev/null
+++ b/crypto/ripemd/ripemd.h
@@ -0,0 +1,99 @@
+/* crypto/ripemd/ripemd.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RIPEMD_H
+#define HEADER_RIPEMD_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define RIPEMD160_CBLOCK	64
+#define RIPEMD160_LBLOCK	16
+#define RIPEMD160_BLOCK		16
+#define RIPEMD160_LAST_BLOCK	56
+#define RIPEMD160_LENGTH_BLOCK	8
+#define RIPEMD160_DIGEST_LENGTH	20
+
+typedef struct RIPEMD160state_st
+	{
+	unsigned long A,B,C,D,E;
+	unsigned long Nl,Nh;
+	unsigned long data[RIPEMD160_LBLOCK];
+	int num;
+	} RIPEMD160_CTX;
+
+#ifndef NOPROTO
+void RIPEMD160_Init(RIPEMD160_CTX *c);
+void RIPEMD160_Update(RIPEMD160_CTX *c, unsigned char *data, unsigned long len);
+void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
+unsigned char *RIPEMD160(unsigned char *d, unsigned long n, unsigned char *md);
+void RIPEMD160_Transform(RIPEMD160_CTX *c, unsigned char *b);
+#else
+void RIPEMD160_Init();
+void RIPEMD160_Update();
+void RIPEMD160_Final();
+unsigned char *RIPEMD160();
+void RIPEMD160_Transform();
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/ripemd/rmd160.c b/crypto/ripemd/rmd160.c
new file mode 100644
index 0000000000..3fa1b8096e
--- /dev/null
+++ b/crypto/ripemd/rmd160.c
@@ -0,0 +1,135 @@
+/* crypto/ripemd/rmd160.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "ripemd.h"
+
+#define BUFSIZE	1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+	{
+	int i,err=0;
+	FILE *IN;
+
+	if (argc == 1)
+		{
+		do_fp(stdin);
+		}
+	else
+		{
+		for (i=1; i<argc; i++)
+			{
+			IN=fopen(argv[i],"r");
+			if (IN == NULL)
+				{
+				perror(argv[i]);
+				err++;
+				continue;
+				}
+			printf("RIPEMD160(%s)= ",argv[i]);
+			do_fp(IN);
+			fclose(IN);
+			}
+		}
+	exit(err);
+	}
+
+void do_fp(f)
+FILE *f;
+	{
+	RIPEMD160_CTX c;
+	unsigned char md[RIPEMD160_DIGEST_LENGTH];
+	int fd;
+	int i;
+	static unsigned char buf[BUFSIZE];
+
+	fd=fileno(f);
+	RIPEMD160_Init(&c);
+	for (;;)
+		{
+		i=read(fd,buf,BUFSIZE);
+		if (i <= 0) break;
+		RIPEMD160_Update(&c,buf,(unsigned long)i);
+		}
+	RIPEMD160_Final(&(md[0]),&c);
+	pt(md);
+	}
+
+void pt(md)
+unsigned char *md;
+	{
+	int i;
+
+	for (i=0; i<RIPEMD160_DIGEST_LENGTH; i++)
+		printf("%02x",md[i]);
+	printf("\n");
+	}
+
diff --git a/crypto/ripemd/rmd_dgst.c b/crypto/ripemd/rmd_dgst.c
new file mode 100644
index 0000000000..210de1977d
--- /dev/null
+++ b/crypto/ripemd/rmd_dgst.c
@@ -0,0 +1,535 @@
+/* crypto/ripemd/rmd_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "rmd_locl.h"
+
+char *RMD160_version="RIPEMD160 part of SSLeay 0.9.0b 29-Jun-1998";
+
+#ifndef NOPROTO
+#  ifdef RMD160_ASM
+     void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p,int num);
+#    define ripemd160_block ripemd160_block_x86
+#  else
+     void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,int num);
+#  endif
+#else
+#  ifdef RMD160_ASM
+     void ripemd160_block_x86();
+#    define ripemd160_block ripemd160_block_x86
+#  else
+     static void ripemd160_block();
+#  endif
+#endif
+
+void RIPEMD160_Init(c)
+RIPEMD160_CTX *c;
+	{
+	c->A=RIPEMD160_A;
+	c->B=RIPEMD160_B;
+	c->C=RIPEMD160_C;
+	c->D=RIPEMD160_D;
+	c->E=RIPEMD160_E;
+	c->Nl=0;
+	c->Nh=0;
+	c->num=0;
+	}
+
+void RIPEMD160_Update(c, data, len)
+RIPEMD160_CTX *c;
+register unsigned char *data;
+unsigned long len;
+	{
+	register ULONG *p;
+	int sw,sc;
+	ULONG l;
+
+	if (len == 0) return;
+
+	l=(c->Nl+(len<<3))&0xffffffffL;
+	if (l < c->Nl) /* overflow */
+		c->Nh++;
+	c->Nh+=(len>>29);
+	c->Nl=l;
+
+	if (c->num != 0)
+		{
+		p=c->data;
+		sw=c->num>>2;
+		sc=c->num&0x03;
+
+		if ((c->num+len) >= RIPEMD160_CBLOCK)
+			{
+			l= p[sw];
+			p_c2l(data,l,sc);
+			p[sw++]=l;
+			for (; sw<RIPEMD160_LBLOCK; sw++)
+				{
+				c2l(data,l);
+				p[sw]=l;
+				}
+			len-=(RIPEMD160_CBLOCK-c->num);
+
+			ripemd160_block(c,p,64);
+			c->num=0;
+			/* drop through and do the rest */
+			}
+		else
+			{
+			int ew,ec;
+
+			c->num+=(int)len;
+			if ((sc+len) < 4) /* ugly, add char's to a word */
+				{
+				l= p[sw];
+				p_c2l_p(data,l,sc,len);
+				p[sw]=l;
+				}
+			else
+				{
+				ew=(c->num>>2);
+				ec=(c->num&0x03);
+				l= p[sw];
+				p_c2l(data,l,sc);
+				p[sw++]=l;
+				for (; sw < ew; sw++)
+					{ c2l(data,l); p[sw]=l; }
+				if (ec)
+					{
+					c2l_p(data,l,ec);
+					p[sw]=l;
+					}
+				}
+			return;
+			}
+		}
+	/* we now can process the input data in blocks of RIPEMD160_CBLOCK
+	 * chars and save the leftovers to c->data. */
+#ifdef L_ENDIAN
+	if ((((unsigned long)data)%sizeof(ULONG)) == 0)
+		{
+		sw=(int)len/RIPEMD160_CBLOCK;
+		if (sw > 0)
+			{
+			sw*=RIPEMD160_CBLOCK;
+			ripemd160_block(c,(ULONG *)data,sw);
+			data+=sw;
+			len-=sw;
+			}
+		}
+#endif
+	p=c->data;
+	while (len >= RIPEMD160_CBLOCK)
+		{
+#if defined(L_ENDIAN) || defined(B_ENDIAN)
+		if (p != (unsigned long *)data)
+			memcpy(p,data,RIPEMD160_CBLOCK);
+		data+=RIPEMD160_CBLOCK;
+#ifdef B_ENDIAN
+		for (sw=(RIPEMD160_LBLOCK/4); sw; sw--)
+			{
+			Endian_Reverse32(p[0]);
+			Endian_Reverse32(p[1]);
+			Endian_Reverse32(p[2]);
+			Endian_Reverse32(p[3]);
+			p+=4;
+			}
+#endif
+#else
+		for (sw=(RIPEMD160_LBLOCK/4); sw; sw--)
+			{
+			c2l(data,l); *(p++)=l;
+			c2l(data,l); *(p++)=l;
+			c2l(data,l); *(p++)=l;
+			c2l(data,l); *(p++)=l; 
+			} 
+#endif
+		p=c->data;
+		ripemd160_block(c,p,64);
+		len-=RIPEMD160_CBLOCK;
+		}
+	sc=(int)len;
+	c->num=sc;
+	if (sc)
+		{
+		sw=sc>>2;	/* words to copy */
+#ifdef L_ENDIAN
+		p[sw]=0;
+		memcpy(p,data,sc);
+#else
+		sc&=0x03;
+		for ( ; sw; sw--)
+			{ c2l(data,l); *(p++)=l; }
+		c2l_p(data,l,sc);
+		*p=l;
+#endif
+		}
+	}
+
+void RIPEMD160_Transform(c,b)
+RIPEMD160_CTX *c;
+unsigned char *b;
+	{
+	ULONG p[16];
+#if !defined(L_ENDIAN)
+	ULONG *q;
+	int i;
+#endif
+
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+	memcpy(p,b,64);
+#ifdef B_ENDIAN
+	q=p;
+	for (i=(RIPEMD160_LBLOCK/4); i; i--)
+		{
+		Endian_Reverse32(q[0]);
+		Endian_Reverse32(q[1]);
+		Endian_Reverse32(q[2]);
+		Endian_Reverse32(q[3]);
+		q+=4;
+		}
+#endif
+#else
+	q=p;
+	for (i=(RIPEMD160_LBLOCK/4); i; i--)
+		{
+		ULONG l;
+		c2l(b,l); *(q++)=l;
+		c2l(b,l); *(q++)=l;
+		c2l(b,l); *(q++)=l;
+		c2l(b,l); *(q++)=l; 
+		} 
+#endif
+	ripemd160_block(c,p,64);
+	}
+
+#ifndef RMD160_ASM
+
+void ripemd160_block(ctx, X, num)
+RIPEMD160_CTX *ctx;
+register ULONG *X;
+int num;
+	{
+	register ULONG A,B,C,D,E;
+	ULONG a,b,c,d,e;
+
+	for (;;)
+		{
+		A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
+
+	RIP1(A,B,C,D,E,WL00,SL00);
+	RIP1(E,A,B,C,D,WL01,SL01);
+	RIP1(D,E,A,B,C,WL02,SL02);
+	RIP1(C,D,E,A,B,WL03,SL03);
+	RIP1(B,C,D,E,A,WL04,SL04);
+	RIP1(A,B,C,D,E,WL05,SL05);
+	RIP1(E,A,B,C,D,WL06,SL06);
+	RIP1(D,E,A,B,C,WL07,SL07);
+	RIP1(C,D,E,A,B,WL08,SL08);
+	RIP1(B,C,D,E,A,WL09,SL09);
+	RIP1(A,B,C,D,E,WL10,SL10);
+	RIP1(E,A,B,C,D,WL11,SL11);
+	RIP1(D,E,A,B,C,WL12,SL12);
+	RIP1(C,D,E,A,B,WL13,SL13);
+	RIP1(B,C,D,E,A,WL14,SL14);
+	RIP1(A,B,C,D,E,WL15,SL15);
+
+	RIP2(E,A,B,C,D,WL16,SL16,KL1);
+	RIP2(D,E,A,B,C,WL17,SL17,KL1);
+	RIP2(C,D,E,A,B,WL18,SL18,KL1);
+	RIP2(B,C,D,E,A,WL19,SL19,KL1);
+	RIP2(A,B,C,D,E,WL20,SL20,KL1);
+	RIP2(E,A,B,C,D,WL21,SL21,KL1);
+	RIP2(D,E,A,B,C,WL22,SL22,KL1);
+	RIP2(C,D,E,A,B,WL23,SL23,KL1);
+	RIP2(B,C,D,E,A,WL24,SL24,KL1);
+	RIP2(A,B,C,D,E,WL25,SL25,KL1);
+	RIP2(E,A,B,C,D,WL26,SL26,KL1);
+	RIP2(D,E,A,B,C,WL27,SL27,KL1);
+	RIP2(C,D,E,A,B,WL28,SL28,KL1);
+	RIP2(B,C,D,E,A,WL29,SL29,KL1);
+	RIP2(A,B,C,D,E,WL30,SL30,KL1);
+	RIP2(E,A,B,C,D,WL31,SL31,KL1);
+
+	RIP3(D,E,A,B,C,WL32,SL32,KL2);
+	RIP3(C,D,E,A,B,WL33,SL33,KL2);
+	RIP3(B,C,D,E,A,WL34,SL34,KL2);
+	RIP3(A,B,C,D,E,WL35,SL35,KL2);
+	RIP3(E,A,B,C,D,WL36,SL36,KL2);
+	RIP3(D,E,A,B,C,WL37,SL37,KL2);
+	RIP3(C,D,E,A,B,WL38,SL38,KL2);
+	RIP3(B,C,D,E,A,WL39,SL39,KL2);
+	RIP3(A,B,C,D,E,WL40,SL40,KL2);
+	RIP3(E,A,B,C,D,WL41,SL41,KL2);
+	RIP3(D,E,A,B,C,WL42,SL42,KL2);
+	RIP3(C,D,E,A,B,WL43,SL43,KL2);
+	RIP3(B,C,D,E,A,WL44,SL44,KL2);
+	RIP3(A,B,C,D,E,WL45,SL45,KL2);
+	RIP3(E,A,B,C,D,WL46,SL46,KL2);
+	RIP3(D,E,A,B,C,WL47,SL47,KL2);
+
+	RIP4(C,D,E,A,B,WL48,SL48,KL3);
+	RIP4(B,C,D,E,A,WL49,SL49,KL3);
+	RIP4(A,B,C,D,E,WL50,SL50,KL3);
+	RIP4(E,A,B,C,D,WL51,SL51,KL3);
+	RIP4(D,E,A,B,C,WL52,SL52,KL3);
+	RIP4(C,D,E,A,B,WL53,SL53,KL3);
+	RIP4(B,C,D,E,A,WL54,SL54,KL3);
+	RIP4(A,B,C,D,E,WL55,SL55,KL3);
+	RIP4(E,A,B,C,D,WL56,SL56,KL3);
+	RIP4(D,E,A,B,C,WL57,SL57,KL3);
+	RIP4(C,D,E,A,B,WL58,SL58,KL3);
+	RIP4(B,C,D,E,A,WL59,SL59,KL3);
+	RIP4(A,B,C,D,E,WL60,SL60,KL3);
+	RIP4(E,A,B,C,D,WL61,SL61,KL3);
+	RIP4(D,E,A,B,C,WL62,SL62,KL3);
+	RIP4(C,D,E,A,B,WL63,SL63,KL3);
+
+	RIP5(B,C,D,E,A,WL64,SL64,KL4);
+	RIP5(A,B,C,D,E,WL65,SL65,KL4);
+	RIP5(E,A,B,C,D,WL66,SL66,KL4);
+	RIP5(D,E,A,B,C,WL67,SL67,KL4);
+	RIP5(C,D,E,A,B,WL68,SL68,KL4);
+	RIP5(B,C,D,E,A,WL69,SL69,KL4);
+	RIP5(A,B,C,D,E,WL70,SL70,KL4);
+	RIP5(E,A,B,C,D,WL71,SL71,KL4);
+	RIP5(D,E,A,B,C,WL72,SL72,KL4);
+	RIP5(C,D,E,A,B,WL73,SL73,KL4);
+	RIP5(B,C,D,E,A,WL74,SL74,KL4);
+	RIP5(A,B,C,D,E,WL75,SL75,KL4);
+	RIP5(E,A,B,C,D,WL76,SL76,KL4);
+	RIP5(D,E,A,B,C,WL77,SL77,KL4);
+	RIP5(C,D,E,A,B,WL78,SL78,KL4);
+	RIP5(B,C,D,E,A,WL79,SL79,KL4);
+
+	a=A; b=B; c=C; d=D; e=E;
+	/* Do other half */
+	A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
+
+	RIP5(A,B,C,D,E,WR00,SR00,KR0);
+	RIP5(E,A,B,C,D,WR01,SR01,KR0);
+	RIP5(D,E,A,B,C,WR02,SR02,KR0);
+	RIP5(C,D,E,A,B,WR03,SR03,KR0);
+	RIP5(B,C,D,E,A,WR04,SR04,KR0);
+	RIP5(A,B,C,D,E,WR05,SR05,KR0);
+	RIP5(E,A,B,C,D,WR06,SR06,KR0);
+	RIP5(D,E,A,B,C,WR07,SR07,KR0);
+	RIP5(C,D,E,A,B,WR08,SR08,KR0);
+	RIP5(B,C,D,E,A,WR09,SR09,KR0);
+	RIP5(A,B,C,D,E,WR10,SR10,KR0);
+	RIP5(E,A,B,C,D,WR11,SR11,KR0);
+	RIP5(D,E,A,B,C,WR12,SR12,KR0);
+	RIP5(C,D,E,A,B,WR13,SR13,KR0);
+	RIP5(B,C,D,E,A,WR14,SR14,KR0);
+	RIP5(A,B,C,D,E,WR15,SR15,KR0);
+
+	RIP4(E,A,B,C,D,WR16,SR16,KR1);
+	RIP4(D,E,A,B,C,WR17,SR17,KR1);
+	RIP4(C,D,E,A,B,WR18,SR18,KR1);
+	RIP4(B,C,D,E,A,WR19,SR19,KR1);
+	RIP4(A,B,C,D,E,WR20,SR20,KR1);
+	RIP4(E,A,B,C,D,WR21,SR21,KR1);
+	RIP4(D,E,A,B,C,WR22,SR22,KR1);
+	RIP4(C,D,E,A,B,WR23,SR23,KR1);
+	RIP4(B,C,D,E,A,WR24,SR24,KR1);
+	RIP4(A,B,C,D,E,WR25,SR25,KR1);
+	RIP4(E,A,B,C,D,WR26,SR26,KR1);
+	RIP4(D,E,A,B,C,WR27,SR27,KR1);
+	RIP4(C,D,E,A,B,WR28,SR28,KR1);
+	RIP4(B,C,D,E,A,WR29,SR29,KR1);
+	RIP4(A,B,C,D,E,WR30,SR30,KR1);
+	RIP4(E,A,B,C,D,WR31,SR31,KR1);
+
+	RIP3(D,E,A,B,C,WR32,SR32,KR2);
+	RIP3(C,D,E,A,B,WR33,SR33,KR2);
+	RIP3(B,C,D,E,A,WR34,SR34,KR2);
+	RIP3(A,B,C,D,E,WR35,SR35,KR2);
+	RIP3(E,A,B,C,D,WR36,SR36,KR2);
+	RIP3(D,E,A,B,C,WR37,SR37,KR2);
+	RIP3(C,D,E,A,B,WR38,SR38,KR2);
+	RIP3(B,C,D,E,A,WR39,SR39,KR2);
+	RIP3(A,B,C,D,E,WR40,SR40,KR2);
+	RIP3(E,A,B,C,D,WR41,SR41,KR2);
+	RIP3(D,E,A,B,C,WR42,SR42,KR2);
+	RIP3(C,D,E,A,B,WR43,SR43,KR2);
+	RIP3(B,C,D,E,A,WR44,SR44,KR2);
+	RIP3(A,B,C,D,E,WR45,SR45,KR2);
+	RIP3(E,A,B,C,D,WR46,SR46,KR2);
+	RIP3(D,E,A,B,C,WR47,SR47,KR2);
+
+	RIP2(C,D,E,A,B,WR48,SR48,KR3);
+	RIP2(B,C,D,E,A,WR49,SR49,KR3);
+	RIP2(A,B,C,D,E,WR50,SR50,KR3);
+	RIP2(E,A,B,C,D,WR51,SR51,KR3);
+	RIP2(D,E,A,B,C,WR52,SR52,KR3);
+	RIP2(C,D,E,A,B,WR53,SR53,KR3);
+	RIP2(B,C,D,E,A,WR54,SR54,KR3);
+	RIP2(A,B,C,D,E,WR55,SR55,KR3);
+	RIP2(E,A,B,C,D,WR56,SR56,KR3);
+	RIP2(D,E,A,B,C,WR57,SR57,KR3);
+	RIP2(C,D,E,A,B,WR58,SR58,KR3);
+	RIP2(B,C,D,E,A,WR59,SR59,KR3);
+	RIP2(A,B,C,D,E,WR60,SR60,KR3);
+	RIP2(E,A,B,C,D,WR61,SR61,KR3);
+	RIP2(D,E,A,B,C,WR62,SR62,KR3);
+	RIP2(C,D,E,A,B,WR63,SR63,KR3);
+
+	RIP1(B,C,D,E,A,WR64,SR64);
+	RIP1(A,B,C,D,E,WR65,SR65);
+	RIP1(E,A,B,C,D,WR66,SR66);
+	RIP1(D,E,A,B,C,WR67,SR67);
+	RIP1(C,D,E,A,B,WR68,SR68);
+	RIP1(B,C,D,E,A,WR69,SR69);
+	RIP1(A,B,C,D,E,WR70,SR70);
+	RIP1(E,A,B,C,D,WR71,SR71);
+	RIP1(D,E,A,B,C,WR72,SR72);
+	RIP1(C,D,E,A,B,WR73,SR73);
+	RIP1(B,C,D,E,A,WR74,SR74);
+	RIP1(A,B,C,D,E,WR75,SR75);
+	RIP1(E,A,B,C,D,WR76,SR76);
+	RIP1(D,E,A,B,C,WR77,SR77);
+	RIP1(C,D,E,A,B,WR78,SR78);
+	RIP1(B,C,D,E,A,WR79,SR79);
+
+	D     =ctx->B+c+D;
+	ctx->B=ctx->C+d+E;
+	ctx->C=ctx->D+e+A;
+	ctx->D=ctx->E+a+B;
+	ctx->E=ctx->A+b+C;
+	ctx->A=D;
+
+	X+=16;
+	num-=64;
+	if (num <= 0) break;
+		}
+	}
+#endif
+
+void RIPEMD160_Final(md, c)
+unsigned char *md;
+RIPEMD160_CTX *c;
+	{
+	register int i,j;
+	register ULONG l;
+	register ULONG *p;
+	static unsigned char end[4]={0x80,0x00,0x00,0x00};
+	unsigned char *cp=end;
+
+	/* c->num should definitly have room for at least one more byte. */
+	p=c->data;
+	j=c->num;
+	i=j>>2;
+
+	/* purify often complains about the following line as an
+	 * Uninitialized Memory Read.  While this can be true, the
+	 * following p_c2l macro will reset l when that case is true.
+	 * This is because j&0x03 contains the number of 'valid' bytes
+	 * already in p[i].  If and only if j&0x03 == 0, the UMR will
+	 * occur but this is also the only time p_c2l will do
+	 * l= *(cp++) instead of l|= *(cp++)
+	 * Many thanks to Alex Tang <altitude@cic.net> for pickup this
+	 * 'potential bug' */
+#ifdef PURIFY
+	if ((j&0x03) == 0) p[i]=0;
+#endif
+	l=p[i];
+	p_c2l(cp,l,j&0x03);
+	p[i]=l;
+	i++;
+	/* i is the next 'undefined word' */
+	if (c->num >= RIPEMD160_LAST_BLOCK)
+		{
+		for (; i<RIPEMD160_LBLOCK; i++)
+			p[i]=0;
+		ripemd160_block(c,p,64);
+		i=0;
+		}
+	for (; i<(RIPEMD160_LBLOCK-2); i++)
+		p[i]=0;
+	p[RIPEMD160_LBLOCK-2]=c->Nl;
+	p[RIPEMD160_LBLOCK-1]=c->Nh;
+	ripemd160_block(c,p,64);
+	cp=md;
+	l=c->A; l2c(l,cp);
+	l=c->B; l2c(l,cp);
+	l=c->C; l2c(l,cp);
+	l=c->D; l2c(l,cp);
+	l=c->E; l2c(l,cp);
+
+	/* clear stuff, ripemd160_block may be leaving some stuff on the stack
+	 * but I'm not worried :-) */
+	c->num=0;
+/*	memset((char *)&c,0,sizeof(c));*/
+	}
+
+#ifdef undef
+int printit(l)
+unsigned long *l;
+	{
+	int i,ii;
+
+	for (i=0; i<2; i++)
+		{
+		for (ii=0; ii<8; ii++)
+			{
+			fprintf(stderr,"%08lx ",l[i*8+ii]);
+			}
+		fprintf(stderr,"\n");
+		}
+	}
+#endif
diff --git a/crypto/ripemd/rmd_locl.h b/crypto/ripemd/rmd_locl.h
new file mode 100644
index 0000000000..a1feccf7c1
--- /dev/null
+++ b/crypto/ripemd/rmd_locl.h
@@ -0,0 +1,226 @@
+/* crypto/ripemd/rmd_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include "ripemd.h"
+
+#define ULONG	unsigned long
+#define UCHAR	unsigned char
+#define UINT	unsigned int
+
+#ifdef NOCONST
+#define const
+#endif
+
+#undef c2nl
+#define c2nl(c,l)	(l =(((unsigned long)(*((c)++)))<<24), \
+			 l|=(((unsigned long)(*((c)++)))<<16), \
+			 l|=(((unsigned long)(*((c)++)))<< 8), \
+			 l|=(((unsigned long)(*((c)++)))    ))
+
+#undef p_c2nl
+#define p_c2nl(c,l,n)	{ \
+			switch (n) { \
+			case 0: l =((unsigned long)(*((c)++)))<<24; \
+			case 1: l|=((unsigned long)(*((c)++)))<<16; \
+			case 2: l|=((unsigned long)(*((c)++)))<< 8; \
+			case 3: l|=((unsigned long)(*((c)++))); \
+				} \
+			}
+
+#undef c2nl_p
+/* NOTE the pointer is not incremented at the end of this */
+#define c2nl_p(c,l,n)	{ \
+			l=0; \
+			(c)+=n; \
+			switch (n) { \
+			case 3: l =((unsigned long)(*(--(c))))<< 8; \
+			case 2: l|=((unsigned long)(*(--(c))))<<16; \
+			case 1: l|=((unsigned long)(*(--(c))))<<24; \
+				} \
+			}
+
+#undef p_c2nl_p
+#define p_c2nl_p(c,l,sc,len) { \
+			switch (sc) \
+				{ \
+			case 0: l =((unsigned long)(*((c)++)))<<24; \
+				if (--len == 0) break; \
+			case 1: l|=((unsigned long)(*((c)++)))<<16; \
+				if (--len == 0) break; \
+			case 2: l|=((unsigned long)(*((c)++)))<< 8; \
+				} \
+			}
+
+#undef nl2c
+#define nl2c(l,c)	(*((c)++)=(unsigned char)(((l)>>24)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+			 *((c)++)=(unsigned char)(((l)    )&0xff))
+
+#undef c2l
+#define c2l(c,l)	(l =(((unsigned long)(*((c)++)))    ), \
+			 l|=(((unsigned long)(*((c)++)))<< 8), \
+			 l|=(((unsigned long)(*((c)++)))<<16), \
+			 l|=(((unsigned long)(*((c)++)))<<24))
+
+#undef p_c2l
+#define p_c2l(c,l,n)	{ \
+			switch (n) { \
+			case 0: l =((unsigned long)(*((c)++))); \
+			case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+			case 2: l|=((unsigned long)(*((c)++)))<<16; \
+			case 3: l|=((unsigned long)(*((c)++)))<<24; \
+				} \
+			}
+
+#undef c2l_p
+/* NOTE the pointer is not incremented at the end of this */
+#define c2l_p(c,l,n)	{ \
+			l=0; \
+			(c)+=n; \
+			switch (n) { \
+			case 3: l =((unsigned long)(*(--(c))))<<16; \
+			case 2: l|=((unsigned long)(*(--(c))))<< 8; \
+			case 1: l|=((unsigned long)(*(--(c)))); \
+				} \
+			}
+
+#undef p_c2l_p
+#define p_c2l_p(c,l,sc,len) { \
+			switch (sc) \
+				{ \
+			case 0: l =((unsigned long)(*((c)++))); \
+				if (--len == 0) break; \
+			case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+				if (--len == 0) break; \
+			case 2: l|=((unsigned long)(*((c)++)))<<16; \
+				} \
+			}
+
+#undef l2c
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)    )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24)&0xff))
+
+#undef ROTATE
+#if defined(WIN32)
+#define ROTATE(a,n)     _lrotl(a,n)
+#else
+#define ROTATE(a,n)     (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
+#endif
+
+/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
+#if defined(WIN32)
+/* 5 instructions with rotate instruction, else 9 */
+#define Endian_Reverse32(a) \
+	{ \
+	unsigned long l=(a); \
+	(a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \
+	}
+#else
+/* 6 instructions with rotate instruction, else 8 */
+#define Endian_Reverse32(a) \
+	{ \
+	unsigned long l=(a); \
+	l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \
+	(a)=ROTATE(l,16L); \
+	}
+#endif
+
+#define F1(x,y,z)	 ((x)^(y)^(z))
+#define F2(x,y,z)	(((x)&(y))|((~x)&z))
+#define F3(x,y,z)	(((x)|(~y))^(z))
+#define F4(x,y,z)	(((x)&(z))|((y)&(~(z))))
+#define F5(x,y,z)	 ((x)^((y)|(~(z))))
+
+#define RIPEMD160_A	0x67452301L
+#define RIPEMD160_B	0xEFCDAB89L
+#define RIPEMD160_C	0x98BADCFEL
+#define RIPEMD160_D	0x10325476L
+#define RIPEMD160_E	0xC3D2E1F0L
+
+#include "rmdconst.h"
+
+#define RIP1(a,b,c,d,e,w,s) { \
+	a+=F1(b,c,d)+X[w]; \
+        a=ROTATE(a,s)+e; \
+        c=ROTATE(c,10); }
+
+#define RIP2(a,b,c,d,e,w,s,K) { \
+	a+=F2(b,c,d)+X[w]+K; \
+        a=ROTATE(a,s)+e; \
+        c=ROTATE(c,10); }
+
+#define RIP3(a,b,c,d,e,w,s,K) { \
+	a+=F3(b,c,d)+X[w]+K; \
+        a=ROTATE(a,s)+e; \
+        c=ROTATE(c,10); }
+
+#define RIP4(a,b,c,d,e,w,s,K) { \
+	a+=F4(b,c,d)+X[w]+K; \
+        a=ROTATE(a,s)+e; \
+        c=ROTATE(c,10); }
+
+#define RIP5(a,b,c,d,e,w,s,K) { \
+	a+=F5(b,c,d)+X[w]+K; \
+        a=ROTATE(a,s)+e; \
+        c=ROTATE(c,10); }
+
diff --git a/crypto/ripemd/rmd_one.c b/crypto/ripemd/rmd_one.c
new file mode 100644
index 0000000000..a7626dbcda
--- /dev/null
+++ b/crypto/ripemd/rmd_one.c
@@ -0,0 +1,77 @@
+/* crypto/ripemd/rmd_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "rmd_locl.h"
+
+unsigned char *RIPEMD160(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+	{
+	RIPEMD160_CTX c;
+	static unsigned char m[RIPEMD160_DIGEST_LENGTH];
+
+	if (md == NULL) md=m;
+	RIPEMD160_Init(&c);
+	RIPEMD160_Update(&c,d,n);
+	RIPEMD160_Final(md,&c);
+	memset(&c,0,sizeof(c)); /* security consideration */
+	return(md);
+	}
+
diff --git a/crypto/ripemd/rmdconst.h b/crypto/ripemd/rmdconst.h
new file mode 100644
index 0000000000..59c48dead1
--- /dev/null
+++ b/crypto/ripemd/rmdconst.h
@@ -0,0 +1,399 @@
+/* crypto/ripemd/rmdconst.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#define KL0 0x00000000L
+#define KL1 0x5A827999L
+#define KL2 0x6ED9EBA1L
+#define KL3 0x8F1BBCDCL
+#define KL4 0xA953FD4EL
+
+#define KR0 0x50A28BE6L
+#define KR1 0x5C4DD124L
+#define KR2 0x6D703EF3L
+#define KR3 0x7A6D76E9L
+#define KR4 0x00000000L
+
+#define WL00  0
+#define SL00 11
+#define WL01  1
+#define SL01 14
+#define WL02  2
+#define SL02 15
+#define WL03  3
+#define SL03 12
+#define WL04  4
+#define SL04  5
+#define WL05  5
+#define SL05  8
+#define WL06  6
+#define SL06  7
+#define WL07  7
+#define SL07  9
+#define WL08  8
+#define SL08 11
+#define WL09  9
+#define SL09 13
+#define WL10 10
+#define SL10 14
+#define WL11 11
+#define SL11 15
+#define WL12 12
+#define SL12  6
+#define WL13 13
+#define SL13  7
+#define WL14 14
+#define SL14  9
+#define WL15 15
+#define SL15  8
+
+#define WL16  7
+#define SL16  7
+#define WL17  4
+#define SL17  6
+#define WL18 13
+#define SL18  8
+#define WL19  1
+#define SL19 13
+#define WL20 10
+#define SL20 11
+#define WL21  6
+#define SL21  9
+#define WL22 15
+#define SL22  7
+#define WL23  3
+#define SL23 15
+#define WL24 12
+#define SL24  7
+#define WL25  0
+#define SL25 12
+#define WL26  9
+#define SL26 15
+#define WL27  5
+#define SL27  9
+#define WL28  2
+#define SL28 11
+#define WL29 14
+#define SL29  7
+#define WL30 11
+#define SL30 13
+#define WL31  8
+#define SL31 12
+
+#define WL32  3
+#define SL32 11
+#define WL33 10
+#define SL33 13
+#define WL34 14
+#define SL34  6
+#define WL35  4
+#define SL35  7
+#define WL36  9
+#define SL36 14
+#define WL37 15
+#define SL37  9
+#define WL38  8
+#define SL38 13
+#define WL39  1
+#define SL39 15
+#define WL40  2
+#define SL40 14
+#define WL41  7
+#define SL41  8
+#define WL42  0
+#define SL42 13
+#define WL43  6
+#define SL43  6
+#define WL44 13
+#define SL44  5
+#define WL45 11
+#define SL45 12
+#define WL46  5
+#define SL46  7
+#define WL47 12
+#define SL47  5
+
+#define WL48  1
+#define SL48 11
+#define WL49  9
+#define SL49 12
+#define WL50 11
+#define SL50 14
+#define WL51 10
+#define SL51 15
+#define WL52  0
+#define SL52 14
+#define WL53  8
+#define SL53 15
+#define WL54 12
+#define SL54  9
+#define WL55  4
+#define SL55  8
+#define WL56 13
+#define SL56  9
+#define WL57  3
+#define SL57 14
+#define WL58  7
+#define SL58  5
+#define WL59 15
+#define SL59  6
+#define WL60 14
+#define SL60  8
+#define WL61  5
+#define SL61  6
+#define WL62  6
+#define SL62  5
+#define WL63  2
+#define SL63 12
+
+#define WL64  4
+#define SL64  9
+#define WL65  0
+#define SL65 15
+#define WL66  5
+#define SL66  5
+#define WL67  9
+#define SL67 11
+#define WL68  7
+#define SL68  6
+#define WL69 12
+#define SL69  8
+#define WL70  2
+#define SL70 13
+#define WL71 10
+#define SL71 12
+#define WL72 14
+#define SL72  5
+#define WL73  1
+#define SL73 12
+#define WL74  3
+#define SL74 13
+#define WL75  8
+#define SL75 14
+#define WL76 11
+#define SL76 11
+#define WL77  6
+#define SL77  8
+#define WL78 15
+#define SL78  5
+#define WL79 13
+#define SL79  6
+
+#define WR00  5
+#define SR00  8
+#define WR01 14
+#define SR01  9
+#define WR02  7
+#define SR02  9
+#define WR03  0
+#define SR03 11
+#define WR04  9
+#define SR04 13
+#define WR05  2
+#define SR05 15
+#define WR06 11
+#define SR06 15
+#define WR07  4
+#define SR07  5
+#define WR08 13
+#define SR08  7
+#define WR09  6
+#define SR09  7
+#define WR10 15
+#define SR10  8
+#define WR11  8
+#define SR11 11
+#define WR12  1
+#define SR12 14
+#define WR13 10
+#define SR13 14
+#define WR14  3
+#define SR14 12
+#define WR15 12
+#define SR15  6
+
+#define WR16  6
+#define SR16  9
+#define WR17 11
+#define SR17 13
+#define WR18  3
+#define SR18 15
+#define WR19  7
+#define SR19  7
+#define WR20  0
+#define SR20 12
+#define WR21 13
+#define SR21  8
+#define WR22  5
+#define SR22  9
+#define WR23 10
+#define SR23 11
+#define WR24 14
+#define SR24  7
+#define WR25 15
+#define SR25  7
+#define WR26  8
+#define SR26 12
+#define WR27 12
+#define SR27  7
+#define WR28  4
+#define SR28  6
+#define WR29  9
+#define SR29 15
+#define WR30  1
+#define SR30 13
+#define WR31  2
+#define SR31 11
+
+#define WR32 15
+#define SR32  9
+#define WR33  5
+#define SR33  7
+#define WR34  1
+#define SR34 15
+#define WR35  3
+#define SR35 11
+#define WR36  7
+#define SR36  8
+#define WR37 14
+#define SR37  6
+#define WR38  6
+#define SR38  6
+#define WR39  9
+#define SR39 14
+#define WR40 11
+#define SR40 12
+#define WR41  8
+#define SR41 13
+#define WR42 12
+#define SR42  5
+#define WR43  2
+#define SR43 14
+#define WR44 10
+#define SR44 13
+#define WR45  0
+#define SR45 13
+#define WR46  4
+#define SR46  7
+#define WR47 13
+#define SR47  5
+
+#define WR48  8
+#define SR48 15
+#define WR49  6
+#define SR49  5
+#define WR50  4
+#define SR50  8
+#define WR51  1
+#define SR51 11
+#define WR52  3
+#define SR52 14
+#define WR53 11
+#define SR53 14
+#define WR54 15
+#define SR54  6
+#define WR55  0
+#define SR55 14
+#define WR56  5
+#define SR56  6
+#define WR57 12
+#define SR57  9
+#define WR58  2
+#define SR58 12
+#define WR59 13
+#define SR59  9
+#define WR60  9
+#define SR60 12
+#define WR61  7
+#define SR61  5
+#define WR62 10
+#define SR62 15
+#define WR63 14
+#define SR63  8
+
+#define WR64 12
+#define SR64  8
+#define WR65 15
+#define SR65  5
+#define WR66 10
+#define SR66 12
+#define WR67  4
+#define SR67  9
+#define WR68  1
+#define SR68 12
+#define WR69  5
+#define SR69  5
+#define WR70  8
+#define SR70 14
+#define WR71  7
+#define SR71  6
+#define WR72  6
+#define SR72  8
+#define WR73  2
+#define SR73 13
+#define WR74 13
+#define SR74  6
+#define WR75 14
+#define SR75  5
+#define WR76  0
+#define SR76 15
+#define WR77  3
+#define SR77 13
+#define WR78  9
+#define SR78 11
+#define WR79 11
+#define SR79 11
+
diff --git a/crypto/ripemd/rmdtest.c b/crypto/ripemd/rmdtest.c
new file mode 100644
index 0000000000..6a0297f975
--- /dev/null
+++ b/crypto/ripemd/rmdtest.c
@@ -0,0 +1,133 @@
+/* crypto/ripemd/rmdtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "ripemd.h"
+
+char *test[]={
+	"",
+	"a",
+	"abc",
+	"message digest",
+	"abcdefghijklmnopqrstuvwxyz",
+	"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+	"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+	NULL,
+	};
+
+char *ret[]={
+	"9c1185a5c5e9fc54612808977ee8f548b2258d31",
+	"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe",
+	"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc",
+	"5d0689ef49d2fae572b881b123a85ffa21595f36",
+	"f71c27109c692c1b56bbdceb5b9d2865b3708dbc",
+	"12a053384a9c0c88e405a06c27dcf49ada62eb2b",
+	"b0e20b6e3116640286ed3a87a5713079b21f5189",
+	"9b752e45573d4b39f4dbd3323cab82bf63326bfb",
+	};
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int i,err=0;
+	unsigned char **P,**R;
+	char *p;
+
+	P=(unsigned char **)test;
+	R=(unsigned char **)ret;
+	i=1;
+	while (*P != NULL)
+		{
+		p=pt(RIPEMD160(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL));
+		if (strcmp(p,(char *)*R) != 0)
+			{
+			printf("error calculating RIPEMD160 on '%s'\n",*P);
+			printf("got %s instead of %s\n",p,*R);
+			err++;
+			}
+		else
+			printf("test %d ok\n",i);
+		i++;
+		R++;
+		P++;
+		}
+	exit(err);
+	return(0);
+	}
+
+static char *pt(md)
+unsigned char *md;
+	{
+	int i;
+	static char buf[80];
+
+	for (i=0; i<RIPEMD160_DIGEST_LENGTH; i++)
+		sprintf(&(buf[i*2]),"%02x",md[i]);
+	return(buf);
+	}
+
diff --git a/crypto/rsa/Makefile.ssl b/crypto/rsa/Makefile.ssl
index 5e04ec4484..d52f2e609e 100644
--- a/crypto/rsa/Makefile.ssl
+++ b/crypto/rsa/Makefile.ssl
@@ -22,8 +22,10 @@ TEST=
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC= rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c $(ERRC).c
-LIBOBJ= rsa_enc.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o $(ERRC).o
+LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c $(ERRC).c \
+	rsa_pk1.c rsa_ssl.c rsa_none.c
+LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o $(ERRC).o \
+	rsa_pk1.o rsa_ssl.o rsa_none.o
 
 SRC= $(LIBSRC)
 
@@ -79,6 +81,6 @@ clean:
 
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/rsa/rsa.err b/crypto/rsa/rsa.err
index 29f1496693..5ded1b5fa2 100644
--- a/crypto/rsa/rsa.err
+++ b/crypto/rsa/rsa.err
@@ -7,12 +7,20 @@
 #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT			 103
 #define RSA_F_RSA_GENERATE_KEY				 104
 #define RSA_F_RSA_NEW_METHOD				 105
-#define RSA_F_RSA_PRINT					 106
-#define RSA_F_RSA_PRINT_FP				 107
-#define RSA_F_RSA_SIGN					 108
-#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING		 109
-#define RSA_F_RSA_VERIFY				 110
-#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING		 111
+#define RSA_F_RSA_PADDING_ADD_NONE			 106
+#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1		 107
+#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2		 108
+#define RSA_F_RSA_PADDING_ADD_SSLV23			 109
+#define RSA_F_RSA_PADDING_CHECK_NONE			 110
+#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1		 111
+#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2		 112
+#define RSA_F_RSA_PADDING_CHECK_SSLV23			 113
+#define RSA_F_RSA_PRINT					 114
+#define RSA_F_RSA_PRINT_FP				 115
+#define RSA_F_RSA_SIGN					 116
+#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING		 117
+#define RSA_F_RSA_VERIFY				 118
+#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING		 119
 
 /* Reason codes. */
 #define RSA_R_ALGORITHM_MISMATCH			 100
@@ -20,14 +28,18 @@
 #define RSA_R_BAD_FIXED_HEADER_DECRYPT			 102
 #define RSA_R_BAD_PAD_BYTE_COUNT			 103
 #define RSA_R_BAD_SIGNATURE				 104
-#define RSA_R_BLOCK_TYPE_IS_NOT_01			 105
-#define RSA_R_BLOCK_TYPE_IS_NOT_02			 106
-#define RSA_R_DATA_GREATER_THAN_MOD_LEN			 107
-#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 108
-#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY		 109
-#define RSA_R_NULL_BEFORE_BLOCK_MISSING			 110
-#define RSA_R_SSLV3_ROLLBACK_ATTACK			 111
-#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 112
-#define RSA_R_UNKNOWN_ALGORITHM_TYPE			 113
-#define RSA_R_UNKNOWN_PADDING_TYPE			 114
-#define RSA_R_WRONG_SIGNATURE_LENGTH			 115
+#define RSA_R_BAD_ZERO_BYTE				 105
+#define RSA_R_BLOCK_TYPE_IS_NOT_01			 106
+#define RSA_R_BLOCK_TYPE_IS_NOT_02			 107
+#define RSA_R_DATA_GREATER_THAN_MOD_LEN			 108
+#define RSA_R_DATA_TOO_LARGE				 109
+#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 110
+#define RSA_R_DATA_TOO_SMALL				 111
+#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY		 112
+#define RSA_R_NULL_BEFORE_BLOCK_MISSING			 113
+#define RSA_R_PADDING_CHECK_FAILED			 114
+#define RSA_R_SSLV3_ROLLBACK_ATTACK			 115
+#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
+#define RSA_R_UNKNOWN_ALGORITHM_TYPE			 117
+#define RSA_R_UNKNOWN_PADDING_TYPE			 118
+#define RSA_R_WRONG_SIGNATURE_LENGTH			 119
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index 821e928a1c..aeb78ffcd3 100644
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -1,5 +1,5 @@
 /* crypto/rsa/rsa.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -64,6 +64,7 @@ extern "C" {
 #endif
 
 #include "bn.h"
+#include "crypto.h"
 
 typedef struct rsa_meth_st
 	{
@@ -72,10 +73,13 @@ typedef struct rsa_meth_st
 	int (*rsa_pub_dec)();
 	int (*rsa_priv_enc)();
 	int (*rsa_priv_dec)();
-	int (*rsa_mod_exp)();
-	int (*bn_mod_exp)();
+	int (*rsa_mod_exp)();		/* Can be null */
+	int (*bn_mod_exp)();		/* Can be null */
 	int (*init)(/* RSA * */);	/* called at new */
 	int (*finish)(/* RSA * */);	/* called at free */
+
+	int flags;			/* RSA_METHOD_FLAG_* things */
+	char *app_data;			/* may be needed! */
 	} RSA_METHOD;
 
 typedef struct rsa_st
@@ -94,22 +98,40 @@ typedef struct rsa_st
 	BIGNUM *dmq1;
 	BIGNUM *iqmp;
 	/* be carefull using this if the RSA structure is shared */
-	char *app_data;
+	CRYPTO_EX_DATA ex_data;
 	int references;
+	int flags;
+
+	/* Normally used to cached montgomery values */
+	char *method_mod_n;
+	char *method_mod_p;
+	char *method_mod_q;
+
+	BN_BLINDING *blinding;
 	} RSA;
 
 #define RSA_3	0x3L
 #define RSA_F4	0x10001L
 
-#define RSA_PKCS1_PADDING	11
-#define RSA_SSLV23_PADDING	12
+#define RSA_METHOD_FLAG_NO_CHECK	0x01 /* don't check pub/private match */
+#define RSA_FLAG_CACHE_PUBLIC		0x02
+#define RSA_FLAG_CACHE_PRIVATE		0x04
+#define RSA_FLAG_BLINDING		0x08
+#define RSA_FLAG_THREAD_SAFE		0x10
+
+#define RSA_PKCS1_PADDING	1
+#define RSA_SSLV23_PADDING	2
+#define RSA_NO_PADDING		3
+
+#define RSA_set_app_data(s,arg)         RSA_set_ex_data(s,0,(char *)arg)
+#define RSA_get_app_data(s)             RSA_get_ex_data(s,0)
 
 #ifndef NOPROTO
 RSA *	RSA_new(void);
 RSA *	RSA_new_method(RSA_METHOD *method);
 int	RSA_size(RSA *);
 RSA *	RSA_generate_key(int bits, unsigned long e,void
-		(*callback)(int,int));
+		(*callback)(int,int,char *),char *cb_arg);
 	/* next 4 return -1 on error */
 int	RSA_public_encrypt(int flen, unsigned char *from,
 		unsigned char *to, RSA *rsa,int padding);
@@ -121,10 +143,12 @@ int	RSA_private_decrypt(int flen, unsigned char *from,
 		unsigned char *to, RSA *rsa,int padding);
 void	RSA_free (RSA *r);
 
+int	RSA_flags(RSA *r);
+
 void RSA_set_default_method(RSA_METHOD *meth);
 
 /* If you have RSAref compiled in. */
-/* RSA_METHOD *RSA_PKCS1_RSAref(void); */
+RSA_METHOD *RSA_PKCS1_RSAref(void);
 
 /* these are the actual SSLeay RSA functions */
 RSA_METHOD *RSA_PKCS1_SSLeay(void);
@@ -135,7 +159,7 @@ RSA *	d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
 int	i2d_RSAPublicKey(RSA *a, unsigned char **pp);
 RSA *	d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
 int 	i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
-#ifndef WIN16
+#ifndef NO_FP_API
 int	RSA_print_fp(FILE *fp, RSA *r,int offset);
 #endif
 
@@ -145,6 +169,9 @@ int	RSA_print(BIO *bp, RSA *r,int offset);
 
 int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
 RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
+/* Naughty internal function required elsewhere, to handle a MS structure
+ * that is the same as the netscape one :-) */
+RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, int (*cb)());
 
 /* The following 2 functions sign and verify a X509_SIG ASN1 object
  * inside PKCS#1 padded RSA encryption */
@@ -160,6 +187,31 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
 int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
 	unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
 
+int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
+void RSA_blinding_off(RSA *rsa);
+
+int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen,
+	unsigned char *f,int fl);
+int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen,
+	unsigned char *f,int fl);
+int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,
+	unsigned char *f,int fl);
+int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
+	unsigned char *f,int fl);
+int RSA_padding_add_SSLv23(unsigned char *to,int tlen,
+	unsigned char *f,int fl);
+int RSA_padding_check_SSLv23(unsigned char *to,int tlen,
+	unsigned char *f,int fl);
+int RSA_padding_add_none(unsigned char *to,int tlen,
+	unsigned char *f,int fl);
+int RSA_padding_check_none(unsigned char *to,int tlen,
+	unsigned char *f,int fl);
+
+int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+	int (*dup_func)(), void (*free_func)());
+int RSA_set_ex_data(RSA *r,int idx,char *arg);
+char *RSA_get_ex_data(RSA *r, int idx);
+
 #else
 
 RSA *	RSA_new();
@@ -172,6 +224,8 @@ int	RSA_public_decrypt();
 int	RSA_private_decrypt();
 void	RSA_free ();
 
+int	RSA_flags();
+
 void RSA_set_default_method();
 
 /* RSA_METHOD *RSA_PKCS1_RSAref(); */
@@ -183,7 +237,7 @@ RSA *	d2i_RSAPublicKey();
 int	i2d_RSAPublicKey();
 RSA *	d2i_RSAPrivateKey();
 int 	i2d_RSAPrivateKey();
-#ifndef WIN16
+#ifndef NO_FP_API
 int	RSA_print_fp();
 #endif
 
@@ -191,13 +245,28 @@ int	RSA_print();
 
 int i2d_Netscape_RSA();
 RSA *d2i_Netscape_RSA();
+RSA *d2i_Netscape_RSA_2();
 
 int RSA_sign();
 int RSA_verify();
 
 int RSA_sign_ASN1_OCTET_STRING();
 int RSA_verify_ASN1_OCTET_STRING();
-
+int RSA_blinding_on();
+void RSA_blinding_off();
+
+int RSA_padding_add_PKCS1_type_1();
+int RSA_padding_check_PKCS1_type_1();
+int RSA_padding_add_PKCS1_type_2();
+int RSA_padding_check_PKCS1_type_2();
+int RSA_padding_add_SSLv23();
+int RSA_padding_check_SSLv23();
+int RSA_padding_add_none();
+int RSA_padding_check_none();
+
+int RSA_get_ex_new_index();
+int RSA_set_ex_data();
+char *RSA_get_ex_data();
 
 #endif
 
@@ -211,12 +280,20 @@ int RSA_verify_ASN1_OCTET_STRING();
 #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT			 103
 #define RSA_F_RSA_GENERATE_KEY				 104
 #define RSA_F_RSA_NEW_METHOD				 105
-#define RSA_F_RSA_PRINT					 106
-#define RSA_F_RSA_PRINT_FP				 107
-#define RSA_F_RSA_SIGN					 108
-#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING		 109
-#define RSA_F_RSA_VERIFY				 110
-#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING		 111
+#define RSA_F_RSA_PADDING_ADD_NONE			 106
+#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1		 107
+#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2		 108
+#define RSA_F_RSA_PADDING_ADD_SSLV23			 109
+#define RSA_F_RSA_PADDING_CHECK_NONE			 110
+#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1		 111
+#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2		 112
+#define RSA_F_RSA_PADDING_CHECK_SSLV23			 113
+#define RSA_F_RSA_PRINT					 114
+#define RSA_F_RSA_PRINT_FP				 115
+#define RSA_F_RSA_SIGN					 116
+#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING		 117
+#define RSA_F_RSA_VERIFY				 118
+#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING		 119
 
 /* Reason codes. */
 #define RSA_R_ALGORITHM_MISMATCH			 100
@@ -224,17 +301,21 @@ int RSA_verify_ASN1_OCTET_STRING();
 #define RSA_R_BAD_FIXED_HEADER_DECRYPT			 102
 #define RSA_R_BAD_PAD_BYTE_COUNT			 103
 #define RSA_R_BAD_SIGNATURE				 104
-#define RSA_R_BLOCK_TYPE_IS_NOT_01			 105
-#define RSA_R_BLOCK_TYPE_IS_NOT_02			 106
-#define RSA_R_DATA_GREATER_THAN_MOD_LEN			 107
-#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 108
-#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY		 109
-#define RSA_R_NULL_BEFORE_BLOCK_MISSING			 110
-#define RSA_R_SSLV3_ROLLBACK_ATTACK			 111
-#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 112
-#define RSA_R_UNKNOWN_ALGORITHM_TYPE			 113
-#define RSA_R_UNKNOWN_PADDING_TYPE			 114
-#define RSA_R_WRONG_SIGNATURE_LENGTH			 115
+#define RSA_R_BAD_ZERO_BYTE				 105
+#define RSA_R_BLOCK_TYPE_IS_NOT_01			 106
+#define RSA_R_BLOCK_TYPE_IS_NOT_02			 107
+#define RSA_R_DATA_GREATER_THAN_MOD_LEN			 108
+#define RSA_R_DATA_TOO_LARGE				 109
+#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 110
+#define RSA_R_DATA_TOO_SMALL				 111
+#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY		 112
+#define RSA_R_NULL_BEFORE_BLOCK_MISSING			 113
+#define RSA_R_PADDING_CHECK_FAILED			 114
+#define RSA_R_SSLV3_ROLLBACK_ATTACK			 115
+#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
+#define RSA_R_UNKNOWN_ALGORITHM_TYPE			 117
+#define RSA_R_UNKNOWN_PADDING_TYPE			 118
+#define RSA_R_WRONG_SIGNATURE_LENGTH			 119
  
 #ifdef  __cplusplus
 }
diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c
new file mode 100644
index 0000000000..00f8ea9341
--- /dev/null
+++ b/crypto/rsa/rsa_eay.c
@@ -0,0 +1,498 @@
+/* crypto/rsa/rsa_eay.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "rand.h"
+
+#ifndef NOPROTO
+static int RSA_eay_public_encrypt(int flen, unsigned char *from,
+		unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_private_encrypt(int flen, unsigned char *from,
+		unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_public_decrypt(int flen, unsigned char *from,
+		unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_private_decrypt(int flen, unsigned char *from,
+		unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa);
+static int RSA_eay_init(RSA *rsa);
+static int RSA_eay_finish(RSA *rsa);
+#else
+static int RSA_eay_public_encrypt();
+static int RSA_eay_private_encrypt();
+static int RSA_eay_public_decrypt();
+static int RSA_eay_private_decrypt();
+static int RSA_eay_mod_exp();
+static int RSA_eay_init();
+static int RSA_eay_finish();
+#endif
+
+static RSA_METHOD rsa_pkcs1_eay_meth={
+	"Eric Young's PKCS#1 RSA",
+	RSA_eay_public_encrypt,
+	RSA_eay_public_decrypt,
+	RSA_eay_private_encrypt,
+	RSA_eay_private_decrypt,
+	RSA_eay_mod_exp,
+	BN_mod_exp_mont,
+	RSA_eay_init,
+	RSA_eay_finish,
+	0,
+	NULL,
+	};
+
+RSA_METHOD *RSA_PKCS1_SSLeay()
+	{
+	return(&rsa_pkcs1_eay_meth);
+	}
+
+static int RSA_eay_public_encrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+	{
+	BIGNUM *f=NULL,*ret=NULL;
+	int i,j,k,num=0,r= -1;
+	unsigned char *buf=NULL;
+	BN_CTX *ctx=NULL;
+
+	if ((ctx=BN_CTX_new()) == NULL) goto err;
+	num=BN_num_bytes(rsa->n);
+	if ((buf=(unsigned char *)Malloc(num)) == NULL)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	switch (padding)
+		{
+	case RSA_PKCS1_PADDING:
+		i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen);
+		break;
+	case RSA_SSLV23_PADDING:
+		i=RSA_padding_add_SSLv23(buf,num,from,flen);
+		break;
+	case RSA_NO_PADDING:
+		i=RSA_padding_add_none(buf,num,from,flen);
+		break;
+	default:
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
+		goto err;
+		}
+	if (i <= 0) goto err;
+
+	if (((f=BN_new()) == NULL) || ((ret=BN_new()) == NULL)) goto err;
+
+	if (BN_bin2bn(buf,num,f) == NULL) goto err;
+	
+	if ((rsa->method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
+		{
+		if ((rsa->method_mod_n=(char *)BN_MONT_CTX_new()) != NULL)
+			if (!BN_MONT_CTX_set((BN_MONT_CTX *)rsa->method_mod_n,
+				rsa->n,ctx)) goto err;
+		}
+
+	if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx,
+		rsa->method_mod_n)) goto err;
+
+	/* put in leading 0 bytes if the number is less than the
+	 * length of the modulus */
+	j=BN_num_bytes(ret);
+	i=BN_bn2bin(ret,&(to[num-j]));
+	for (k=0; k<(num-i); k++)
+		to[k]=0;
+
+	r=num;
+err:
+	if (ctx != NULL) BN_CTX_free(ctx);
+	if (f != NULL) BN_free(f);
+	if (ret != NULL) BN_free(ret);
+	if (buf != NULL) 
+		{
+		memset(buf,0,num);
+		Free(buf);
+		}
+	return(r);
+	}
+
+static int RSA_eay_private_encrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+	{
+	BIGNUM *f=NULL,*ret=NULL;
+	int i,j,k,num=0,r= -1;
+	unsigned char *buf=NULL;
+	BN_CTX *ctx=NULL;
+
+	if ((ctx=BN_CTX_new()) == NULL) goto err;
+	num=BN_num_bytes(rsa->n);
+	if ((buf=(unsigned char *)Malloc(num)) == NULL)
+		{
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	switch (padding)
+		{
+	case RSA_PKCS1_PADDING:
+		i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen);
+		break;
+	case RSA_NO_PADDING:
+		i=RSA_padding_add_none(buf,num,from,flen);
+		break;
+	case RSA_SSLV23_PADDING:
+	default:
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
+		goto err;
+		}
+	if (i <= 0) goto err;
+
+	if (((f=BN_new()) == NULL) || ((ret=BN_new()) == NULL)) goto err;
+	if (BN_bin2bn(buf,num,f) == NULL) goto err;
+
+	if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
+		RSA_blinding_on(rsa,ctx);
+	if (rsa->flags & RSA_FLAG_BLINDING)
+		if (!BN_BLINDING_convert(f,rsa->blinding,ctx)) goto err;
+
+	if (	(rsa->p != NULL) &&
+		(rsa->q != NULL) &&
+		(rsa->dmp1 != NULL) &&
+		(rsa->dmq1 != NULL) &&
+		(rsa->iqmp != NULL))
+		{ if (!rsa->meth->rsa_mod_exp(ret,f,rsa)) goto err; }
+	else
+		{
+		if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx)) goto err;
+		}
+
+	if (rsa->flags & RSA_FLAG_BLINDING)
+		if (!BN_BLINDING_invert(ret,rsa->blinding,ctx)) goto err;
+
+	/* put in leading 0 bytes if the number is less than the
+	 * length of the modulus */
+	j=BN_num_bytes(ret);
+	i=BN_bn2bin(ret,&(to[num-j]));
+	for (k=0; k<(num-i); k++)
+		to[k]=0;
+
+	r=num;
+err:
+	if (ctx != NULL) BN_CTX_free(ctx);
+	if (ret != NULL) BN_free(ret);
+	if (f != NULL) BN_free(f);
+	if (buf != NULL)
+		{
+		memset(buf,0,num);
+		Free(buf);
+		}
+	return(r);
+	}
+
+static int RSA_eay_private_decrypt(flen, from, to, rsa,padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+	{
+	BIGNUM *f=NULL,*ret=NULL;
+	int j,num=0,r= -1;
+	unsigned char *p;
+	unsigned char *buf=NULL;
+	BN_CTX *ctx=NULL;
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+
+	num=BN_num_bytes(rsa->n);
+
+	if ((buf=(unsigned char *)Malloc(num)) == NULL)
+		{
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	/* This check was for equallity but PGP does evil things
+	 * and chops off the top '0' bytes */
+	if (flen > num)
+		{
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
+		goto err;
+		}
+
+	/* make data into a big number */
+	if (((ret=BN_new()) == NULL) || ((f=BN_new()) == NULL)) goto err;
+	if (BN_bin2bn(from,(int)flen,f) == NULL) goto err;
+
+	if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
+		RSA_blinding_on(rsa,ctx);
+	if (rsa->flags & RSA_FLAG_BLINDING)
+		if (!BN_BLINDING_convert(f,rsa->blinding,ctx)) goto err;
+
+	/* do the decrypt */
+	if (	(rsa->p != NULL) &&
+		(rsa->q != NULL) &&
+		(rsa->dmp1 != NULL) &&
+		(rsa->dmq1 != NULL) &&
+		(rsa->iqmp != NULL))
+		{ if (!rsa->meth->rsa_mod_exp(ret,f,rsa)) goto err; }
+	else
+		{
+		if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx))
+			goto err;
+		}
+
+	if (rsa->flags & RSA_FLAG_BLINDING)
+		if (!BN_BLINDING_invert(ret,rsa->blinding,ctx)) goto err;
+
+	p=buf;
+	j=BN_bn2bin(ret,p); /* j is only used with no-padding mode */
+
+	switch (padding)
+		{
+	case RSA_PKCS1_PADDING:
+		r=RSA_padding_check_PKCS1_type_2(to,num,buf,j);
+		break;
+	case RSA_SSLV23_PADDING:
+		r=RSA_padding_check_SSLv23(to,num,buf,j);
+		break;
+	case RSA_NO_PADDING:
+		r=RSA_padding_check_none(to,num,buf,j);
+		break;
+	default:
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
+		goto err;
+		}
+	if (r < 0)
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED);
+
+err:
+	if (ctx != NULL) BN_CTX_free(ctx);
+	if (f != NULL) BN_free(f);
+	if (ret != NULL) BN_free(ret);
+	if (buf != NULL)
+		{
+		memset(buf,0,num);
+		Free(buf);
+		}
+	return(r);
+	}
+
+static int RSA_eay_public_decrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+	{
+	BIGNUM *f=NULL,*ret=NULL;
+	int i,num=0,r= -1;
+	unsigned char *p;
+	unsigned char *buf=NULL;
+	BN_CTX *ctx=NULL;
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+
+	num=BN_num_bytes(rsa->n);
+	buf=(unsigned char *)Malloc(num);
+	if (buf == NULL)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	/* This check was for equallity but PGP does evil things
+	 * and chops off the top '0' bytes */
+	if (flen > num)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
+		goto err;
+		}
+
+	/* make data into a big number */
+	if (((ret=BN_new()) == NULL) || ((f=BN_new()) == NULL)) goto err;
+
+	if (BN_bin2bn(from,flen,f) == NULL) goto err;
+	/* do the decrypt */
+	if ((rsa->method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
+		{
+		if ((rsa->method_mod_n=(char *)BN_MONT_CTX_new()) != NULL)
+			if (!BN_MONT_CTX_set((BN_MONT_CTX *)rsa->method_mod_n,
+				rsa->n,ctx)) goto err;
+		}
+
+	if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx,
+		rsa->method_mod_n)) goto err;
+
+	p=buf;
+	i=BN_bn2bin(ret,p);
+
+	switch (padding)
+		{
+	case RSA_PKCS1_PADDING:
+		r=RSA_padding_check_PKCS1_type_1(to,num,buf,i);
+		break;
+	case RSA_NO_PADDING:
+		r=RSA_padding_check_none(to,num,buf,i);
+		break;
+	default:
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
+		goto err;
+		}
+	if (r < 0)
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED);
+
+err:
+	if (ctx != NULL) BN_CTX_free(ctx);
+	if (f != NULL) BN_free(f);
+	if (ret != NULL) BN_free(ret);
+	if (buf != NULL)
+		{
+		memset(buf,0,num);
+		Free(buf);
+		}
+	return(r);
+	}
+
+static int RSA_eay_mod_exp(r0, I, rsa)
+BIGNUM *r0;
+BIGNUM *I;
+RSA *rsa;
+	{
+	BIGNUM *r1=NULL,*m1=NULL;
+	int ret=0;
+	BN_CTX *ctx;
+
+	if ((ctx=BN_CTX_new()) == NULL) goto err;
+	m1=BN_new();
+	r1=BN_new();
+	if ((m1 == NULL) || (r1 == NULL)) goto err;
+
+	if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
+		{
+		if (rsa->method_mod_p == NULL)
+			{
+			if ((rsa->method_mod_p=(char *)
+				BN_MONT_CTX_new()) != NULL)
+				if (!BN_MONT_CTX_set((BN_MONT_CTX *)
+					rsa->method_mod_p,rsa->p,ctx))
+					goto err;
+			}
+		if (rsa->method_mod_q == NULL)
+			{
+			if ((rsa->method_mod_q=(char *)
+				BN_MONT_CTX_new()) != NULL)
+				if (!BN_MONT_CTX_set((BN_MONT_CTX *)
+					rsa->method_mod_q,rsa->q,ctx))
+					goto err;
+			}
+		}
+
+	if (!BN_mod(r1,I,rsa->q,ctx)) goto err;
+	if (!rsa->meth->bn_mod_exp(m1,r1,rsa->dmq1,rsa->q,ctx,
+		rsa->method_mod_q)) goto err;
+
+	if (!BN_mod(r1,I,rsa->p,ctx)) goto err;
+	if (!rsa->meth->bn_mod_exp(r0,r1,rsa->dmp1,rsa->p,ctx,
+		rsa->method_mod_p)) goto err;
+
+	if (!BN_add(r1,r0,rsa->p)) goto err;
+	if (!BN_sub(r0,r1,m1)) goto err;
+
+	if (!BN_mul(r1,r0,rsa->iqmp)) goto err;
+	if (!BN_mod(r0,r1,rsa->p,ctx)) goto err;
+	if (!BN_mul(r1,r0,rsa->q)) goto err;
+	if (!BN_add(r0,r1,m1)) goto err;
+
+	ret=1;
+err:
+	if (m1 != NULL) BN_free(m1);
+	if (r1 != NULL) BN_free(r1);
+	BN_CTX_free(ctx);
+	return(ret);
+	}
+
+static int RSA_eay_init(rsa)
+RSA *rsa;
+	{
+	rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;
+	return(1);
+	}
+
+static int RSA_eay_finish(rsa)
+RSA *rsa;
+	{
+	if (rsa->method_mod_n != NULL)
+		BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_n);
+	if (rsa->method_mod_p != NULL)
+		BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_p);
+	if (rsa->method_mod_q != NULL)
+		BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_q);
+	return(1);
+	}
+
+
diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c
index 04a5ba201f..796b3afd47 100644
--- a/crypto/rsa/rsa_err.c
+++ b/crypto/rsa/rsa_err.c
@@ -60,6 +60,7 @@
 #include "rsa.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA RSA_str_functs[]=
 	{
 {ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0),	"RSA_EAY_PRIVATE_DECRYPT"},
@@ -68,6 +69,14 @@ static ERR_STRING_DATA RSA_str_functs[]=
 {ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0),	"RSA_EAY_PUBLIC_ENCRYPT"},
 {ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0),	"RSA_generate_key"},
 {ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0),	"RSA_new_method"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0),	"RSA_padding_add_none"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0),	"RSA_padding_add_PKCS1_type_1"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,0),	"RSA_padding_add_PKCS1_type_2"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_SSLV23,0),	"RSA_padding_add_SSLv23"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_NONE,0),	"RSA_padding_check_none"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,0),	"RSA_padding_check_PKCS1_type_1"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,0),	"RSA_padding_check_PKCS1_type_2"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_SSLV23,0),	"RSA_padding_check_SSLv23"},
 {ERR_PACK(0,RSA_F_RSA_PRINT,0),	"RSA_print"},
 {ERR_PACK(0,RSA_F_RSA_PRINT_FP,0),	"RSA_print_fp"},
 {ERR_PACK(0,RSA_F_RSA_SIGN,0),	"RSA_sign"},
@@ -84,12 +93,16 @@ static ERR_STRING_DATA RSA_str_reasons[]=
 {RSA_R_BAD_FIXED_HEADER_DECRYPT          ,"bad fixed header decrypt"},
 {RSA_R_BAD_PAD_BYTE_COUNT                ,"bad pad byte count"},
 {RSA_R_BAD_SIGNATURE                     ,"bad signature"},
+{RSA_R_BAD_ZERO_BYTE                     ,"bad zero byte"},
 {RSA_R_BLOCK_TYPE_IS_NOT_01              ,"block type is not 01"},
 {RSA_R_BLOCK_TYPE_IS_NOT_02              ,"block type is not 02"},
 {RSA_R_DATA_GREATER_THAN_MOD_LEN         ,"data greater than mod len"},
+{RSA_R_DATA_TOO_LARGE                    ,"data too large"},
 {RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
+{RSA_R_DATA_TOO_SMALL                    ,"data too small"},
 {RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY        ,"digest too big for rsa key"},
 {RSA_R_NULL_BEFORE_BLOCK_MISSING         ,"null before block missing"},
+{RSA_R_PADDING_CHECK_FAILED              ,"padding check failed"},
 {RSA_R_SSLV3_ROLLBACK_ATTACK             ,"sslv3 rollback attack"},
 {RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
 {RSA_R_UNKNOWN_ALGORITHM_TYPE            ,"unknown algorithm type"},
@@ -98,14 +111,19 @@ static ERR_STRING_DATA RSA_str_reasons[]=
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_RSA_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_RSA,RSA_str_functs);
 		ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons);
+#endif
+
 		}
 	}
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index 0cab3a5d73..aed2351cfb 100644
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -1,5 +1,5 @@
 /* crypto/rsa/rsa_gen.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -62,10 +62,11 @@
 #include "bn.h"
 #include "rsa.h"
 
-RSA *RSA_generate_key(bits, e_value, callback)
+RSA *RSA_generate_key(bits, e_value, callback,cb_arg)
 int bits;
 unsigned long e_value;
-void (*callback)(P_I_I);
+void (*callback)(P_I_I_P);
+char *cb_arg;
 	{
 	RSA *rsa=NULL;
 	BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp;
@@ -95,27 +96,27 @@ void (*callback)(P_I_I);
 	/* generate p and q */
 	for (;;)
 		{
-		rsa->p=BN_generate_prime(bitsp,0,NULL,NULL,callback);
+		rsa->p=BN_generate_prime(bitsp,0,NULL,NULL,callback,cb_arg);
 		if (rsa->p == NULL) goto err;
 		if (!BN_sub(r2,rsa->p,BN_value_one())) goto err;
 		if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
 		if (BN_is_one(r1)) break;
-		if (callback != NULL) callback(2,n++);
+		if (callback != NULL) callback(2,n++,cb_arg);
 		BN_free(rsa->p);
 		}
-	if (callback != NULL) callback(3,0);
+	if (callback != NULL) callback(3,0,cb_arg);
 	for (;;)
 		{
-		rsa->q=BN_generate_prime(bitsq,0,NULL,NULL,callback);
+		rsa->q=BN_generate_prime(bitsq,0,NULL,NULL,callback,cb_arg);
 		if (rsa->q == NULL) goto err;
 		if (!BN_sub(r2,rsa->q,BN_value_one())) goto err;
 		if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
 		if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0))
 			break;
-		if (callback != NULL) callback(2,n++);
+		if (callback != NULL) callback(2,n++,cb_arg);
 		BN_free(rsa->q);
 		}
-	if (callback != NULL) callback(3,1);
+	if (callback != NULL) callback(3,1,cb_arg);
 	if (BN_cmp(rsa->p,rsa->q) < 0)
 		{
 		tmp=rsa->p;
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index c49d0ee0c3..95a56f8a28 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -1,5 +1,5 @@
 /* crypto/rsa/rsa_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -57,13 +57,17 @@
  */
 
 #include <stdio.h>
+#include "crypto.h"
 #include "cryptlib.h"
+#include "lhash.h"
 #include "bn.h"
 #include "rsa.h"
 
-char *RSA_version="RSA part of SSLeay 0.8.1b 29-Jun-1998";
+char *RSA_version="RSA part of SSLeay 0.9.0b 29-Jun-1998";
 
 static RSA_METHOD *default_RSA_meth=NULL;
+static int rsa_meth_num=0;
+static STACK *rsa_meth=NULL;
 
 RSA *RSA_new()
 	{
@@ -112,12 +116,17 @@ RSA_METHOD *meth;
 	ret->dmq1=NULL;
 	ret->iqmp=NULL;
 	ret->references=1;
-	ret->app_data=NULL;
+	ret->method_mod_n=NULL;
+	ret->method_mod_p=NULL;
+	ret->method_mod_q=NULL;
+	ret->blinding=NULL;
+	ret->flags=ret->meth->flags;
 	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
 		{
 		Free(ret);
 		ret=NULL;
 		}
+	CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data);
 	return(ret);
 	}
 
@@ -129,6 +138,9 @@ RSA *r;
 	if (r == NULL) return;
 
 	i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA);
+#ifdef REF_PRINT
+	REF_PRINT("RSA",r);
+#endif
 	if (i > 0) return;
 #ifdef REF_CHECK
 	if (i < 0)
@@ -138,6 +150,8 @@ RSA *r;
 		}
 #endif
 
+	CRYPTO_free_ex_data(rsa_meth,(char *)r,&r->ex_data);
+
 	if (r->meth->finish != NULL)
 		r->meth->finish(r);
 
@@ -149,9 +163,37 @@ RSA *r;
 	if (r->dmp1 != NULL) BN_clear_free(r->dmp1);
 	if (r->dmq1 != NULL) BN_clear_free(r->dmq1);
 	if (r->iqmp != NULL) BN_clear_free(r->iqmp);
+	if (r->blinding != NULL) BN_BLINDING_free(r->blinding);
 	Free(r);
 	}
 
+int RSA_get_ex_new_index(argl,argp,new_func,dup_func,free_func)
+long argl;
+char *argp;
+int (*new_func)();
+int (*dup_func)();
+void (*free_func)();
+        {
+	rsa_meth_num++;
+	return(CRYPTO_get_ex_new_index(rsa_meth_num-1,
+		&rsa_meth,argl,argp,new_func,dup_func,free_func));
+        }
+
+int RSA_set_ex_data(r,idx,arg)
+RSA *r;
+int idx;
+char *arg;
+	{
+	return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
+	}
+
+char *RSA_get_ex_data(r,idx)
+RSA *r;
+int idx;
+	{
+	return(CRYPTO_get_ex_data(&r->ex_data,idx));
+	}
+
 int RSA_size(r)
 RSA *r;
 	{
@@ -198,3 +240,55 @@ int padding;
 	return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
 	}
 
+int RSA_flags(r)
+RSA *r;
+	{
+	return((r == NULL)?0:r->meth->flags);
+	}
+
+void RSA_blinding_off(rsa)
+RSA *rsa;
+	{
+	if (rsa->blinding != NULL)
+		{
+		BN_BLINDING_free(rsa->blinding);
+		rsa->blinding=NULL;
+		}
+	rsa->flags&= ~RSA_FLAG_BLINDING;
+	}
+
+int RSA_blinding_on(rsa,p_ctx)
+RSA *rsa;
+BN_CTX *p_ctx;
+	{
+	BIGNUM *A,*Ai;
+	BN_CTX *ctx;
+	int ret=0;
+
+	if (p_ctx == NULL)
+		{
+		if ((ctx=BN_CTX_new()) == NULL) goto err;
+		}
+	else
+		ctx=p_ctx;
+
+	if (rsa->blinding != NULL)
+		BN_BLINDING_free(rsa->blinding);
+
+	A=ctx->bn[0];
+	ctx->tos++;
+	if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err;
+	if ((Ai=BN_mod_inverse(A,rsa->n,ctx)) == NULL) goto err;
+
+	if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,
+		(char *)rsa->method_mod_n)) goto err;
+	rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n);
+	ctx->tos--;
+	rsa->flags|=RSA_FLAG_BLINDING;
+	BN_free(Ai);
+	ret=1;
+err:
+	if (ctx != p_ctx) BN_CTX_free(ctx);
+	return(ret);
+	}
+
diff --git a/crypto/rsa/rsa_none.c b/crypto/rsa/rsa_none.c
new file mode 100644
index 0000000000..f0dd943657
--- /dev/null
+++ b/crypto/rsa/rsa_none.c
@@ -0,0 +1,109 @@
+/* crypto/rsa/rsa_none.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "rand.h"
+
+int RSA_padding_add_none(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+	{
+	if (flen >= tlen)
+		{
+		RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+		return(0);
+		}
+	
+	*(to++)=0;
+	memcpy(to,from,(unsigned int)flen);
+	return(1);
+	}
+
+int RSA_padding_check_none(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+	{
+	int j;
+
+	from++;
+	if (flen+1 > tlen)
+		{
+		RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_DATA_TOO_LARGE);
+		return(-1);
+		}
+	if (*(from++) != 0)
+		{
+		RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_BAD_ZERO_BYTE);
+		return(-1);
+		}
+
+	/* scan over padding data */
+	j=flen-1; /* one for type and one for the prepended 0. */
+	memset(to,0,tlen-j);
+	to+=(tlen-j);
+	memcpy(to,from,j);
+	return(j);
+	}
+
diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c
new file mode 100644
index 0000000000..2791291b94
--- /dev/null
+++ b/crypto/rsa/rsa_pk1.c
@@ -0,0 +1,233 @@
+/* crypto/rsa/rsa_pk1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "rand.h"
+
+#ifndef NOPROTO
+int RSA_padding_add_PKCS1_type_1();
+int RSA_padding_check_PKCS1_type_1();
+int RSA_padding_add_PKCS1_type_2();
+int RSA_padding_check_PKCS1_type_2();
+int RSA_padding_add_SSLv23();
+int RSA_padding_check_SSLv23();
+int RSA_padding_add_none();
+int RSA_padding_check_none();
+
+#endif
+
+int RSA_padding_add_PKCS1_type_1(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+	{
+	int j;
+	unsigned char *p;
+
+	if (flen > (tlen-11))
+		{
+		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+		return(0);
+		}
+	
+	p=(unsigned char *)to;
+
+	*(p++)=0;
+	*(p++)=1; /* Private Key BT (Block Type) */
+
+	/* padd out with 0xff data */
+	j=tlen-3-flen;
+	memset(p,0xff,j);
+	p+=j;
+	*(p++)='\0';
+	memcpy(p,from,(unsigned int)flen);
+	return(1);
+	}
+
+int RSA_padding_check_PKCS1_type_1(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+	{
+	int i,j;
+	unsigned char *p;
+
+	p=from;
+	if (*(p++) != 01)
+		{
+		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BLOCK_TYPE_IS_NOT_01);
+		return(-1);
+		}
+
+	/* scan over padding data */
+	j=flen-1; /* one for type. */
+	for (i=0; i<j; i++)
+		{
+		if (*p != 0xff) /* should decrypt to 0xff */
+			{
+			if (*p == 0)
+				{ p++; break; }
+			else	{
+				RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_FIXED_HEADER_DECRYPT);
+				return(-1);
+				}
+			}
+		p++;
+		}
+
+	if (i == j)
+		{
+		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_NULL_BEFORE_BLOCK_MISSING);
+		return(-1);
+		}
+
+	if (i < 8)
+		{
+		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_PAD_BYTE_COUNT);
+		return(-1);
+		}
+	i++; /* Skip over the '\0' */
+	j-=i;
+	memcpy(to,p,(unsigned int)j);
+
+	return(j);
+	}
+
+int RSA_padding_add_PKCS1_type_2(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+	{
+	int i,j;
+	unsigned char *p;
+	
+	if (flen > (tlen-11))
+		{
+		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+		return(0);
+		}
+	
+	p=(unsigned char *)to;
+
+	*(p++)=0;
+	*(p++)=2; /* Public Key BT (Block Type) */
+
+	/* pad out with non-zero random data */
+	j=tlen-3-flen;
+
+	RAND_bytes(p,j);
+	for (i=0; i<j; i++)
+		{
+		if (*p == '\0')
+			do	{
+				RAND_bytes(p,1);
+				} while (*p == '\0');
+		p++;
+		}
+
+	*(p++)='\0';
+
+	memcpy(p,from,(unsigned int)flen);
+	return(1);
+	}
+
+int RSA_padding_check_PKCS1_type_2(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+	{
+	int i,j;
+	unsigned char *p;
+
+	p=from;
+	if (*(p++) != 02)
+		{
+		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BLOCK_TYPE_IS_NOT_02);
+		return(-1);
+		}
+
+	/* scan over padding data */
+	j=flen-1; /* one for type. */
+	for (i=0; i<j; i++)
+		if (*(p++) == 0) break;
+
+	if (i == j)
+		{
+		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_NULL_BEFORE_BLOCK_MISSING);
+		return(-1);
+		}
+
+	if (i < 8)
+		{
+		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BAD_PAD_BYTE_COUNT);
+		return(-1);
+		}
+	i++; /* Skip over the '\0' */
+	j-=i;
+	memcpy(to,p,(unsigned int)j);
+
+	return(j);
+	}
+
diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c
index 62c211231a..fb0fae5a43 100644
--- a/crypto/rsa/rsa_saos.c
+++ b/crypto/rsa/rsa_saos.c
@@ -1,5 +1,5 @@
 /* crypto/rsa/rsa_saos.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c
index 7c815ed257..28c5571e74 100644
--- a/crypto/rsa/rsa_sign.c
+++ b/crypto/rsa/rsa_sign.c
@@ -1,5 +1,5 @@
 /* crypto/rsa/rsa_sign.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -170,7 +170,7 @@ RSA *rsa;
 			(sigtype == NID_md2WithRSAEncryption)))
 			{
 			/* ok, we will let it through */
-#ifndef WIN16
+#if !defined(NO_STDIO) && !defined(WIN16)
 			fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
 #endif
 			}
diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c
new file mode 100644
index 0000000000..9bcd4b2c03
--- /dev/null
+++ b/crypto/rsa/rsa_ssl.c
@@ -0,0 +1,153 @@
+/* crypto/rsa/rsa_ssl.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "rand.h"
+
+int RSA_padding_add_SSLv23(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+	{
+	int i,j;
+	unsigned char *p;
+	
+	if (flen > (tlen-11))
+		{
+		RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+		return(0);
+		}
+	
+	p=(unsigned char *)to;
+
+	*(p++)=0;
+	*(p++)=2; /* Public Key BT (Block Type) */
+
+	/* pad out with non-zero random data */
+	j=tlen-3-8-flen;
+
+	RAND_bytes(p,j);
+	for (i=0; i<j; i++)
+		{
+		if (*p == '\0')
+			do	{
+				RAND_bytes(p,1);
+				} while (*p == '\0');
+		p++;
+		}
+
+	memset(p,3,8);
+	p+=8;
+	*(p++)='\0';
+
+	memcpy(p,from,(unsigned int)flen);
+	return(1);
+	}
+
+int RSA_padding_check_SSLv23(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+	{
+	int i,j,k;
+	unsigned char *p;
+
+	p=from;
+	if (flen < 10)
+		{
+		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_SMALL);
+		return(-1);
+		}
+	if (*(p++) != 02)
+		{
+		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_BLOCK_TYPE_IS_NOT_02);
+		return(-1);
+		}
+
+	/* scan over padding data */
+	j=flen-1; /* one for type */
+	for (i=0; i<j; i++)
+		if (*(p++) == 0) break;
+
+	if ((i == j) || (i < 8))
+		{
+		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING);
+		return(-1);
+		}
+	for (k= -8; k<0; k++)
+		{
+		if (p[k] !=  0x03) break;
+		}
+	if (k == 0)
+		{
+		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_SSLV3_ROLLBACK_ATTACK);
+		return(-1);
+		}
+
+	i++; /* Skip over the '\0' */
+	j-=i;
+	memcpy(to,p,(unsigned int)j);
+
+	return(j);
+	}
+
diff --git a/crypto/sha/Makefile.ssl b/crypto/sha/Makefile.ssl
index 3c3a9abd46..eeb545d140 100644
--- a/crypto/sha/Makefile.ssl
+++ b/crypto/sha/Makefile.ssl
@@ -2,16 +2,18 @@
 # SSLeay/crypto/sha/Makefile
 #
 
-DIR=	sha
-TOP=	../..
-CC=	cc
+DIR=    sha
+TOP=    ../..
+CC=     cc
 INCLUDES=
 CFLAG=-g
 INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	makedepend -f Makefile.ssl
-MAKEFILE=	Makefile.ssl
-AR=		ar r
+MAKE=           make -f Makefile.ssl
+MAKEDEPEND=     makedepend -f Makefile.ssl
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+SHA1_ASM_OBJ=
 
 CFLAGS= $(INCLUDES) $(CFLAG)
 
@@ -21,25 +23,46 @@ APPS=
 
 LIB=$(TOP)/libcrypto.a
 LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
-LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o
+LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o $(SHA1_ASM_OBJ)
 
 SRC= $(LIBSRC)
 
 EXHEADER= sha.h
-HEADER=	sha_locl.h $(EXHEADER)
+HEADER= sha_locl.h $(EXHEADER)
 
 ALL=    $(GENERAL) $(SRC) $(HEADER)
 
 top:
 	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
 
-all:	lib
+all:    lib
 
-lib:	$(LIBOBJ)
+lib:    $(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
 	sh $(TOP)/util/ranlib.sh $(LIB)
 	@touch lib
 
+# elf
+asm/sx86-elf.o: asm/sx86unix.cpp
+	$(CPP) -DELF asm/sx86unix.cpp | as -o asm/sx86-elf.o
+
+# solaris
+asm/sx86-sol.o: asm/sx86unix.cpp
+	$(CC) -E -DSOL asm/sx86unix.cpp | sed 's/^#.*//' > asm/sx86-sol.s
+	as -o asm/sx86-sol.o asm/sx86-sol.s
+	rm -f asm/sx86-sol.s
+
+# a.out
+asm/sx86-out.o: asm/sx86unix.cpp
+	$(CPP) -DOUT asm/sx86unix.cpp | as -o asm/sx86-out.o
+
+# bsdi
+asm/sx86bsdi.o: asm/sx86unix.cpp
+	$(CPP) -DBSDI asm/sx86unix.cpp | as -o asm/sx86bsdi.o
+
+asm/sx86unix.cpp:
+	(cd asm; perl sha1-586.pl cpp >sx86unix.cpp)
+
 files:
 	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
@@ -73,7 +96,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
 
 errors:
 
diff --git a/crypto/sha/Makefile.uni b/crypto/sha/Makefile.uni
new file mode 100644
index 0000000000..f3236755b2
--- /dev/null
+++ b/crypto/sha/Makefile.uni
@@ -0,0 +1,122 @@
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+# make x86-elf  - linux-elf etc
+# make x86-out  - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+DIR=    sha
+TOP=    .
+CC=     gcc
+CFLAG=	-O3 -fomit-frame-pointer
+
+CPP=    $(CC) -E
+INCLUDES=
+INSTALLTOP=/usr/local/lib
+MAKE=           make
+MAKEDEPEND=     makedepend
+MAKEFILE=       Makefile.uni
+AR=             ar r
+
+SHA_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+
+TEST1=shatest
+TEST2=sha1test
+APP1=sha
+APP2=sha1
+
+TEST=$(TEST1) $(TEST2)
+APPS=$(APP1) $(APP2)
+
+LIB=libsha.a
+LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
+LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o $(SHA_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= sha.h
+HEADER= sha_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+all:    $(LIB) $(TEST) $(APPS)
+
+$(LIB): $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/ranlib.sh $(LIB)
+
+# elf
+asm/sx86-elf.o: asm/sx86unix.cpp
+	$(CPP) -DELF asm/sx86unix.cpp | as -o asm/sx86-elf.o
+
+# solaris
+asm/sx86-sol.o: asm/sx86unix.cpp
+	$(CC) -E -DSOL asm/sx86unix.cpp | sed 's/^#.*//' > asm/sx86-sol.s
+	as -o asm/sx86-sol.o asm/sx86-sol.s
+	rm -f asm/sx86-sol.s
+
+# a.out
+asm/sx86-out.o: asm/sx86unix.cpp
+	$(CPP) -DOUT asm/sx86unix.cpp | as -o asm/sx86-out.o
+
+# bsdi
+asm/sx86bsdi.o: asm/sx86unix.cpp
+	$(CPP) -DBSDI asm/sx86unix.cpp | as -o asm/sx86bsdi.o
+
+asm/sx86unix.cpp:
+	(cd asm; perl sha1-586.pl cpp >sx86unix.cpp)
+
+test:	$(TEST)
+	./$(TEST1)
+	./$(TEST2)
+
+$(TEST1): $(TEST1).c $(LIB)
+	$(CC) -o $(TEST1) $(CFLAGS) $(TEST1).c $(LIB)
+
+$(TEST2): $(TEST2).c $(LIB)
+	$(CC) -o $(TEST2) $(CFLAGS) $(TEST2).c $(LIB)
+
+$(APP1): $(APP1).c $(LIB)
+	$(CC) -o $(APP1) $(CFLAGS) $(APP1).c $(LIB)
+
+$(APP2): $(APP2).c $(LIB)
+	$(CC) -o $(APP2) $(CFLAGS) $(APP2).c $(LIB)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+cc:
+	$(MAKE) SHA_ASM_OBJ="" CC="cc" CFLAG="-O" all
+
+gcc:
+	$(MAKE) SHA_ASM_OBJ="" CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
+
+x86-elf:
+	$(MAKE) SHA_ASM_OBJ="asm/sx86-elf.o" CFLAG="-DELF -DSHA1_ASM -DL_ENDIAN $(CFLAGS)" all
+
+x86-out:
+	$(MAKE) SHA_ASM_OBJ="asm/sx86-out.o" CFLAG="-DOUT -DSHA1_ASM -DL_ENDIAN $(CFLAGS)" all
+
+x86-solaris:
+	$(MAKE) SHA_ASM_OBJ="asm/sx86-sol.o" CFLAG="-DSOL -DSHA1_ASM -DL_ENDIAN $(CFLAGS)" all
+
+x86-bdsi:
+	$(MAKE) SHA_ASM_OBJ="asm/sx86-bdsi.o" CFLAG="-DBDSI -DSHA1_ASM -DL_ENDIAN $(CFLAGS)" all
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/sha/asm/README b/crypto/sha/asm/README
new file mode 100644
index 0000000000..b7e755765f
--- /dev/null
+++ b/crypto/sha/asm/README
@@ -0,0 +1 @@
+C2.pl works
diff --git a/crypto/sha/asm/s1-win32.asm b/crypto/sha/asm/s1-win32.asm
new file mode 100644
index 0000000000..61335666b9
--- /dev/null
+++ b/crypto/sha/asm/s1-win32.asm
@@ -0,0 +1,1664 @@
+	; Don't even think of reading this code
+	; It was automatically generated by sha1-586.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, BSDI,Win32, or Solaris
+	; eric <eay@cryptsoft.com>
+	; 
+	TITLE	sha1-586.asm
+        .486
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_sha1_block_x86
+
+_sha1_block_x86 PROC NEAR
+	push	esi
+	push	ebp
+	mov	eax,		DWORD PTR 20[esp]
+	mov	esi,		DWORD PTR 16[esp]
+	add	eax,		esi
+	mov	ebp,		DWORD PTR 12[esp]
+	push	ebx
+	sub	eax,		64
+	push	edi
+	mov	ebx,		DWORD PTR 4[ebp]
+	sub	esp,		72
+	mov	edx,		DWORD PTR 12[ebp]
+	mov	edi,		DWORD PTR 16[ebp]
+	mov	ecx,		DWORD PTR 8[ebp]
+	mov	DWORD PTR 68[esp],eax
+	; First we need to setup the X array
+	mov	eax,		DWORD PTR [esi]
+L000start:
+	; First, load the words onto the stack in network byte order
+	bswap	eax
+	mov	DWORD PTR [esp],eax
+	mov	eax,		DWORD PTR 4[esi]
+	bswap	eax
+	mov	DWORD PTR 4[esp],eax
+	mov	eax,		DWORD PTR 8[esi]
+	bswap	eax
+	mov	DWORD PTR 8[esp],eax
+	mov	eax,		DWORD PTR 12[esi]
+	bswap	eax
+	mov	DWORD PTR 12[esp],eax
+	mov	eax,		DWORD PTR 16[esi]
+	bswap	eax
+	mov	DWORD PTR 16[esp],eax
+	mov	eax,		DWORD PTR 20[esi]
+	bswap	eax
+	mov	DWORD PTR 20[esp],eax
+	mov	eax,		DWORD PTR 24[esi]
+	bswap	eax
+	mov	DWORD PTR 24[esp],eax
+	mov	eax,		DWORD PTR 28[esi]
+	bswap	eax
+	mov	DWORD PTR 28[esp],eax
+	mov	eax,		DWORD PTR 32[esi]
+	bswap	eax
+	mov	DWORD PTR 32[esp],eax
+	mov	eax,		DWORD PTR 36[esi]
+	bswap	eax
+	mov	DWORD PTR 36[esp],eax
+	mov	eax,		DWORD PTR 40[esi]
+	bswap	eax
+	mov	DWORD PTR 40[esp],eax
+	mov	eax,		DWORD PTR 44[esi]
+	bswap	eax
+	mov	DWORD PTR 44[esp],eax
+	mov	eax,		DWORD PTR 48[esi]
+	bswap	eax
+	mov	DWORD PTR 48[esp],eax
+	mov	eax,		DWORD PTR 52[esi]
+	bswap	eax
+	mov	DWORD PTR 52[esp],eax
+	mov	eax,		DWORD PTR 56[esi]
+	bswap	eax
+	mov	DWORD PTR 56[esp],eax
+	mov	eax,		DWORD PTR 60[esi]
+	bswap	eax
+	mov	DWORD PTR 60[esp],eax
+	; We now have the X array on the stack
+	; starting at sp-4
+	mov	DWORD PTR 64[esp],esi
+	; 
+	; Start processing
+	mov	eax,		DWORD PTR [ebp]
+	; 00_15 0
+	mov	esi,		ecx
+	mov	ebp,		eax
+	xor	esi,		edx
+	rol	ebp,		5
+	and	esi,		ebx
+	add	ebp,		edi
+	ror	ebx,		1
+	mov	edi,		DWORD PTR [esp]
+	ror	ebx,		1
+	xor	esi,		edx
+	lea	ebp,		DWORD PTR 1518500249[edi*1+ebp]
+	mov	edi,		ebx
+	add	esi,		ebp
+	xor	edi,		ecx
+	mov	ebp,		esi
+	and	edi,		eax
+	rol	ebp,		5
+	add	ebp,		edx
+	mov	edx,		DWORD PTR 4[esp]
+	ror	eax,		1
+	xor	edi,		ecx
+	ror	eax,		1
+	lea	ebp,		DWORD PTR 1518500249[edx*1+ebp]
+	add	edi,		ebp
+	; 00_15 2
+	mov	edx,		eax
+	mov	ebp,		edi
+	xor	edx,		ebx
+	rol	ebp,		5
+	and	edx,		esi
+	add	ebp,		ecx
+	ror	esi,		1
+	mov	ecx,		DWORD PTR 8[esp]
+	ror	esi,		1
+	xor	edx,		ebx
+	lea	ebp,		DWORD PTR 1518500249[ecx*1+ebp]
+	mov	ecx,		esi
+	add	edx,		ebp
+	xor	ecx,		eax
+	mov	ebp,		edx
+	and	ecx,		edi
+	rol	ebp,		5
+	add	ebp,		ebx
+	mov	ebx,		DWORD PTR 12[esp]
+	ror	edi,		1
+	xor	ecx,		eax
+	ror	edi,		1
+	lea	ebp,		DWORD PTR 1518500249[ebx*1+ebp]
+	add	ecx,		ebp
+	; 00_15 4
+	mov	ebx,		edi
+	mov	ebp,		ecx
+	xor	ebx,		esi
+	rol	ebp,		5
+	and	ebx,		edx
+	add	ebp,		eax
+	ror	edx,		1
+	mov	eax,		DWORD PTR 16[esp]
+	ror	edx,		1
+	xor	ebx,		esi
+	lea	ebp,		DWORD PTR 1518500249[eax*1+ebp]
+	mov	eax,		edx
+	add	ebx,		ebp
+	xor	eax,		edi
+	mov	ebp,		ebx
+	and	eax,		ecx
+	rol	ebp,		5
+	add	ebp,		esi
+	mov	esi,		DWORD PTR 20[esp]
+	ror	ecx,		1
+	xor	eax,		edi
+	ror	ecx,		1
+	lea	ebp,		DWORD PTR 1518500249[esi*1+ebp]
+	add	eax,		ebp
+	; 00_15 6
+	mov	esi,		ecx
+	mov	ebp,		eax
+	xor	esi,		edx
+	rol	ebp,		5
+	and	esi,		ebx
+	add	ebp,		edi
+	ror	ebx,		1
+	mov	edi,		DWORD PTR 24[esp]
+	ror	ebx,		1
+	xor	esi,		edx
+	lea	ebp,		DWORD PTR 1518500249[edi*1+ebp]
+	mov	edi,		ebx
+	add	esi,		ebp
+	xor	edi,		ecx
+	mov	ebp,		esi
+	and	edi,		eax
+	rol	ebp,		5
+	add	ebp,		edx
+	mov	edx,		DWORD PTR 28[esp]
+	ror	eax,		1
+	xor	edi,		ecx
+	ror	eax,		1
+	lea	ebp,		DWORD PTR 1518500249[edx*1+ebp]
+	add	edi,		ebp
+	; 00_15 8
+	mov	edx,		eax
+	mov	ebp,		edi
+	xor	edx,		ebx
+	rol	ebp,		5
+	and	edx,		esi
+	add	ebp,		ecx
+	ror	esi,		1
+	mov	ecx,		DWORD PTR 32[esp]
+	ror	esi,		1
+	xor	edx,		ebx
+	lea	ebp,		DWORD PTR 1518500249[ecx*1+ebp]
+	mov	ecx,		esi
+	add	edx,		ebp
+	xor	ecx,		eax
+	mov	ebp,		edx
+	and	ecx,		edi
+	rol	ebp,		5
+	add	ebp,		ebx
+	mov	ebx,		DWORD PTR 36[esp]
+	ror	edi,		1
+	xor	ecx,		eax
+	ror	edi,		1
+	lea	ebp,		DWORD PTR 1518500249[ebx*1+ebp]
+	add	ecx,		ebp
+	; 00_15 10
+	mov	ebx,		edi
+	mov	ebp,		ecx
+	xor	ebx,		esi
+	rol	ebp,		5
+	and	ebx,		edx
+	add	ebp,		eax
+	ror	edx,		1
+	mov	eax,		DWORD PTR 40[esp]
+	ror	edx,		1
+	xor	ebx,		esi
+	lea	ebp,		DWORD PTR 1518500249[eax*1+ebp]
+	mov	eax,		edx
+	add	ebx,		ebp
+	xor	eax,		edi
+	mov	ebp,		ebx
+	and	eax,		ecx
+	rol	ebp,		5
+	add	ebp,		esi
+	mov	esi,		DWORD PTR 44[esp]
+	ror	ecx,		1
+	xor	eax,		edi
+	ror	ecx,		1
+	lea	ebp,		DWORD PTR 1518500249[esi*1+ebp]
+	add	eax,		ebp
+	; 00_15 12
+	mov	esi,		ecx
+	mov	ebp,		eax
+	xor	esi,		edx
+	rol	ebp,		5
+	and	esi,		ebx
+	add	ebp,		edi
+	ror	ebx,		1
+	mov	edi,		DWORD PTR 48[esp]
+	ror	ebx,		1
+	xor	esi,		edx
+	lea	ebp,		DWORD PTR 1518500249[edi*1+ebp]
+	mov	edi,		ebx
+	add	esi,		ebp
+	xor	edi,		ecx
+	mov	ebp,		esi
+	and	edi,		eax
+	rol	ebp,		5
+	add	ebp,		edx
+	mov	edx,		DWORD PTR 52[esp]
+	ror	eax,		1
+	xor	edi,		ecx
+	ror	eax,		1
+	lea	ebp,		DWORD PTR 1518500249[edx*1+ebp]
+	add	edi,		ebp
+	; 00_15 14
+	mov	edx,		eax
+	mov	ebp,		edi
+	xor	edx,		ebx
+	rol	ebp,		5
+	and	edx,		esi
+	add	ebp,		ecx
+	ror	esi,		1
+	mov	ecx,		DWORD PTR 56[esp]
+	ror	esi,		1
+	xor	edx,		ebx
+	lea	ebp,		DWORD PTR 1518500249[ecx*1+ebp]
+	mov	ecx,		esi
+	add	edx,		ebp
+	xor	ecx,		eax
+	mov	ebp,		edx
+	and	ecx,		edi
+	rol	ebp,		5
+	add	ebp,		ebx
+	mov	ebx,		DWORD PTR 60[esp]
+	ror	edi,		1
+	xor	ecx,		eax
+	ror	edi,		1
+	lea	ebp,		DWORD PTR 1518500249[ebx*1+ebp]
+	add	ecx,		ebp
+	; 16_19 16
+	nop
+	mov	ebp,		DWORD PTR [esp]
+	mov	ebx,		DWORD PTR 8[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 32[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 52[esp]
+	xor	ebx,		ebp
+	mov	ebp,		edi
+	rol	ebx,		1
+	xor	ebp,		esi
+	mov	DWORD PTR [esp],ebx
+	and	ebp,		edx
+	lea	ebx,		DWORD PTR 1518500249[eax*1+ebx]
+	xor	ebp,		esi
+	mov	eax,		ecx
+	add	ebx,		ebp
+	rol	eax,		5
+	ror	edx,		1
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 4[esp]
+	mov	ebp,		DWORD PTR 12[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 36[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 56[esp]
+	ror	edx,		1
+	xor	eax,		ebp
+	rol	eax,		1
+	mov	ebp,		edx
+	xor	ebp,		edi
+	mov	DWORD PTR 4[esp],eax
+	and	ebp,		ecx
+	lea	eax,		DWORD PTR 1518500249[esi*1+eax]
+	xor	ebp,		edi
+	mov	esi,		ebx
+	rol	esi,		5
+	ror	ecx,		1
+	add	eax,		esi
+	ror	ecx,		1
+	add	eax,		ebp
+	; 16_19 18
+	mov	ebp,		DWORD PTR 8[esp]
+	mov	esi,		DWORD PTR 16[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 40[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 60[esp]
+	xor	esi,		ebp
+	mov	ebp,		ecx
+	rol	esi,		1
+	xor	ebp,		edx
+	mov	DWORD PTR 8[esp],esi
+	and	ebp,		ebx
+	lea	esi,		DWORD PTR 1518500249[edi*1+esi]
+	xor	ebp,		edx
+	mov	edi,		eax
+	add	esi,		ebp
+	rol	edi,		5
+	ror	ebx,		1
+	add	esi,		edi
+	mov	edi,		DWORD PTR 12[esp]
+	mov	ebp,		DWORD PTR 20[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 44[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR [esp]
+	ror	ebx,		1
+	xor	edi,		ebp
+	rol	edi,		1
+	mov	ebp,		ebx
+	xor	ebp,		ecx
+	mov	DWORD PTR 12[esp],edi
+	and	ebp,		eax
+	lea	edi,		DWORD PTR 1518500249[edx*1+edi]
+	xor	ebp,		ecx
+	mov	edx,		esi
+	rol	edx,		5
+	ror	eax,		1
+	add	edi,		edx
+	ror	eax,		1
+	add	edi,		ebp
+	; 20_39 20
+	mov	edx,		DWORD PTR 16[esp]
+	mov	ebp,		DWORD PTR 24[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 48[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 4[esp]
+	xor	edx,		ebp
+	mov	ebp,		esi
+	rol	edx,		1
+	xor	ebp,		eax
+	mov	DWORD PTR 16[esp],edx
+	xor	ebp,		ebx
+	lea	edx,		DWORD PTR 1859775393[ecx*1+edx]
+	mov	ecx,		edi
+	rol	ecx,		5
+	ror	esi,		1
+	add	ecx,		ebp
+	ror	esi,		1
+	add	edx,		ecx
+	; 20_39 21
+	mov	ecx,		DWORD PTR 20[esp]
+	mov	ebp,		DWORD PTR 28[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 52[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 8[esp]
+	xor	ecx,		ebp
+	mov	ebp,		edi
+	rol	ecx,		1
+	xor	ebp,		esi
+	mov	DWORD PTR 20[esp],ecx
+	xor	ebp,		eax
+	lea	ecx,		DWORD PTR 1859775393[ebx*1+ecx]
+	mov	ebx,		edx
+	rol	ebx,		5
+	ror	edi,		1
+	add	ebx,		ebp
+	ror	edi,		1
+	add	ecx,		ebx
+	; 20_39 22
+	mov	ebx,		DWORD PTR 24[esp]
+	mov	ebp,		DWORD PTR 32[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 56[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 12[esp]
+	xor	ebx,		ebp
+	mov	ebp,		edx
+	rol	ebx,		1
+	xor	ebp,		edi
+	mov	DWORD PTR 24[esp],ebx
+	xor	ebp,		esi
+	lea	ebx,		DWORD PTR 1859775393[eax*1+ebx]
+	mov	eax,		ecx
+	rol	eax,		5
+	ror	edx,		1
+	add	eax,		ebp
+	ror	edx,		1
+	add	ebx,		eax
+	; 20_39 23
+	mov	eax,		DWORD PTR 28[esp]
+	mov	ebp,		DWORD PTR 36[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 60[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 16[esp]
+	xor	eax,		ebp
+	mov	ebp,		ecx
+	rol	eax,		1
+	xor	ebp,		edx
+	mov	DWORD PTR 28[esp],eax
+	xor	ebp,		edi
+	lea	eax,		DWORD PTR 1859775393[esi*1+eax]
+	mov	esi,		ebx
+	rol	esi,		5
+	ror	ecx,		1
+	add	esi,		ebp
+	ror	ecx,		1
+	add	eax,		esi
+	; 20_39 24
+	mov	esi,		DWORD PTR 32[esp]
+	mov	ebp,		DWORD PTR 40[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR [esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 20[esp]
+	xor	esi,		ebp
+	mov	ebp,		ebx
+	rol	esi,		1
+	xor	ebp,		ecx
+	mov	DWORD PTR 32[esp],esi
+	xor	ebp,		edx
+	lea	esi,		DWORD PTR 1859775393[edi*1+esi]
+	mov	edi,		eax
+	rol	edi,		5
+	ror	ebx,		1
+	add	edi,		ebp
+	ror	ebx,		1
+	add	esi,		edi
+	; 20_39 25
+	mov	edi,		DWORD PTR 36[esp]
+	mov	ebp,		DWORD PTR 44[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 4[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	xor	edi,		ebp
+	mov	ebp,		eax
+	rol	edi,		1
+	xor	ebp,		ebx
+	mov	DWORD PTR 36[esp],edi
+	xor	ebp,		ecx
+	lea	edi,		DWORD PTR 1859775393[edx*1+edi]
+	mov	edx,		esi
+	rol	edx,		5
+	ror	eax,		1
+	add	edx,		ebp
+	ror	eax,		1
+	add	edi,		edx
+	; 20_39 26
+	mov	edx,		DWORD PTR 40[esp]
+	mov	ebp,		DWORD PTR 48[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 8[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	xor	edx,		ebp
+	mov	ebp,		esi
+	rol	edx,		1
+	xor	ebp,		eax
+	mov	DWORD PTR 40[esp],edx
+	xor	ebp,		ebx
+	lea	edx,		DWORD PTR 1859775393[ecx*1+edx]
+	mov	ecx,		edi
+	rol	ecx,		5
+	ror	esi,		1
+	add	ecx,		ebp
+	ror	esi,		1
+	add	edx,		ecx
+	; 20_39 27
+	mov	ecx,		DWORD PTR 44[esp]
+	mov	ebp,		DWORD PTR 52[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 12[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 32[esp]
+	xor	ecx,		ebp
+	mov	ebp,		edi
+	rol	ecx,		1
+	xor	ebp,		esi
+	mov	DWORD PTR 44[esp],ecx
+	xor	ebp,		eax
+	lea	ecx,		DWORD PTR 1859775393[ebx*1+ecx]
+	mov	ebx,		edx
+	rol	ebx,		5
+	ror	edi,		1
+	add	ebx,		ebp
+	ror	edi,		1
+	add	ecx,		ebx
+	; 20_39 28
+	mov	ebx,		DWORD PTR 48[esp]
+	mov	ebp,		DWORD PTR 56[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 16[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 36[esp]
+	xor	ebx,		ebp
+	mov	ebp,		edx
+	rol	ebx,		1
+	xor	ebp,		edi
+	mov	DWORD PTR 48[esp],ebx
+	xor	ebp,		esi
+	lea	ebx,		DWORD PTR 1859775393[eax*1+ebx]
+	mov	eax,		ecx
+	rol	eax,		5
+	ror	edx,		1
+	add	eax,		ebp
+	ror	edx,		1
+	add	ebx,		eax
+	; 20_39 29
+	mov	eax,		DWORD PTR 52[esp]
+	mov	ebp,		DWORD PTR 60[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 20[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 40[esp]
+	xor	eax,		ebp
+	mov	ebp,		ecx
+	rol	eax,		1
+	xor	ebp,		edx
+	mov	DWORD PTR 52[esp],eax
+	xor	ebp,		edi
+	lea	eax,		DWORD PTR 1859775393[esi*1+eax]
+	mov	esi,		ebx
+	rol	esi,		5
+	ror	ecx,		1
+	add	esi,		ebp
+	ror	ecx,		1
+	add	eax,		esi
+	; 20_39 30
+	mov	esi,		DWORD PTR 56[esp]
+	mov	ebp,		DWORD PTR [esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 44[esp]
+	xor	esi,		ebp
+	mov	ebp,		ebx
+	rol	esi,		1
+	xor	ebp,		ecx
+	mov	DWORD PTR 56[esp],esi
+	xor	ebp,		edx
+	lea	esi,		DWORD PTR 1859775393[edi*1+esi]
+	mov	edi,		eax
+	rol	edi,		5
+	ror	ebx,		1
+	add	edi,		ebp
+	ror	ebx,		1
+	add	esi,		edi
+	; 20_39 31
+	mov	edi,		DWORD PTR 60[esp]
+	mov	ebp,		DWORD PTR 4[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 48[esp]
+	xor	edi,		ebp
+	mov	ebp,		eax
+	rol	edi,		1
+	xor	ebp,		ebx
+	mov	DWORD PTR 60[esp],edi
+	xor	ebp,		ecx
+	lea	edi,		DWORD PTR 1859775393[edx*1+edi]
+	mov	edx,		esi
+	rol	edx,		5
+	ror	eax,		1
+	add	edx,		ebp
+	ror	eax,		1
+	add	edi,		edx
+	; 20_39 32
+	mov	edx,		DWORD PTR [esp]
+	mov	ebp,		DWORD PTR 8[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 32[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 52[esp]
+	xor	edx,		ebp
+	mov	ebp,		esi
+	rol	edx,		1
+	xor	ebp,		eax
+	mov	DWORD PTR [esp],edx
+	xor	ebp,		ebx
+	lea	edx,		DWORD PTR 1859775393[ecx*1+edx]
+	mov	ecx,		edi
+	rol	ecx,		5
+	ror	esi,		1
+	add	ecx,		ebp
+	ror	esi,		1
+	add	edx,		ecx
+	; 20_39 33
+	mov	ecx,		DWORD PTR 4[esp]
+	mov	ebp,		DWORD PTR 12[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 36[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 56[esp]
+	xor	ecx,		ebp
+	mov	ebp,		edi
+	rol	ecx,		1
+	xor	ebp,		esi
+	mov	DWORD PTR 4[esp],ecx
+	xor	ebp,		eax
+	lea	ecx,		DWORD PTR 1859775393[ebx*1+ecx]
+	mov	ebx,		edx
+	rol	ebx,		5
+	ror	edi,		1
+	add	ebx,		ebp
+	ror	edi,		1
+	add	ecx,		ebx
+	; 20_39 34
+	mov	ebx,		DWORD PTR 8[esp]
+	mov	ebp,		DWORD PTR 16[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 40[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 60[esp]
+	xor	ebx,		ebp
+	mov	ebp,		edx
+	rol	ebx,		1
+	xor	ebp,		edi
+	mov	DWORD PTR 8[esp],ebx
+	xor	ebp,		esi
+	lea	ebx,		DWORD PTR 1859775393[eax*1+ebx]
+	mov	eax,		ecx
+	rol	eax,		5
+	ror	edx,		1
+	add	eax,		ebp
+	ror	edx,		1
+	add	ebx,		eax
+	; 20_39 35
+	mov	eax,		DWORD PTR 12[esp]
+	mov	ebp,		DWORD PTR 20[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 44[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR [esp]
+	xor	eax,		ebp
+	mov	ebp,		ecx
+	rol	eax,		1
+	xor	ebp,		edx
+	mov	DWORD PTR 12[esp],eax
+	xor	ebp,		edi
+	lea	eax,		DWORD PTR 1859775393[esi*1+eax]
+	mov	esi,		ebx
+	rol	esi,		5
+	ror	ecx,		1
+	add	esi,		ebp
+	ror	ecx,		1
+	add	eax,		esi
+	; 20_39 36
+	mov	esi,		DWORD PTR 16[esp]
+	mov	ebp,		DWORD PTR 24[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 48[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 4[esp]
+	xor	esi,		ebp
+	mov	ebp,		ebx
+	rol	esi,		1
+	xor	ebp,		ecx
+	mov	DWORD PTR 16[esp],esi
+	xor	ebp,		edx
+	lea	esi,		DWORD PTR 1859775393[edi*1+esi]
+	mov	edi,		eax
+	rol	edi,		5
+	ror	ebx,		1
+	add	edi,		ebp
+	ror	ebx,		1
+	add	esi,		edi
+	; 20_39 37
+	mov	edi,		DWORD PTR 20[esp]
+	mov	ebp,		DWORD PTR 28[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 52[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 8[esp]
+	xor	edi,		ebp
+	mov	ebp,		eax
+	rol	edi,		1
+	xor	ebp,		ebx
+	mov	DWORD PTR 20[esp],edi
+	xor	ebp,		ecx
+	lea	edi,		DWORD PTR 1859775393[edx*1+edi]
+	mov	edx,		esi
+	rol	edx,		5
+	ror	eax,		1
+	add	edx,		ebp
+	ror	eax,		1
+	add	edi,		edx
+	; 20_39 38
+	mov	edx,		DWORD PTR 24[esp]
+	mov	ebp,		DWORD PTR 32[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 56[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 12[esp]
+	xor	edx,		ebp
+	mov	ebp,		esi
+	rol	edx,		1
+	xor	ebp,		eax
+	mov	DWORD PTR 24[esp],edx
+	xor	ebp,		ebx
+	lea	edx,		DWORD PTR 1859775393[ecx*1+edx]
+	mov	ecx,		edi
+	rol	ecx,		5
+	ror	esi,		1
+	add	ecx,		ebp
+	ror	esi,		1
+	add	edx,		ecx
+	; 20_39 39
+	mov	ecx,		DWORD PTR 28[esp]
+	mov	ebp,		DWORD PTR 36[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 60[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 16[esp]
+	xor	ecx,		ebp
+	mov	ebp,		edi
+	rol	ecx,		1
+	xor	ebp,		esi
+	mov	DWORD PTR 28[esp],ecx
+	xor	ebp,		eax
+	lea	ecx,		DWORD PTR 1859775393[ebx*1+ecx]
+	mov	ebx,		edx
+	rol	ebx,		5
+	ror	edi,		1
+	add	ebx,		ebp
+	ror	edi,		1
+	add	ecx,		ebx
+	; 40_59 40
+	mov	ebx,		DWORD PTR 32[esp]
+	mov	ebp,		DWORD PTR 40[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR [esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 20[esp]
+	xor	ebx,		ebp
+	mov	ebp,		edx
+	rol	ebx,		1
+	or	ebp,		edi
+	mov	DWORD PTR 32[esp],ebx
+	and	ebp,		esi
+	lea	ebx,		DWORD PTR 2400959708[eax*1+ebx]
+	mov	eax,		edx
+	ror	edx,		1
+	and	eax,		edi
+	or	ebp,		eax
+	mov	eax,		ecx
+	rol	eax,		5
+	add	ebp,		eax
+	mov	eax,		DWORD PTR 36[esp]
+	add	ebx,		ebp
+	mov	ebp,		DWORD PTR 44[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 4[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	ror	edx,		1
+	xor	eax,		ebp
+	rol	eax,		1
+	mov	ebp,		ecx
+	mov	DWORD PTR 36[esp],eax
+	or	ebp,		edx
+	lea	eax,		DWORD PTR 2400959708[esi*1+eax]
+	mov	esi,		ecx
+	and	ebp,		edi
+	and	esi,		edx
+	or	ebp,		esi
+	mov	esi,		ebx
+	rol	esi,		5
+	ror	ecx,		1
+	add	ebp,		esi
+	ror	ecx,		1
+	add	eax,		ebp
+	; 40_59 41
+	; 40_59 42
+	mov	esi,		DWORD PTR 40[esp]
+	mov	ebp,		DWORD PTR 48[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 8[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	xor	esi,		ebp
+	mov	ebp,		ebx
+	rol	esi,		1
+	or	ebp,		ecx
+	mov	DWORD PTR 40[esp],esi
+	and	ebp,		edx
+	lea	esi,		DWORD PTR 2400959708[edi*1+esi]
+	mov	edi,		ebx
+	ror	ebx,		1
+	and	edi,		ecx
+	or	ebp,		edi
+	mov	edi,		eax
+	rol	edi,		5
+	add	ebp,		edi
+	mov	edi,		DWORD PTR 44[esp]
+	add	esi,		ebp
+	mov	ebp,		DWORD PTR 52[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 12[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 32[esp]
+	ror	ebx,		1
+	xor	edi,		ebp
+	rol	edi,		1
+	mov	ebp,		eax
+	mov	DWORD PTR 44[esp],edi
+	or	ebp,		ebx
+	lea	edi,		DWORD PTR 2400959708[edx*1+edi]
+	mov	edx,		eax
+	and	ebp,		ecx
+	and	edx,		ebx
+	or	ebp,		edx
+	mov	edx,		esi
+	rol	edx,		5
+	ror	eax,		1
+	add	ebp,		edx
+	ror	eax,		1
+	add	edi,		ebp
+	; 40_59 43
+	; 40_59 44
+	mov	edx,		DWORD PTR 48[esp]
+	mov	ebp,		DWORD PTR 56[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 16[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 36[esp]
+	xor	edx,		ebp
+	mov	ebp,		esi
+	rol	edx,		1
+	or	ebp,		eax
+	mov	DWORD PTR 48[esp],edx
+	and	ebp,		ebx
+	lea	edx,		DWORD PTR 2400959708[ecx*1+edx]
+	mov	ecx,		esi
+	ror	esi,		1
+	and	ecx,		eax
+	or	ebp,		ecx
+	mov	ecx,		edi
+	rol	ecx,		5
+	add	ebp,		ecx
+	mov	ecx,		DWORD PTR 52[esp]
+	add	edx,		ebp
+	mov	ebp,		DWORD PTR 60[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 20[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 40[esp]
+	ror	esi,		1
+	xor	ecx,		ebp
+	rol	ecx,		1
+	mov	ebp,		edi
+	mov	DWORD PTR 52[esp],ecx
+	or	ebp,		esi
+	lea	ecx,		DWORD PTR 2400959708[ebx*1+ecx]
+	mov	ebx,		edi
+	and	ebp,		eax
+	and	ebx,		esi
+	or	ebp,		ebx
+	mov	ebx,		edx
+	rol	ebx,		5
+	ror	edi,		1
+	add	ebp,		ebx
+	ror	edi,		1
+	add	ecx,		ebp
+	; 40_59 45
+	; 40_59 46
+	mov	ebx,		DWORD PTR 56[esp]
+	mov	ebp,		DWORD PTR [esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 44[esp]
+	xor	ebx,		ebp
+	mov	ebp,		edx
+	rol	ebx,		1
+	or	ebp,		edi
+	mov	DWORD PTR 56[esp],ebx
+	and	ebp,		esi
+	lea	ebx,		DWORD PTR 2400959708[eax*1+ebx]
+	mov	eax,		edx
+	ror	edx,		1
+	and	eax,		edi
+	or	ebp,		eax
+	mov	eax,		ecx
+	rol	eax,		5
+	add	ebp,		eax
+	mov	eax,		DWORD PTR 60[esp]
+	add	ebx,		ebp
+	mov	ebp,		DWORD PTR 4[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 48[esp]
+	ror	edx,		1
+	xor	eax,		ebp
+	rol	eax,		1
+	mov	ebp,		ecx
+	mov	DWORD PTR 60[esp],eax
+	or	ebp,		edx
+	lea	eax,		DWORD PTR 2400959708[esi*1+eax]
+	mov	esi,		ecx
+	and	ebp,		edi
+	and	esi,		edx
+	or	ebp,		esi
+	mov	esi,		ebx
+	rol	esi,		5
+	ror	ecx,		1
+	add	ebp,		esi
+	ror	ecx,		1
+	add	eax,		ebp
+	; 40_59 47
+	; 40_59 48
+	mov	esi,		DWORD PTR [esp]
+	mov	ebp,		DWORD PTR 8[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 32[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 52[esp]
+	xor	esi,		ebp
+	mov	ebp,		ebx
+	rol	esi,		1
+	or	ebp,		ecx
+	mov	DWORD PTR [esp],esi
+	and	ebp,		edx
+	lea	esi,		DWORD PTR 2400959708[edi*1+esi]
+	mov	edi,		ebx
+	ror	ebx,		1
+	and	edi,		ecx
+	or	ebp,		edi
+	mov	edi,		eax
+	rol	edi,		5
+	add	ebp,		edi
+	mov	edi,		DWORD PTR 4[esp]
+	add	esi,		ebp
+	mov	ebp,		DWORD PTR 12[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 36[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 56[esp]
+	ror	ebx,		1
+	xor	edi,		ebp
+	rol	edi,		1
+	mov	ebp,		eax
+	mov	DWORD PTR 4[esp],edi
+	or	ebp,		ebx
+	lea	edi,		DWORD PTR 2400959708[edx*1+edi]
+	mov	edx,		eax
+	and	ebp,		ecx
+	and	edx,		ebx
+	or	ebp,		edx
+	mov	edx,		esi
+	rol	edx,		5
+	ror	eax,		1
+	add	ebp,		edx
+	ror	eax,		1
+	add	edi,		ebp
+	; 40_59 49
+	; 40_59 50
+	mov	edx,		DWORD PTR 8[esp]
+	mov	ebp,		DWORD PTR 16[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 40[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 60[esp]
+	xor	edx,		ebp
+	mov	ebp,		esi
+	rol	edx,		1
+	or	ebp,		eax
+	mov	DWORD PTR 8[esp],edx
+	and	ebp,		ebx
+	lea	edx,		DWORD PTR 2400959708[ecx*1+edx]
+	mov	ecx,		esi
+	ror	esi,		1
+	and	ecx,		eax
+	or	ebp,		ecx
+	mov	ecx,		edi
+	rol	ecx,		5
+	add	ebp,		ecx
+	mov	ecx,		DWORD PTR 12[esp]
+	add	edx,		ebp
+	mov	ebp,		DWORD PTR 20[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 44[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR [esp]
+	ror	esi,		1
+	xor	ecx,		ebp
+	rol	ecx,		1
+	mov	ebp,		edi
+	mov	DWORD PTR 12[esp],ecx
+	or	ebp,		esi
+	lea	ecx,		DWORD PTR 2400959708[ebx*1+ecx]
+	mov	ebx,		edi
+	and	ebp,		eax
+	and	ebx,		esi
+	or	ebp,		ebx
+	mov	ebx,		edx
+	rol	ebx,		5
+	ror	edi,		1
+	add	ebp,		ebx
+	ror	edi,		1
+	add	ecx,		ebp
+	; 40_59 51
+	; 40_59 52
+	mov	ebx,		DWORD PTR 16[esp]
+	mov	ebp,		DWORD PTR 24[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 48[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 4[esp]
+	xor	ebx,		ebp
+	mov	ebp,		edx
+	rol	ebx,		1
+	or	ebp,		edi
+	mov	DWORD PTR 16[esp],ebx
+	and	ebp,		esi
+	lea	ebx,		DWORD PTR 2400959708[eax*1+ebx]
+	mov	eax,		edx
+	ror	edx,		1
+	and	eax,		edi
+	or	ebp,		eax
+	mov	eax,		ecx
+	rol	eax,		5
+	add	ebp,		eax
+	mov	eax,		DWORD PTR 20[esp]
+	add	ebx,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 52[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 8[esp]
+	ror	edx,		1
+	xor	eax,		ebp
+	rol	eax,		1
+	mov	ebp,		ecx
+	mov	DWORD PTR 20[esp],eax
+	or	ebp,		edx
+	lea	eax,		DWORD PTR 2400959708[esi*1+eax]
+	mov	esi,		ecx
+	and	ebp,		edi
+	and	esi,		edx
+	or	ebp,		esi
+	mov	esi,		ebx
+	rol	esi,		5
+	ror	ecx,		1
+	add	ebp,		esi
+	ror	ecx,		1
+	add	eax,		ebp
+	; 40_59 53
+	; 40_59 54
+	mov	esi,		DWORD PTR 24[esp]
+	mov	ebp,		DWORD PTR 32[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 56[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 12[esp]
+	xor	esi,		ebp
+	mov	ebp,		ebx
+	rol	esi,		1
+	or	ebp,		ecx
+	mov	DWORD PTR 24[esp],esi
+	and	ebp,		edx
+	lea	esi,		DWORD PTR 2400959708[edi*1+esi]
+	mov	edi,		ebx
+	ror	ebx,		1
+	and	edi,		ecx
+	or	ebp,		edi
+	mov	edi,		eax
+	rol	edi,		5
+	add	ebp,		edi
+	mov	edi,		DWORD PTR 28[esp]
+	add	esi,		ebp
+	mov	ebp,		DWORD PTR 36[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 60[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 16[esp]
+	ror	ebx,		1
+	xor	edi,		ebp
+	rol	edi,		1
+	mov	ebp,		eax
+	mov	DWORD PTR 28[esp],edi
+	or	ebp,		ebx
+	lea	edi,		DWORD PTR 2400959708[edx*1+edi]
+	mov	edx,		eax
+	and	ebp,		ecx
+	and	edx,		ebx
+	or	ebp,		edx
+	mov	edx,		esi
+	rol	edx,		5
+	ror	eax,		1
+	add	ebp,		edx
+	ror	eax,		1
+	add	edi,		ebp
+	; 40_59 55
+	; 40_59 56
+	mov	edx,		DWORD PTR 32[esp]
+	mov	ebp,		DWORD PTR 40[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR [esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 20[esp]
+	xor	edx,		ebp
+	mov	ebp,		esi
+	rol	edx,		1
+	or	ebp,		eax
+	mov	DWORD PTR 32[esp],edx
+	and	ebp,		ebx
+	lea	edx,		DWORD PTR 2400959708[ecx*1+edx]
+	mov	ecx,		esi
+	ror	esi,		1
+	and	ecx,		eax
+	or	ebp,		ecx
+	mov	ecx,		edi
+	rol	ecx,		5
+	add	ebp,		ecx
+	mov	ecx,		DWORD PTR 36[esp]
+	add	edx,		ebp
+	mov	ebp,		DWORD PTR 44[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 4[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	ror	esi,		1
+	xor	ecx,		ebp
+	rol	ecx,		1
+	mov	ebp,		edi
+	mov	DWORD PTR 36[esp],ecx
+	or	ebp,		esi
+	lea	ecx,		DWORD PTR 2400959708[ebx*1+ecx]
+	mov	ebx,		edi
+	and	ebp,		eax
+	and	ebx,		esi
+	or	ebp,		ebx
+	mov	ebx,		edx
+	rol	ebx,		5
+	ror	edi,		1
+	add	ebp,		ebx
+	ror	edi,		1
+	add	ecx,		ebp
+	; 40_59 57
+	; 40_59 58
+	mov	ebx,		DWORD PTR 40[esp]
+	mov	ebp,		DWORD PTR 48[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 8[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	xor	ebx,		ebp
+	mov	ebp,		edx
+	rol	ebx,		1
+	or	ebp,		edi
+	mov	DWORD PTR 40[esp],ebx
+	and	ebp,		esi
+	lea	ebx,		DWORD PTR 2400959708[eax*1+ebx]
+	mov	eax,		edx
+	ror	edx,		1
+	and	eax,		edi
+	or	ebp,		eax
+	mov	eax,		ecx
+	rol	eax,		5
+	add	ebp,		eax
+	mov	eax,		DWORD PTR 44[esp]
+	add	ebx,		ebp
+	mov	ebp,		DWORD PTR 52[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 12[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 32[esp]
+	ror	edx,		1
+	xor	eax,		ebp
+	rol	eax,		1
+	mov	ebp,		ecx
+	mov	DWORD PTR 44[esp],eax
+	or	ebp,		edx
+	lea	eax,		DWORD PTR 2400959708[esi*1+eax]
+	mov	esi,		ecx
+	and	ebp,		edi
+	and	esi,		edx
+	or	ebp,		esi
+	mov	esi,		ebx
+	rol	esi,		5
+	ror	ecx,		1
+	add	ebp,		esi
+	ror	ecx,		1
+	add	eax,		ebp
+	; 40_59 59
+	; 20_39 60
+	mov	esi,		DWORD PTR 48[esp]
+	mov	ebp,		DWORD PTR 56[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 16[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 36[esp]
+	xor	esi,		ebp
+	mov	ebp,		ebx
+	rol	esi,		1
+	xor	ebp,		ecx
+	mov	DWORD PTR 48[esp],esi
+	xor	ebp,		edx
+	lea	esi,		DWORD PTR 3395469782[edi*1+esi]
+	mov	edi,		eax
+	rol	edi,		5
+	ror	ebx,		1
+	add	edi,		ebp
+	ror	ebx,		1
+	add	esi,		edi
+	; 20_39 61
+	mov	edi,		DWORD PTR 52[esp]
+	mov	ebp,		DWORD PTR 60[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 20[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 40[esp]
+	xor	edi,		ebp
+	mov	ebp,		eax
+	rol	edi,		1
+	xor	ebp,		ebx
+	mov	DWORD PTR 52[esp],edi
+	xor	ebp,		ecx
+	lea	edi,		DWORD PTR 3395469782[edx*1+edi]
+	mov	edx,		esi
+	rol	edx,		5
+	ror	eax,		1
+	add	edx,		ebp
+	ror	eax,		1
+	add	edi,		edx
+	; 20_39 62
+	mov	edx,		DWORD PTR 56[esp]
+	mov	ebp,		DWORD PTR [esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 44[esp]
+	xor	edx,		ebp
+	mov	ebp,		esi
+	rol	edx,		1
+	xor	ebp,		eax
+	mov	DWORD PTR 56[esp],edx
+	xor	ebp,		ebx
+	lea	edx,		DWORD PTR 3395469782[ecx*1+edx]
+	mov	ecx,		edi
+	rol	ecx,		5
+	ror	esi,		1
+	add	ecx,		ebp
+	ror	esi,		1
+	add	edx,		ecx
+	; 20_39 63
+	mov	ecx,		DWORD PTR 60[esp]
+	mov	ebp,		DWORD PTR 4[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 48[esp]
+	xor	ecx,		ebp
+	mov	ebp,		edi
+	rol	ecx,		1
+	xor	ebp,		esi
+	mov	DWORD PTR 60[esp],ecx
+	xor	ebp,		eax
+	lea	ecx,		DWORD PTR 3395469782[ebx*1+ecx]
+	mov	ebx,		edx
+	rol	ebx,		5
+	ror	edi,		1
+	add	ebx,		ebp
+	ror	edi,		1
+	add	ecx,		ebx
+	; 20_39 64
+	mov	ebx,		DWORD PTR [esp]
+	mov	ebp,		DWORD PTR 8[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 32[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 52[esp]
+	xor	ebx,		ebp
+	mov	ebp,		edx
+	rol	ebx,		1
+	xor	ebp,		edi
+	mov	DWORD PTR [esp],ebx
+	xor	ebp,		esi
+	lea	ebx,		DWORD PTR 3395469782[eax*1+ebx]
+	mov	eax,		ecx
+	rol	eax,		5
+	ror	edx,		1
+	add	eax,		ebp
+	ror	edx,		1
+	add	ebx,		eax
+	; 20_39 65
+	mov	eax,		DWORD PTR 4[esp]
+	mov	ebp,		DWORD PTR 12[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 36[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 56[esp]
+	xor	eax,		ebp
+	mov	ebp,		ecx
+	rol	eax,		1
+	xor	ebp,		edx
+	mov	DWORD PTR 4[esp],eax
+	xor	ebp,		edi
+	lea	eax,		DWORD PTR 3395469782[esi*1+eax]
+	mov	esi,		ebx
+	rol	esi,		5
+	ror	ecx,		1
+	add	esi,		ebp
+	ror	ecx,		1
+	add	eax,		esi
+	; 20_39 66
+	mov	esi,		DWORD PTR 8[esp]
+	mov	ebp,		DWORD PTR 16[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 40[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 60[esp]
+	xor	esi,		ebp
+	mov	ebp,		ebx
+	rol	esi,		1
+	xor	ebp,		ecx
+	mov	DWORD PTR 8[esp],esi
+	xor	ebp,		edx
+	lea	esi,		DWORD PTR 3395469782[edi*1+esi]
+	mov	edi,		eax
+	rol	edi,		5
+	ror	ebx,		1
+	add	edi,		ebp
+	ror	ebx,		1
+	add	esi,		edi
+	; 20_39 67
+	mov	edi,		DWORD PTR 12[esp]
+	mov	ebp,		DWORD PTR 20[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 44[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR [esp]
+	xor	edi,		ebp
+	mov	ebp,		eax
+	rol	edi,		1
+	xor	ebp,		ebx
+	mov	DWORD PTR 12[esp],edi
+	xor	ebp,		ecx
+	lea	edi,		DWORD PTR 3395469782[edx*1+edi]
+	mov	edx,		esi
+	rol	edx,		5
+	ror	eax,		1
+	add	edx,		ebp
+	ror	eax,		1
+	add	edi,		edx
+	; 20_39 68
+	mov	edx,		DWORD PTR 16[esp]
+	mov	ebp,		DWORD PTR 24[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 48[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 4[esp]
+	xor	edx,		ebp
+	mov	ebp,		esi
+	rol	edx,		1
+	xor	ebp,		eax
+	mov	DWORD PTR 16[esp],edx
+	xor	ebp,		ebx
+	lea	edx,		DWORD PTR 3395469782[ecx*1+edx]
+	mov	ecx,		edi
+	rol	ecx,		5
+	ror	esi,		1
+	add	ecx,		ebp
+	ror	esi,		1
+	add	edx,		ecx
+	; 20_39 69
+	mov	ecx,		DWORD PTR 20[esp]
+	mov	ebp,		DWORD PTR 28[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 52[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 8[esp]
+	xor	ecx,		ebp
+	mov	ebp,		edi
+	rol	ecx,		1
+	xor	ebp,		esi
+	mov	DWORD PTR 20[esp],ecx
+	xor	ebp,		eax
+	lea	ecx,		DWORD PTR 3395469782[ebx*1+ecx]
+	mov	ebx,		edx
+	rol	ebx,		5
+	ror	edi,		1
+	add	ebx,		ebp
+	ror	edi,		1
+	add	ecx,		ebx
+	; 20_39 70
+	mov	ebx,		DWORD PTR 24[esp]
+	mov	ebp,		DWORD PTR 32[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 56[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 12[esp]
+	xor	ebx,		ebp
+	mov	ebp,		edx
+	rol	ebx,		1
+	xor	ebp,		edi
+	mov	DWORD PTR 24[esp],ebx
+	xor	ebp,		esi
+	lea	ebx,		DWORD PTR 3395469782[eax*1+ebx]
+	mov	eax,		ecx
+	rol	eax,		5
+	ror	edx,		1
+	add	eax,		ebp
+	ror	edx,		1
+	add	ebx,		eax
+	; 20_39 71
+	mov	eax,		DWORD PTR 28[esp]
+	mov	ebp,		DWORD PTR 36[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 60[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 16[esp]
+	xor	eax,		ebp
+	mov	ebp,		ecx
+	rol	eax,		1
+	xor	ebp,		edx
+	mov	DWORD PTR 28[esp],eax
+	xor	ebp,		edi
+	lea	eax,		DWORD PTR 3395469782[esi*1+eax]
+	mov	esi,		ebx
+	rol	esi,		5
+	ror	ecx,		1
+	add	esi,		ebp
+	ror	ecx,		1
+	add	eax,		esi
+	; 20_39 72
+	mov	esi,		DWORD PTR 32[esp]
+	mov	ebp,		DWORD PTR 40[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR [esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 20[esp]
+	xor	esi,		ebp
+	mov	ebp,		ebx
+	rol	esi,		1
+	xor	ebp,		ecx
+	mov	DWORD PTR 32[esp],esi
+	xor	ebp,		edx
+	lea	esi,		DWORD PTR 3395469782[edi*1+esi]
+	mov	edi,		eax
+	rol	edi,		5
+	ror	ebx,		1
+	add	edi,		ebp
+	ror	ebx,		1
+	add	esi,		edi
+	; 20_39 73
+	mov	edi,		DWORD PTR 36[esp]
+	mov	ebp,		DWORD PTR 44[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 4[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	xor	edi,		ebp
+	mov	ebp,		eax
+	rol	edi,		1
+	xor	ebp,		ebx
+	mov	DWORD PTR 36[esp],edi
+	xor	ebp,		ecx
+	lea	edi,		DWORD PTR 3395469782[edx*1+edi]
+	mov	edx,		esi
+	rol	edx,		5
+	ror	eax,		1
+	add	edx,		ebp
+	ror	eax,		1
+	add	edi,		edx
+	; 20_39 74
+	mov	edx,		DWORD PTR 40[esp]
+	mov	ebp,		DWORD PTR 48[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 8[esp]
+	xor	edx,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	xor	edx,		ebp
+	mov	ebp,		esi
+	rol	edx,		1
+	xor	ebp,		eax
+	mov	DWORD PTR 40[esp],edx
+	xor	ebp,		ebx
+	lea	edx,		DWORD PTR 3395469782[ecx*1+edx]
+	mov	ecx,		edi
+	rol	ecx,		5
+	ror	esi,		1
+	add	ecx,		ebp
+	ror	esi,		1
+	add	edx,		ecx
+	; 20_39 75
+	mov	ecx,		DWORD PTR 44[esp]
+	mov	ebp,		DWORD PTR 52[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 12[esp]
+	xor	ecx,		ebp
+	mov	ebp,		DWORD PTR 32[esp]
+	xor	ecx,		ebp
+	mov	ebp,		edi
+	rol	ecx,		1
+	xor	ebp,		esi
+	mov	DWORD PTR 44[esp],ecx
+	xor	ebp,		eax
+	lea	ecx,		DWORD PTR 3395469782[ebx*1+ecx]
+	mov	ebx,		edx
+	rol	ebx,		5
+	ror	edi,		1
+	add	ebx,		ebp
+	ror	edi,		1
+	add	ecx,		ebx
+	; 20_39 76
+	mov	ebx,		DWORD PTR 48[esp]
+	mov	ebp,		DWORD PTR 56[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 16[esp]
+	xor	ebx,		ebp
+	mov	ebp,		DWORD PTR 36[esp]
+	xor	ebx,		ebp
+	mov	ebp,		edx
+	rol	ebx,		1
+	xor	ebp,		edi
+	mov	DWORD PTR 48[esp],ebx
+	xor	ebp,		esi
+	lea	ebx,		DWORD PTR 3395469782[eax*1+ebx]
+	mov	eax,		ecx
+	rol	eax,		5
+	ror	edx,		1
+	add	eax,		ebp
+	ror	edx,		1
+	add	ebx,		eax
+	; 20_39 77
+	mov	eax,		DWORD PTR 52[esp]
+	mov	ebp,		DWORD PTR 60[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 20[esp]
+	xor	eax,		ebp
+	mov	ebp,		DWORD PTR 40[esp]
+	xor	eax,		ebp
+	mov	ebp,		ecx
+	rol	eax,		1
+	xor	ebp,		edx
+	mov	DWORD PTR 52[esp],eax
+	xor	ebp,		edi
+	lea	eax,		DWORD PTR 3395469782[esi*1+eax]
+	mov	esi,		ebx
+	rol	esi,		5
+	ror	ecx,		1
+	add	esi,		ebp
+	ror	ecx,		1
+	add	eax,		esi
+	; 20_39 78
+	mov	esi,		DWORD PTR 56[esp]
+	mov	ebp,		DWORD PTR [esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 44[esp]
+	xor	esi,		ebp
+	mov	ebp,		ebx
+	rol	esi,		1
+	xor	ebp,		ecx
+	mov	DWORD PTR 56[esp],esi
+	xor	ebp,		edx
+	lea	esi,		DWORD PTR 3395469782[edi*1+esi]
+	mov	edi,		eax
+	rol	edi,		5
+	ror	ebx,		1
+	add	edi,		ebp
+	ror	ebx,		1
+	add	esi,		edi
+	; 20_39 79
+	mov	edi,		DWORD PTR 60[esp]
+	mov	ebp,		DWORD PTR 4[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 48[esp]
+	xor	edi,		ebp
+	mov	ebp,		eax
+	rol	edi,		1
+	xor	ebp,		ebx
+	mov	DWORD PTR 60[esp],edi
+	xor	ebp,		ecx
+	lea	edi,		DWORD PTR 3395469782[edx*1+edi]
+	mov	edx,		esi
+	rol	edx,		5
+	add	edx,		ebp
+	mov	ebp,		DWORD PTR 92[esp]
+	ror	eax,		1
+	add	edi,		edx
+	ror	eax,		1
+	; End processing
+	; 
+	mov	edx,		DWORD PTR 12[ebp]
+	add	edx,		ebx
+	mov	ebx,		DWORD PTR 4[ebp]
+	add	ebx,		esi
+	mov	esi,		eax
+	mov	eax,		DWORD PTR [ebp]
+	mov	DWORD PTR 12[ebp],edx
+	add	eax,		edi
+	mov	edi,		DWORD PTR 16[ebp]
+	add	edi,		ecx
+	mov	ecx,		DWORD PTR 8[ebp]
+	add	ecx,		esi
+	mov	DWORD PTR [ebp],eax
+	mov	esi,		DWORD PTR 64[esp]
+	mov	DWORD PTR 8[ebp],ecx
+	add	esi,		64
+	mov	eax,		DWORD PTR 68[esp]
+	mov	DWORD PTR 16[ebp],edi
+	cmp	eax,		esi
+	mov	DWORD PTR 4[ebp],ebx
+	jl	$L001end
+	mov	eax,		DWORD PTR [esi]
+	jmp	L000start
+$L001end:
+	add	esp,		72
+	pop	edi
+	pop	ebx
+	pop	ebp
+	pop	esi
+	ret
+_sha1_block_x86 ENDP
+_TEXT	ENDS
+END
diff --git a/crypto/sha/asm/sha1-586.pl b/crypto/sha/asm/sha1-586.pl
new file mode 100644
index 0000000000..38bb27532d
--- /dev/null
+++ b/crypto/sha/asm/sha1-586.pl
@@ -0,0 +1,491 @@
+#!/usr/local/bin/perl
+
+$normal=0;
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"sha1-586.pl");
+
+$A="eax";
+$B="ebx";
+$C="ecx";
+$D="edx";
+$E="edi";
+$T="esi";
+$tmp1="ebp";
+
+$off=9*4;
+
+@K=(0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6);
+
+&sha1_block("sha1_block_x86");
+
+&asm_finish();
+
+sub Nn
+	{
+	local($p)=@_;
+	local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E);
+	return($n{$p});
+	}
+
+sub Np
+	{
+	local($p)=@_;
+	local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E);
+	local(%n)=($A,$B,$B,$C,$C,$D,$D,$E,$E,$T,$T,$A);
+	return($n{$p});
+	}
+
+sub Na
+	{
+	local($n)=@_;
+	return( (($n   )&0x0f),
+		(($n+ 2)&0x0f),
+		(($n+ 8)&0x0f),
+		(($n+13)&0x0f),
+		(($n+ 1)&0x0f));
+	}
+
+sub X_expand
+	{
+	local($in)=@_;
+
+	&comment("First, load the words onto the stack in network byte order");
+	for ($i=0; $i<16; $i++)
+		{
+		&mov("eax",&DWP(($i+0)*4,$in,"",0)) unless $i == 0;
+		&bswap("eax");
+		&mov(&swtmp($i+0),"eax");
+		}
+
+	&comment("We now have the X array on the stack");
+	&comment("starting at sp-4");
+	}
+
+# Rules of engagement
+# F is always trashable at the start, the running total.
+# E becomes the next F so it can be trashed after it has been 'accumulated'
+# F becomes A in the next round.  We don't need to access it much.
+# During the X update part, the result ends up in $X[$n0].
+
+sub BODY_00_15
+	{
+	local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
+
+return if $n & 1;
+	&comment("00_15 $n");
+
+	 &mov($f,$c);
+
+	&mov($tmp1,$a);
+	 &xor($f,$d);			# F2
+
+	&rotl($tmp1,5);			# A2
+
+	&and($f,$b);			# F3
+	 &add($tmp1,$e);
+
+	&rotr($b,1);			# B1	<- F
+	 &mov($e,&swtmp($n));		# G1
+
+	&rotr($b,1);			# B1	<- F
+	 &xor($f,$d);			# F4
+
+	&lea($tmp1,&DWP($K,$tmp1,$e,1));
+
+############################
+#	&BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
+#	&BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
+$n++;
+	local($n0,$n1,$n2,$n3,$np)=&Na($n);
+	($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
+
+	 &mov($f,$c);
+
+	&add($a,$tmp1);		# MOVED DOWN
+	 &xor($f,$d);			# F2
+
+	&mov($tmp1,$a);
+	 &and($f,$b);			# F3
+
+	&rotl($tmp1,5);			# A2
+
+	&add($tmp1,$e);
+	 &mov($e,&swtmp($n));		# G1
+
+	&rotr($b,1);			# B1	<- F
+	 &xor($f,$d);			# F4
+
+	&rotr($b,1);			# B1	<- F
+	 &lea($tmp1,&DWP($K,$tmp1,$e,1));
+
+	&add($f,$tmp1);
+	}
+
+sub BODY_16_19
+	{
+	local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
+	local($n0,$n1,$n2,$n3,$np)=&Na($n);
+
+return if $n & 1;
+	&comment("16_19 $n");
+
+ &nop() if ($pos < 0);
+&mov($tmp1,&swtmp($n0));			# X1
+ &mov($f,&swtmp($n1));			# X2
+&xor($f,$tmp1);				# X3
+ &mov($tmp1,&swtmp($n2));		# X4
+&xor($f,$tmp1);				# X5
+ &mov($tmp1,&swtmp($n3));		# X6
+&xor($f,$tmp1);				# X7 - slot
+ &mov($tmp1,$c);			# F1
+&rotl($f,1);				# X8 - slot
+ &xor($tmp1,$d);			# F2
+&mov(&swtmp($n0),$f);			# X9 - anytime
+ &and($tmp1,$b);			# F3
+&lea($f,&DWP($K,$f,$e,1));		# tot=X+K+e
+ &xor($tmp1,$d);				# F4
+&mov($e,$a);				# A1
+ &add($f,$tmp1);			# tot+=F();
+
+&rotl($e,5);				# A2
+
+&rotr($b,1);				# B1	<- F
+ &add($f,$e);				# tot+=a
+
+############################
+#	&BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
+#	&BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
+$n++;
+	local($n0,$n1,$n2,$n3,$np)=&Na($n);
+	($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
+
+
+&mov($f,&swtmp($n0));			# X1
+ &mov($tmp1,&swtmp($n1));		# X2
+&xor($f,$tmp1);				# X3
+ &mov($tmp1,&swtmp($n2));		# X4
+&xor($f,$tmp1);				# X5
+ &mov($tmp1,&swtmp($n3));		# X6
+&rotr($c,1); #&rotr($b,1);		# B1	<- F # MOVED DOWN
+ &xor($f,$tmp1);				# X7 - slot
+&rotl($f,1);				# X8 - slot
+ &mov($tmp1,$c);			# F1
+&xor($tmp1,$d);			# F2
+ &mov(&swtmp($n0),$f);			# X9 - anytime
+&and($tmp1,$b);			# F3
+ &lea($f,&DWP($K,$f,$e,1));		# tot=X+K+e
+
+&xor($tmp1,$d);				# F4
+ &mov($e,$a);				# A1
+
+&rotl($e,5);				# A2
+
+&rotr($b,1);				# B1	<- F
+ &add($f,$e);				# tot+=a
+
+&rotr($b,1);				# B1	<- F
+ &add($f,$tmp1);			# tot+=F();
+
+	}
+
+sub BODY_20_39
+	{
+	local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
+
+	&comment("20_39 $n");
+	local($n0,$n1,$n2,$n3,$np)=&Na($n);
+
+&mov($f,&swtmp($n0));			# X1
+ &mov($tmp1,&swtmp($n1));		# X2
+&xor($f,$tmp1);				# X3
+ &mov($tmp1,&swtmp($n2));		# X4
+&xor($f,$tmp1);				# X5
+ &mov($tmp1,&swtmp($n3));		# X6
+&xor($f,$tmp1);				# X7 - slot
+ &mov($tmp1,$b);			# F1
+&rotl($f,1);				# X8 - slot
+ &xor($tmp1,$c);			# F2
+&mov(&swtmp($n0),$f);			# X9 - anytime
+ &xor($tmp1,$d);			# F3
+
+&lea($f,&DWP($K,$f,$e,1));		# tot=X+K+e
+ &mov($e,$a);				# A1
+
+&rotl($e,5);				# A2
+
+if ($n != 79) # last loop	
+	{
+	&rotr($b,1);				# B1	<- F
+	 &add($e,$tmp1);			# tmp1=F()+a
+
+	&rotr($b,1);				# B2	<- F
+	 &add($f,$e);				# tot+=tmp1;
+	}
+else
+	{
+	&add($e,$tmp1);				# tmp1=F()+a
+	 &mov($tmp1,&wparam(0));
+
+	&rotr($b,1);				# B1	<- F
+	 &add($f,$e);				# tot+=tmp1;
+
+	&rotr($b,1);				# B2	<- F
+	}
+	}
+
+sub BODY_40_59
+	{
+	local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
+
+	&comment("40_59 $n");
+	return if $n & 1;
+	local($n0,$n1,$n2,$n3,$np)=&Na($n);
+
+&mov($f,&swtmp($n0));			# X1
+ &mov($tmp1,&swtmp($n1));		# X2
+&xor($f,$tmp1);				# X3
+ &mov($tmp1,&swtmp($n2));		# X4
+&xor($f,$tmp1);				# X5
+ &mov($tmp1,&swtmp($n3));		# X6
+&xor($f,$tmp1);				# X7 - slot
+ &mov($tmp1,$b);			# F1
+&rotl($f,1);				# X8 - slot
+ &or($tmp1,$c);				# F2
+&mov(&swtmp($n0),$f);			# X9 - anytime
+ &and($tmp1,$d);			# F3
+
+&lea($f,&DWP($K,$f,$e,1));		# tot=X+K+e
+ &mov($e,$b);				# F4
+
+&rotr($b,1);				# B1	<- F
+ &and($e,$c);				# F5
+
+&or($tmp1,$e);				# F6
+ &mov($e,$a);				# A1
+
+&rotl($e,5);				# A2
+
+&add($tmp1,$e);			# tmp1=F()+a
+
+############################
+#	&BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
+#	&BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
+$n++;
+	local($n0,$n1,$n2,$n3,$np)=&Na($n);
+	($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
+
+ &mov($f,&swtmp($n0));			# X1
+&add($a,$tmp1);				# tot+=tmp1; # moved was add f,tmp1
+ &mov($tmp1,&swtmp($n1));		# X2
+&xor($f,$tmp1);				# X3
+ &mov($tmp1,&swtmp($n2));		# X4
+&xor($f,$tmp1);				# X5
+ &mov($tmp1,&swtmp($n3));		# X6
+&rotr($c,1);				# B2	<- F # moved was rotr b,1
+ &xor($f,$tmp1);			# X7 - slot
+&rotl($f,1);				# X8 - slot
+ &mov($tmp1,$b);			# F1
+&mov(&swtmp($n0),$f);			# X9 - anytime
+ &or($tmp1,$c);				# F2
+&lea($f,&DWP($K,$f,$e,1));		# tot=X+K+e
+ &mov($e,$b);				# F4
+&and($tmp1,$d);				# F3
+ &and($e,$c);				# F5
+
+&or($tmp1,$e);				# F6
+ &mov($e,$a);				# A1
+
+&rotl($e,5);				# A2
+
+&rotr($b,1);				# B1	<- F
+ &add($tmp1,$e);			# tmp1=F()+a
+
+&rotr($b,1);				# B2	<- F
+ &add($f,$tmp1);			# tot+=tmp1;
+	}
+
+sub BODY_60_79
+	{
+	&BODY_20_39(@_);
+	}
+
+sub sha1_block
+	{
+	local($name)=@_;
+
+	&function_begin_B($name,"");
+
+	# parameter 1 is the MD5_CTX structure.
+	# A	0
+	# B	4
+	# C	8
+	# D 	12
+	# E 	16
+
+	&push("esi");
+	 &push("ebp");
+	&mov("eax",	&wparam(2));
+	 &mov("esi",	&wparam(1));
+	&add("eax",	"esi");	# offset to leave on
+	 &mov("ebp",	&wparam(0));
+	&push("ebx");
+	 &sub("eax",	64);
+	&push("edi");
+	 &mov($B,	&DWP( 4,"ebp","",0));
+	&stack_push(18);
+	 &mov($D,	&DWP(12,"ebp","",0));
+	&mov($E,	&DWP(16,"ebp","",0));
+	 &mov($C,	&DWP( 8,"ebp","",0));
+	&mov(&swtmp(17),"eax");
+
+	&comment("First we need to setup the X array");
+	 &mov("eax",&DWP(0,"esi","",0)); # pulled out of X_expand
+
+	&set_label("start") unless $normal;
+
+	&X_expand("esi");
+	 &mov(&swtmp(16),"esi");
+
+	&comment("");
+	&comment("Start processing");
+
+	# odd start
+	&mov($A,	&DWP( 0,"ebp","",0));
+	$X="esp";
+	&BODY_00_15(-2,$K[0],$X, 0,$A,$B,$C,$D,$E,$T);
+	&BODY_00_15( 0,$K[0],$X, 1,$T,$A,$B,$C,$D,$E);
+	&BODY_00_15( 0,$K[0],$X, 2,$E,$T,$A,$B,$C,$D);
+	&BODY_00_15( 0,$K[0],$X, 3,$D,$E,$T,$A,$B,$C);
+	&BODY_00_15( 0,$K[0],$X, 4,$C,$D,$E,$T,$A,$B);
+	&BODY_00_15( 0,$K[0],$X, 5,$B,$C,$D,$E,$T,$A);
+	&BODY_00_15( 0,$K[0],$X, 6,$A,$B,$C,$D,$E,$T);
+	&BODY_00_15( 0,$K[0],$X, 7,$T,$A,$B,$C,$D,$E);
+	&BODY_00_15( 0,$K[0],$X, 8,$E,$T,$A,$B,$C,$D);
+	&BODY_00_15( 0,$K[0],$X, 9,$D,$E,$T,$A,$B,$C);
+	&BODY_00_15( 0,$K[0],$X,10,$C,$D,$E,$T,$A,$B);
+	&BODY_00_15( 0,$K[0],$X,11,$B,$C,$D,$E,$T,$A);
+	&BODY_00_15( 0,$K[0],$X,12,$A,$B,$C,$D,$E,$T);
+	&BODY_00_15( 0,$K[0],$X,13,$T,$A,$B,$C,$D,$E);
+	&BODY_00_15( 0,$K[0],$X,14,$E,$T,$A,$B,$C,$D);
+	&BODY_00_15( 1,$K[0],$X,15,$D,$E,$T,$A,$B,$C);
+	&BODY_16_19(-1,$K[0],$X,16,$C,$D,$E,$T,$A,$B);
+	&BODY_16_19( 0,$K[0],$X,17,$B,$C,$D,$E,$T,$A);
+	&BODY_16_19( 0,$K[0],$X,18,$A,$B,$C,$D,$E,$T);
+	&BODY_16_19( 1,$K[0],$X,19,$T,$A,$B,$C,$D,$E);
+
+	&BODY_20_39(-1,$K[1],$X,20,$E,$T,$A,$B,$C,$D);
+	&BODY_20_39( 0,$K[1],$X,21,$D,$E,$T,$A,$B,$C);
+	&BODY_20_39( 0,$K[1],$X,22,$C,$D,$E,$T,$A,$B);
+	&BODY_20_39( 0,$K[1],$X,23,$B,$C,$D,$E,$T,$A);
+	&BODY_20_39( 0,$K[1],$X,24,$A,$B,$C,$D,$E,$T);
+	&BODY_20_39( 0,$K[1],$X,25,$T,$A,$B,$C,$D,$E);
+	&BODY_20_39( 0,$K[1],$X,26,$E,$T,$A,$B,$C,$D);
+	&BODY_20_39( 0,$K[1],$X,27,$D,$E,$T,$A,$B,$C);
+	&BODY_20_39( 0,$K[1],$X,28,$C,$D,$E,$T,$A,$B);
+	&BODY_20_39( 0,$K[1],$X,29,$B,$C,$D,$E,$T,$A);
+	&BODY_20_39( 0,$K[1],$X,30,$A,$B,$C,$D,$E,$T);
+	&BODY_20_39( 0,$K[1],$X,31,$T,$A,$B,$C,$D,$E);
+	&BODY_20_39( 0,$K[1],$X,32,$E,$T,$A,$B,$C,$D);
+	&BODY_20_39( 0,$K[1],$X,33,$D,$E,$T,$A,$B,$C);
+	&BODY_20_39( 0,$K[1],$X,34,$C,$D,$E,$T,$A,$B);
+	&BODY_20_39( 0,$K[1],$X,35,$B,$C,$D,$E,$T,$A);
+	&BODY_20_39( 0,$K[1],$X,36,$A,$B,$C,$D,$E,$T);
+	&BODY_20_39( 0,$K[1],$X,37,$T,$A,$B,$C,$D,$E);
+	&BODY_20_39( 0,$K[1],$X,38,$E,$T,$A,$B,$C,$D);
+	&BODY_20_39( 1,$K[1],$X,39,$D,$E,$T,$A,$B,$C);
+
+	&BODY_40_59(-1,$K[2],$X,40,$C,$D,$E,$T,$A,$B);
+	&BODY_40_59( 0,$K[2],$X,41,$B,$C,$D,$E,$T,$A);
+	&BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
+	&BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
+	&BODY_40_59( 0,$K[2],$X,44,$E,$T,$A,$B,$C,$D);
+	&BODY_40_59( 0,$K[2],$X,45,$D,$E,$T,$A,$B,$C);
+	&BODY_40_59( 0,$K[2],$X,46,$C,$D,$E,$T,$A,$B);
+	&BODY_40_59( 0,$K[2],$X,47,$B,$C,$D,$E,$T,$A);
+	&BODY_40_59( 0,$K[2],$X,48,$A,$B,$C,$D,$E,$T);
+	&BODY_40_59( 0,$K[2],$X,49,$T,$A,$B,$C,$D,$E);
+	&BODY_40_59( 0,$K[2],$X,50,$E,$T,$A,$B,$C,$D);
+	&BODY_40_59( 0,$K[2],$X,51,$D,$E,$T,$A,$B,$C);
+	&BODY_40_59( 0,$K[2],$X,52,$C,$D,$E,$T,$A,$B);
+	&BODY_40_59( 0,$K[2],$X,53,$B,$C,$D,$E,$T,$A);
+	&BODY_40_59( 0,$K[2],$X,54,$A,$B,$C,$D,$E,$T);
+	&BODY_40_59( 0,$K[2],$X,55,$T,$A,$B,$C,$D,$E);
+	&BODY_40_59( 0,$K[2],$X,56,$E,$T,$A,$B,$C,$D);
+	&BODY_40_59( 0,$K[2],$X,57,$D,$E,$T,$A,$B,$C);
+	&BODY_40_59( 0,$K[2],$X,58,$C,$D,$E,$T,$A,$B);
+	&BODY_40_59( 1,$K[2],$X,59,$B,$C,$D,$E,$T,$A);
+
+	&BODY_60_79(-1,$K[3],$X,60,$A,$B,$C,$D,$E,$T);
+	&BODY_60_79( 0,$K[3],$X,61,$T,$A,$B,$C,$D,$E);
+	&BODY_60_79( 0,$K[3],$X,62,$E,$T,$A,$B,$C,$D);
+	&BODY_60_79( 0,$K[3],$X,63,$D,$E,$T,$A,$B,$C);
+	&BODY_60_79( 0,$K[3],$X,64,$C,$D,$E,$T,$A,$B);
+	&BODY_60_79( 0,$K[3],$X,65,$B,$C,$D,$E,$T,$A);
+	&BODY_60_79( 0,$K[3],$X,66,$A,$B,$C,$D,$E,$T);
+	&BODY_60_79( 0,$K[3],$X,67,$T,$A,$B,$C,$D,$E);
+	&BODY_60_79( 0,$K[3],$X,68,$E,$T,$A,$B,$C,$D);
+	&BODY_60_79( 0,$K[3],$X,69,$D,$E,$T,$A,$B,$C);
+	&BODY_60_79( 0,$K[3],$X,70,$C,$D,$E,$T,$A,$B);
+	&BODY_60_79( 0,$K[3],$X,71,$B,$C,$D,$E,$T,$A);
+	&BODY_60_79( 0,$K[3],$X,72,$A,$B,$C,$D,$E,$T);
+	&BODY_60_79( 0,$K[3],$X,73,$T,$A,$B,$C,$D,$E);
+	&BODY_60_79( 0,$K[3],$X,74,$E,$T,$A,$B,$C,$D);
+	&BODY_60_79( 0,$K[3],$X,75,$D,$E,$T,$A,$B,$C);
+	&BODY_60_79( 0,$K[3],$X,76,$C,$D,$E,$T,$A,$B);
+	&BODY_60_79( 0,$K[3],$X,77,$B,$C,$D,$E,$T,$A);
+	&BODY_60_79( 0,$K[3],$X,78,$A,$B,$C,$D,$E,$T);
+	&BODY_60_79( 2,$K[3],$X,79,$T,$A,$B,$C,$D,$E);
+
+	&comment("End processing");
+	&comment("");
+	# D is the tmp value
+
+	# E -> A
+	# T -> B
+	# A -> C
+	# B -> D
+	# C -> E
+	# D -> T
+
+	# The last 2 have been moved into the last loop
+	# &mov($tmp1,&wparam(0));
+
+	 &mov($D,	&DWP(12,$tmp1,"",0));
+	&add($D,$B);
+	 &mov($B,	&DWP( 4,$tmp1,"",0));
+	&add($B,$T);
+	 &mov($T,	$A);
+	&mov($A,	&DWP( 0,$tmp1,"",0));
+	 &mov(&DWP(12,$tmp1,"",0),$D);
+
+	&add($A,$E);
+	 &mov($E,	&DWP(16,$tmp1,"",0));
+	&add($E,$C);
+	 &mov($C,	&DWP( 8,$tmp1,"",0));
+	&add($C,$T);
+
+	 &mov(&DWP( 0,$tmp1,"",0),$A);
+	&mov("esi",&swtmp(16));
+	 &mov(&DWP( 8,$tmp1,"",0),$C);	# This is for looping
+ 	&add("esi",64);
+	 &mov("eax",&swtmp(17));
+	&mov(&DWP(16,$tmp1,"",0),$E);
+	 &cmp("eax","esi");
+	&mov(&DWP( 4,$tmp1,"",0),$B);	# This is for looping
+	 &jl(&label("end"));
+	&mov("eax",&DWP(0,"esi","",0));	# Pulled down from 
+	 &jmp(&label("start"));
+
+	&set_label("end");
+	&stack_pop(18);
+	 &pop("edi");
+	&pop("ebx");
+	 &pop("ebp");
+	&pop("esi");
+	 &ret();
+	&function_end_B($name);
+	}
+
diff --git a/crypto/sha/asm/sx86unix.cpp b/crypto/sha/asm/sx86unix.cpp
new file mode 100644
index 0000000000..8366664a39
--- /dev/null
+++ b/crypto/sha/asm/sx86unix.cpp
@@ -0,0 +1,1948 @@
+/* Run the C pre-processor over this file with one of the following defined
+ * ELF - elf object files,
+ * OUT - a.out object files,
+ * BSDI - BSDI style a.out object files
+ * SOL - Solaris style elf
+ */
+
+#define TYPE(a,b)       .type   a,b
+#define SIZE(a,b)       .size   a,b
+
+#if defined(OUT) || defined(BSDI)
+#define sha1_block_x86 _sha1_block_x86
+
+#endif
+
+#ifdef OUT
+#define OK	1
+#define ALIGN	4
+#endif
+
+#ifdef BSDI
+#define OK              1
+#define ALIGN           4
+#undef SIZE
+#undef TYPE
+#define SIZE(a,b)
+#define TYPE(a,b)
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK              1
+#define ALIGN           16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+/* Let the Assembler begin :-) */
+	/* Don't even think of reading this code */
+	/* It was automatically generated by sha1-586.pl */
+	/* Which is a perl program used to generate the x86 assember for */
+	/* any of elf, a.out, BSDI,Win32, or Solaris */
+	/* eric <eay@cryptsoft.com> */
+
+	.file	"sha1-586.s"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align ALIGN
+.globl sha1_block_x86
+	TYPE(sha1_block_x86,@function)
+sha1_block_x86:
+	pushl	%esi
+	pushl	%ebp
+	movl	20(%esp),	%eax
+	movl	16(%esp),	%esi
+	addl	%esi,		%eax
+	movl	12(%esp),	%ebp
+	pushl	%ebx
+	subl	$64,		%eax
+	pushl	%edi
+	movl	4(%ebp),	%ebx
+	subl	$72,		%esp
+	movl	12(%ebp),	%edx
+	movl	16(%ebp),	%edi
+	movl	8(%ebp),	%ecx
+	movl	%eax,		68(%esp)
+	/* First we need to setup the X array */
+	movl	(%esi),		%eax
+.L000start:
+	/* First, load the words onto the stack in network byte order */
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		(%esp)
+	movl	4(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		4(%esp)
+	movl	8(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		8(%esp)
+	movl	12(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		12(%esp)
+	movl	16(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		16(%esp)
+	movl	20(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		20(%esp)
+	movl	24(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		24(%esp)
+	movl	28(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		28(%esp)
+	movl	32(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		32(%esp)
+	movl	36(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		36(%esp)
+	movl	40(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		40(%esp)
+	movl	44(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		44(%esp)
+	movl	48(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		48(%esp)
+	movl	52(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		52(%esp)
+	movl	56(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		56(%esp)
+	movl	60(%esi),	%eax
+.byte 15
+.byte 200		/* bswapl  %eax */
+	movl	%eax,		60(%esp)
+	/* We now have the X array on the stack */
+	/* starting at sp-4 */
+	movl	%esi,		64(%esp)
+
+	/* Start processing */
+	movl	(%ebp),		%eax
+	/* 00_15 0 */
+	movl	%ecx,		%esi
+	movl	%eax,		%ebp
+	xorl	%edx,		%esi
+	roll	$5,		%ebp
+	andl	%ebx,		%esi
+	addl	%edi,		%ebp
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	movl	(%esp),		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	xorl	%edx,		%esi
+	leal	1518500249(%ebp,%edi,1),%ebp
+	movl	%ebx,		%edi
+	addl	%ebp,		%esi
+	xorl	%ecx,		%edi
+	movl	%esi,		%ebp
+	andl	%eax,		%edi
+	roll	$5,		%ebp
+	addl	%edx,		%ebp
+	movl	4(%esp),	%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	xorl	%ecx,		%edi
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	leal	1518500249(%ebp,%edx,1),%ebp
+	addl	%ebp,		%edi
+	/* 00_15 2 */
+	movl	%eax,		%edx
+	movl	%edi,		%ebp
+	xorl	%ebx,		%edx
+	roll	$5,		%ebp
+	andl	%esi,		%edx
+	addl	%ecx,		%ebp
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	movl	8(%esp),	%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	xorl	%ebx,		%edx
+	leal	1518500249(%ebp,%ecx,1),%ebp
+	movl	%esi,		%ecx
+	addl	%ebp,		%edx
+	xorl	%eax,		%ecx
+	movl	%edx,		%ebp
+	andl	%edi,		%ecx
+	roll	$5,		%ebp
+	addl	%ebx,		%ebp
+	movl	12(%esp),	%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	xorl	%eax,		%ecx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	leal	1518500249(%ebp,%ebx,1),%ebp
+	addl	%ebp,		%ecx
+	/* 00_15 4 */
+	movl	%edi,		%ebx
+	movl	%ecx,		%ebp
+	xorl	%esi,		%ebx
+	roll	$5,		%ebp
+	andl	%edx,		%ebx
+	addl	%eax,		%ebp
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	movl	16(%esp),	%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	xorl	%esi,		%ebx
+	leal	1518500249(%ebp,%eax,1),%ebp
+	movl	%edx,		%eax
+	addl	%ebp,		%ebx
+	xorl	%edi,		%eax
+	movl	%ebx,		%ebp
+	andl	%ecx,		%eax
+	roll	$5,		%ebp
+	addl	%esi,		%ebp
+	movl	20(%esp),	%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	xorl	%edi,		%eax
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	leal	1518500249(%ebp,%esi,1),%ebp
+	addl	%ebp,		%eax
+	/* 00_15 6 */
+	movl	%ecx,		%esi
+	movl	%eax,		%ebp
+	xorl	%edx,		%esi
+	roll	$5,		%ebp
+	andl	%ebx,		%esi
+	addl	%edi,		%ebp
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	movl	24(%esp),	%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	xorl	%edx,		%esi
+	leal	1518500249(%ebp,%edi,1),%ebp
+	movl	%ebx,		%edi
+	addl	%ebp,		%esi
+	xorl	%ecx,		%edi
+	movl	%esi,		%ebp
+	andl	%eax,		%edi
+	roll	$5,		%ebp
+	addl	%edx,		%ebp
+	movl	28(%esp),	%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	xorl	%ecx,		%edi
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	leal	1518500249(%ebp,%edx,1),%ebp
+	addl	%ebp,		%edi
+	/* 00_15 8 */
+	movl	%eax,		%edx
+	movl	%edi,		%ebp
+	xorl	%ebx,		%edx
+	roll	$5,		%ebp
+	andl	%esi,		%edx
+	addl	%ecx,		%ebp
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	movl	32(%esp),	%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	xorl	%ebx,		%edx
+	leal	1518500249(%ebp,%ecx,1),%ebp
+	movl	%esi,		%ecx
+	addl	%ebp,		%edx
+	xorl	%eax,		%ecx
+	movl	%edx,		%ebp
+	andl	%edi,		%ecx
+	roll	$5,		%ebp
+	addl	%ebx,		%ebp
+	movl	36(%esp),	%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	xorl	%eax,		%ecx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	leal	1518500249(%ebp,%ebx,1),%ebp
+	addl	%ebp,		%ecx
+	/* 00_15 10 */
+	movl	%edi,		%ebx
+	movl	%ecx,		%ebp
+	xorl	%esi,		%ebx
+	roll	$5,		%ebp
+	andl	%edx,		%ebx
+	addl	%eax,		%ebp
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	movl	40(%esp),	%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	xorl	%esi,		%ebx
+	leal	1518500249(%ebp,%eax,1),%ebp
+	movl	%edx,		%eax
+	addl	%ebp,		%ebx
+	xorl	%edi,		%eax
+	movl	%ebx,		%ebp
+	andl	%ecx,		%eax
+	roll	$5,		%ebp
+	addl	%esi,		%ebp
+	movl	44(%esp),	%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	xorl	%edi,		%eax
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	leal	1518500249(%ebp,%esi,1),%ebp
+	addl	%ebp,		%eax
+	/* 00_15 12 */
+	movl	%ecx,		%esi
+	movl	%eax,		%ebp
+	xorl	%edx,		%esi
+	roll	$5,		%ebp
+	andl	%ebx,		%esi
+	addl	%edi,		%ebp
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	movl	48(%esp),	%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	xorl	%edx,		%esi
+	leal	1518500249(%ebp,%edi,1),%ebp
+	movl	%ebx,		%edi
+	addl	%ebp,		%esi
+	xorl	%ecx,		%edi
+	movl	%esi,		%ebp
+	andl	%eax,		%edi
+	roll	$5,		%ebp
+	addl	%edx,		%ebp
+	movl	52(%esp),	%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	xorl	%ecx,		%edi
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	leal	1518500249(%ebp,%edx,1),%ebp
+	addl	%ebp,		%edi
+	/* 00_15 14 */
+	movl	%eax,		%edx
+	movl	%edi,		%ebp
+	xorl	%ebx,		%edx
+	roll	$5,		%ebp
+	andl	%esi,		%edx
+	addl	%ecx,		%ebp
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	movl	56(%esp),	%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	xorl	%ebx,		%edx
+	leal	1518500249(%ebp,%ecx,1),%ebp
+	movl	%esi,		%ecx
+	addl	%ebp,		%edx
+	xorl	%eax,		%ecx
+	movl	%edx,		%ebp
+	andl	%edi,		%ecx
+	roll	$5,		%ebp
+	addl	%ebx,		%ebp
+	movl	60(%esp),	%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	xorl	%eax,		%ecx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	leal	1518500249(%ebp,%ebx,1),%ebp
+	addl	%ebp,		%ecx
+	/* 16_19 16 */
+	nop
+	movl	(%esp),		%ebp
+	movl	8(%esp),	%ebx
+	xorl	%ebp,		%ebx
+	movl	32(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	52(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	%edi,		%ebp
+.byte 209
+.byte 195		/* roll $1 %ebx */
+	xorl	%esi,		%ebp
+	movl	%ebx,		(%esp)
+	andl	%edx,		%ebp
+	leal	1518500249(%ebx,%eax,1),%ebx
+	xorl	%esi,		%ebp
+	movl	%ecx,		%eax
+	addl	%ebp,		%ebx
+	roll	$5,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	addl	%eax,		%ebx
+	movl	4(%esp),	%eax
+	movl	12(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	36(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	56(%esp),	%ebp
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	xorl	%ebp,		%eax
+.byte 209
+.byte 192		/* roll $1 %eax */
+	movl	%edx,		%ebp
+	xorl	%edi,		%ebp
+	movl	%eax,		4(%esp)
+	andl	%ecx,		%ebp
+	leal	1518500249(%eax,%esi,1),%eax
+	xorl	%edi,		%ebp
+	movl	%ebx,		%esi
+	roll	$5,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%esi,		%eax
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%ebp,		%eax
+	/* 16_19 18 */
+	movl	8(%esp),	%ebp
+	movl	16(%esp),	%esi
+	xorl	%ebp,		%esi
+	movl	40(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	60(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	%ecx,		%ebp
+.byte 209
+.byte 198		/* roll $1 %esi */
+	xorl	%edx,		%ebp
+	movl	%esi,		8(%esp)
+	andl	%ebx,		%ebp
+	leal	1518500249(%esi,%edi,1),%esi
+	xorl	%edx,		%ebp
+	movl	%eax,		%edi
+	addl	%ebp,		%esi
+	roll	$5,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%edi,		%esi
+	movl	12(%esp),	%edi
+	movl	20(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	44(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	(%esp),		%ebp
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	xorl	%ebp,		%edi
+.byte 209
+.byte 199		/* roll $1 %edi */
+	movl	%ebx,		%ebp
+	xorl	%ecx,		%ebp
+	movl	%edi,		12(%esp)
+	andl	%eax,		%ebp
+	leal	1518500249(%edi,%edx,1),%edi
+	xorl	%ecx,		%ebp
+	movl	%esi,		%edx
+	roll	$5,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%edx,		%edi
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%ebp,		%edi
+	/* 20_39 20 */
+	movl	16(%esp),	%edx
+	movl	24(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	48(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	4(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	%esi,		%ebp
+.byte 209
+.byte 194		/* roll $1 %edx */
+	xorl	%eax,		%ebp
+	movl	%edx,		16(%esp)
+	xorl	%ebx,		%ebp
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	%edi,		%ecx
+	roll	$5,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	addl	%ebp,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	addl	%ecx,		%edx
+	/* 20_39 21 */
+	movl	20(%esp),	%ecx
+	movl	28(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	52(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	8(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	%edi,		%ebp
+.byte 209
+.byte 193		/* roll $1 %ecx */
+	xorl	%esi,		%ebp
+	movl	%ecx,		20(%esp)
+	xorl	%eax,		%ebp
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	%edx,		%ebx
+	roll	$5,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebp,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebx,		%ecx
+	/* 20_39 22 */
+	movl	24(%esp),	%ebx
+	movl	32(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	56(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	12(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	%edx,		%ebp
+.byte 209
+.byte 195		/* roll $1 %ebx */
+	xorl	%edi,		%ebp
+	movl	%ebx,		24(%esp)
+	xorl	%esi,		%ebp
+	leal	1859775393(%ebx,%eax,1),%ebx
+	movl	%ecx,		%eax
+	roll	$5,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	addl	%ebp,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	addl	%eax,		%ebx
+	/* 20_39 23 */
+	movl	28(%esp),	%eax
+	movl	36(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	60(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	16(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	%ecx,		%ebp
+.byte 209
+.byte 192		/* roll $1 %eax */
+	xorl	%edx,		%ebp
+	movl	%eax,		28(%esp)
+	xorl	%edi,		%ebp
+	leal	1859775393(%eax,%esi,1),%eax
+	movl	%ebx,		%esi
+	roll	$5,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%ebp,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%esi,		%eax
+	/* 20_39 24 */
+	movl	32(%esp),	%esi
+	movl	40(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	(%esp),		%ebp
+	xorl	%ebp,		%esi
+	movl	20(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	%ebx,		%ebp
+.byte 209
+.byte 198		/* roll $1 %esi */
+	xorl	%ecx,		%ebp
+	movl	%esi,		32(%esp)
+	xorl	%edx,		%ebp
+	leal	1859775393(%esi,%edi,1),%esi
+	movl	%eax,		%edi
+	roll	$5,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%ebp,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%edi,		%esi
+	/* 20_39 25 */
+	movl	36(%esp),	%edi
+	movl	44(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	4(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	%eax,		%ebp
+.byte 209
+.byte 199		/* roll $1 %edi */
+	xorl	%ebx,		%ebp
+	movl	%edi,		36(%esp)
+	xorl	%ecx,		%ebp
+	leal	1859775393(%edi,%edx,1),%edi
+	movl	%esi,		%edx
+	roll	$5,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%ebp,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%edx,		%edi
+	/* 20_39 26 */
+	movl	40(%esp),	%edx
+	movl	48(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	8(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	28(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	%esi,		%ebp
+.byte 209
+.byte 194		/* roll $1 %edx */
+	xorl	%eax,		%ebp
+	movl	%edx,		40(%esp)
+	xorl	%ebx,		%ebp
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	%edi,		%ecx
+	roll	$5,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	addl	%ebp,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	addl	%ecx,		%edx
+	/* 20_39 27 */
+	movl	44(%esp),	%ecx
+	movl	52(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	12(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	32(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	%edi,		%ebp
+.byte 209
+.byte 193		/* roll $1 %ecx */
+	xorl	%esi,		%ebp
+	movl	%ecx,		44(%esp)
+	xorl	%eax,		%ebp
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	%edx,		%ebx
+	roll	$5,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebp,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebx,		%ecx
+	/* 20_39 28 */
+	movl	48(%esp),	%ebx
+	movl	56(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	16(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	36(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	%edx,		%ebp
+.byte 209
+.byte 195		/* roll $1 %ebx */
+	xorl	%edi,		%ebp
+	movl	%ebx,		48(%esp)
+	xorl	%esi,		%ebp
+	leal	1859775393(%ebx,%eax,1),%ebx
+	movl	%ecx,		%eax
+	roll	$5,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	addl	%ebp,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	addl	%eax,		%ebx
+	/* 20_39 29 */
+	movl	52(%esp),	%eax
+	movl	60(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	20(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	40(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	%ecx,		%ebp
+.byte 209
+.byte 192		/* roll $1 %eax */
+	xorl	%edx,		%ebp
+	movl	%eax,		52(%esp)
+	xorl	%edi,		%ebp
+	leal	1859775393(%eax,%esi,1),%eax
+	movl	%ebx,		%esi
+	roll	$5,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%ebp,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%esi,		%eax
+	/* 20_39 30 */
+	movl	56(%esp),	%esi
+	movl	(%esp),		%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	44(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	%ebx,		%ebp
+.byte 209
+.byte 198		/* roll $1 %esi */
+	xorl	%ecx,		%ebp
+	movl	%esi,		56(%esp)
+	xorl	%edx,		%ebp
+	leal	1859775393(%esi,%edi,1),%esi
+	movl	%eax,		%edi
+	roll	$5,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%ebp,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%edi,		%esi
+	/* 20_39 31 */
+	movl	60(%esp),	%edi
+	movl	4(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	28(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	48(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	%eax,		%ebp
+.byte 209
+.byte 199		/* roll $1 %edi */
+	xorl	%ebx,		%ebp
+	movl	%edi,		60(%esp)
+	xorl	%ecx,		%ebp
+	leal	1859775393(%edi,%edx,1),%edi
+	movl	%esi,		%edx
+	roll	$5,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%ebp,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%edx,		%edi
+	/* 20_39 32 */
+	movl	(%esp),		%edx
+	movl	8(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	32(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	52(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	%esi,		%ebp
+.byte 209
+.byte 194		/* roll $1 %edx */
+	xorl	%eax,		%ebp
+	movl	%edx,		(%esp)
+	xorl	%ebx,		%ebp
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	%edi,		%ecx
+	roll	$5,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	addl	%ebp,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	addl	%ecx,		%edx
+	/* 20_39 33 */
+	movl	4(%esp),	%ecx
+	movl	12(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	36(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	56(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	%edi,		%ebp
+.byte 209
+.byte 193		/* roll $1 %ecx */
+	xorl	%esi,		%ebp
+	movl	%ecx,		4(%esp)
+	xorl	%eax,		%ebp
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	%edx,		%ebx
+	roll	$5,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebp,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebx,		%ecx
+	/* 20_39 34 */
+	movl	8(%esp),	%ebx
+	movl	16(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	40(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	60(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	%edx,		%ebp
+.byte 209
+.byte 195		/* roll $1 %ebx */
+	xorl	%edi,		%ebp
+	movl	%ebx,		8(%esp)
+	xorl	%esi,		%ebp
+	leal	1859775393(%ebx,%eax,1),%ebx
+	movl	%ecx,		%eax
+	roll	$5,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	addl	%ebp,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	addl	%eax,		%ebx
+	/* 20_39 35 */
+	movl	12(%esp),	%eax
+	movl	20(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	44(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	(%esp),		%ebp
+	xorl	%ebp,		%eax
+	movl	%ecx,		%ebp
+.byte 209
+.byte 192		/* roll $1 %eax */
+	xorl	%edx,		%ebp
+	movl	%eax,		12(%esp)
+	xorl	%edi,		%ebp
+	leal	1859775393(%eax,%esi,1),%eax
+	movl	%ebx,		%esi
+	roll	$5,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%ebp,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%esi,		%eax
+	/* 20_39 36 */
+	movl	16(%esp),	%esi
+	movl	24(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	48(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	4(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	%ebx,		%ebp
+.byte 209
+.byte 198		/* roll $1 %esi */
+	xorl	%ecx,		%ebp
+	movl	%esi,		16(%esp)
+	xorl	%edx,		%ebp
+	leal	1859775393(%esi,%edi,1),%esi
+	movl	%eax,		%edi
+	roll	$5,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%ebp,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%edi,		%esi
+	/* 20_39 37 */
+	movl	20(%esp),	%edi
+	movl	28(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	52(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	8(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	%eax,		%ebp
+.byte 209
+.byte 199		/* roll $1 %edi */
+	xorl	%ebx,		%ebp
+	movl	%edi,		20(%esp)
+	xorl	%ecx,		%ebp
+	leal	1859775393(%edi,%edx,1),%edi
+	movl	%esi,		%edx
+	roll	$5,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%ebp,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%edx,		%edi
+	/* 20_39 38 */
+	movl	24(%esp),	%edx
+	movl	32(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	56(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	12(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	%esi,		%ebp
+.byte 209
+.byte 194		/* roll $1 %edx */
+	xorl	%eax,		%ebp
+	movl	%edx,		24(%esp)
+	xorl	%ebx,		%ebp
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	%edi,		%ecx
+	roll	$5,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	addl	%ebp,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	addl	%ecx,		%edx
+	/* 20_39 39 */
+	movl	28(%esp),	%ecx
+	movl	36(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	60(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	16(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	%edi,		%ebp
+.byte 209
+.byte 193		/* roll $1 %ecx */
+	xorl	%esi,		%ebp
+	movl	%ecx,		28(%esp)
+	xorl	%eax,		%ebp
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	%edx,		%ebx
+	roll	$5,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebp,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebx,		%ecx
+	/* 40_59 40 */
+	movl	32(%esp),	%ebx
+	movl	40(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	(%esp),		%ebp
+	xorl	%ebp,		%ebx
+	movl	20(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	%edx,		%ebp
+.byte 209
+.byte 195		/* roll $1 %ebx */
+	orl	%edi,		%ebp
+	movl	%ebx,		32(%esp)
+	andl	%esi,		%ebp
+	leal	2400959708(%ebx,%eax,1),%ebx
+	movl	%edx,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	andl	%edi,		%eax
+	orl	%eax,		%ebp
+	movl	%ecx,		%eax
+	roll	$5,		%eax
+	addl	%eax,		%ebp
+	movl	36(%esp),	%eax
+	addl	%ebp,		%ebx
+	movl	44(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	4(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	24(%esp),	%ebp
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	xorl	%ebp,		%eax
+.byte 209
+.byte 192		/* roll $1 %eax */
+	movl	%ecx,		%ebp
+	movl	%eax,		36(%esp)
+	orl	%edx,		%ebp
+	leal	2400959708(%eax,%esi,1),%eax
+	movl	%ecx,		%esi
+	andl	%edi,		%ebp
+	andl	%edx,		%esi
+	orl	%esi,		%ebp
+	movl	%ebx,		%esi
+	roll	$5,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%esi,		%ebp
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%ebp,		%eax
+	/* 40_59 41 */
+	/* 40_59 42 */
+	movl	40(%esp),	%esi
+	movl	48(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	8(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	28(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	%ebx,		%ebp
+.byte 209
+.byte 198		/* roll $1 %esi */
+	orl	%ecx,		%ebp
+	movl	%esi,		40(%esp)
+	andl	%edx,		%ebp
+	leal	2400959708(%esi,%edi,1),%esi
+	movl	%ebx,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	andl	%ecx,		%edi
+	orl	%edi,		%ebp
+	movl	%eax,		%edi
+	roll	$5,		%edi
+	addl	%edi,		%ebp
+	movl	44(%esp),	%edi
+	addl	%ebp,		%esi
+	movl	52(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	12(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	32(%esp),	%ebp
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	xorl	%ebp,		%edi
+.byte 209
+.byte 199		/* roll $1 %edi */
+	movl	%eax,		%ebp
+	movl	%edi,		44(%esp)
+	orl	%ebx,		%ebp
+	leal	2400959708(%edi,%edx,1),%edi
+	movl	%eax,		%edx
+	andl	%ecx,		%ebp
+	andl	%ebx,		%edx
+	orl	%edx,		%ebp
+	movl	%esi,		%edx
+	roll	$5,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%edx,		%ebp
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%ebp,		%edi
+	/* 40_59 43 */
+	/* 40_59 44 */
+	movl	48(%esp),	%edx
+	movl	56(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	16(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	36(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	%esi,		%ebp
+.byte 209
+.byte 194		/* roll $1 %edx */
+	orl	%eax,		%ebp
+	movl	%edx,		48(%esp)
+	andl	%ebx,		%ebp
+	leal	2400959708(%edx,%ecx,1),%edx
+	movl	%esi,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	andl	%eax,		%ecx
+	orl	%ecx,		%ebp
+	movl	%edi,		%ecx
+	roll	$5,		%ecx
+	addl	%ecx,		%ebp
+	movl	52(%esp),	%ecx
+	addl	%ebp,		%edx
+	movl	60(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	20(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	40(%esp),	%ebp
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	xorl	%ebp,		%ecx
+.byte 209
+.byte 193		/* roll $1 %ecx */
+	movl	%edi,		%ebp
+	movl	%ecx,		52(%esp)
+	orl	%esi,		%ebp
+	leal	2400959708(%ecx,%ebx,1),%ecx
+	movl	%edi,		%ebx
+	andl	%eax,		%ebp
+	andl	%esi,		%ebx
+	orl	%ebx,		%ebp
+	movl	%edx,		%ebx
+	roll	$5,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebx,		%ebp
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebp,		%ecx
+	/* 40_59 45 */
+	/* 40_59 46 */
+	movl	56(%esp),	%ebx
+	movl	(%esp),		%ebp
+	xorl	%ebp,		%ebx
+	movl	24(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	44(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	%edx,		%ebp
+.byte 209
+.byte 195		/* roll $1 %ebx */
+	orl	%edi,		%ebp
+	movl	%ebx,		56(%esp)
+	andl	%esi,		%ebp
+	leal	2400959708(%ebx,%eax,1),%ebx
+	movl	%edx,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	andl	%edi,		%eax
+	orl	%eax,		%ebp
+	movl	%ecx,		%eax
+	roll	$5,		%eax
+	addl	%eax,		%ebp
+	movl	60(%esp),	%eax
+	addl	%ebp,		%ebx
+	movl	4(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	28(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	48(%esp),	%ebp
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	xorl	%ebp,		%eax
+.byte 209
+.byte 192		/* roll $1 %eax */
+	movl	%ecx,		%ebp
+	movl	%eax,		60(%esp)
+	orl	%edx,		%ebp
+	leal	2400959708(%eax,%esi,1),%eax
+	movl	%ecx,		%esi
+	andl	%edi,		%ebp
+	andl	%edx,		%esi
+	orl	%esi,		%ebp
+	movl	%ebx,		%esi
+	roll	$5,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%esi,		%ebp
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%ebp,		%eax
+	/* 40_59 47 */
+	/* 40_59 48 */
+	movl	(%esp),		%esi
+	movl	8(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	32(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	52(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	%ebx,		%ebp
+.byte 209
+.byte 198		/* roll $1 %esi */
+	orl	%ecx,		%ebp
+	movl	%esi,		(%esp)
+	andl	%edx,		%ebp
+	leal	2400959708(%esi,%edi,1),%esi
+	movl	%ebx,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	andl	%ecx,		%edi
+	orl	%edi,		%ebp
+	movl	%eax,		%edi
+	roll	$5,		%edi
+	addl	%edi,		%ebp
+	movl	4(%esp),	%edi
+	addl	%ebp,		%esi
+	movl	12(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	36(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	56(%esp),	%ebp
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	xorl	%ebp,		%edi
+.byte 209
+.byte 199		/* roll $1 %edi */
+	movl	%eax,		%ebp
+	movl	%edi,		4(%esp)
+	orl	%ebx,		%ebp
+	leal	2400959708(%edi,%edx,1),%edi
+	movl	%eax,		%edx
+	andl	%ecx,		%ebp
+	andl	%ebx,		%edx
+	orl	%edx,		%ebp
+	movl	%esi,		%edx
+	roll	$5,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%edx,		%ebp
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%ebp,		%edi
+	/* 40_59 49 */
+	/* 40_59 50 */
+	movl	8(%esp),	%edx
+	movl	16(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	40(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	60(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	%esi,		%ebp
+.byte 209
+.byte 194		/* roll $1 %edx */
+	orl	%eax,		%ebp
+	movl	%edx,		8(%esp)
+	andl	%ebx,		%ebp
+	leal	2400959708(%edx,%ecx,1),%edx
+	movl	%esi,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	andl	%eax,		%ecx
+	orl	%ecx,		%ebp
+	movl	%edi,		%ecx
+	roll	$5,		%ecx
+	addl	%ecx,		%ebp
+	movl	12(%esp),	%ecx
+	addl	%ebp,		%edx
+	movl	20(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	44(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	(%esp),		%ebp
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	xorl	%ebp,		%ecx
+.byte 209
+.byte 193		/* roll $1 %ecx */
+	movl	%edi,		%ebp
+	movl	%ecx,		12(%esp)
+	orl	%esi,		%ebp
+	leal	2400959708(%ecx,%ebx,1),%ecx
+	movl	%edi,		%ebx
+	andl	%eax,		%ebp
+	andl	%esi,		%ebx
+	orl	%ebx,		%ebp
+	movl	%edx,		%ebx
+	roll	$5,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebx,		%ebp
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebp,		%ecx
+	/* 40_59 51 */
+	/* 40_59 52 */
+	movl	16(%esp),	%ebx
+	movl	24(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	48(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	4(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	%edx,		%ebp
+.byte 209
+.byte 195		/* roll $1 %ebx */
+	orl	%edi,		%ebp
+	movl	%ebx,		16(%esp)
+	andl	%esi,		%ebp
+	leal	2400959708(%ebx,%eax,1),%ebx
+	movl	%edx,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	andl	%edi,		%eax
+	orl	%eax,		%ebp
+	movl	%ecx,		%eax
+	roll	$5,		%eax
+	addl	%eax,		%ebp
+	movl	20(%esp),	%eax
+	addl	%ebp,		%ebx
+	movl	28(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	52(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	8(%esp),	%ebp
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	xorl	%ebp,		%eax
+.byte 209
+.byte 192		/* roll $1 %eax */
+	movl	%ecx,		%ebp
+	movl	%eax,		20(%esp)
+	orl	%edx,		%ebp
+	leal	2400959708(%eax,%esi,1),%eax
+	movl	%ecx,		%esi
+	andl	%edi,		%ebp
+	andl	%edx,		%esi
+	orl	%esi,		%ebp
+	movl	%ebx,		%esi
+	roll	$5,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%esi,		%ebp
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%ebp,		%eax
+	/* 40_59 53 */
+	/* 40_59 54 */
+	movl	24(%esp),	%esi
+	movl	32(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	56(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	12(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	%ebx,		%ebp
+.byte 209
+.byte 198		/* roll $1 %esi */
+	orl	%ecx,		%ebp
+	movl	%esi,		24(%esp)
+	andl	%edx,		%ebp
+	leal	2400959708(%esi,%edi,1),%esi
+	movl	%ebx,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	andl	%ecx,		%edi
+	orl	%edi,		%ebp
+	movl	%eax,		%edi
+	roll	$5,		%edi
+	addl	%edi,		%ebp
+	movl	28(%esp),	%edi
+	addl	%ebp,		%esi
+	movl	36(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	60(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	16(%esp),	%ebp
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	xorl	%ebp,		%edi
+.byte 209
+.byte 199		/* roll $1 %edi */
+	movl	%eax,		%ebp
+	movl	%edi,		28(%esp)
+	orl	%ebx,		%ebp
+	leal	2400959708(%edi,%edx,1),%edi
+	movl	%eax,		%edx
+	andl	%ecx,		%ebp
+	andl	%ebx,		%edx
+	orl	%edx,		%ebp
+	movl	%esi,		%edx
+	roll	$5,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%edx,		%ebp
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%ebp,		%edi
+	/* 40_59 55 */
+	/* 40_59 56 */
+	movl	32(%esp),	%edx
+	movl	40(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	(%esp),		%ebp
+	xorl	%ebp,		%edx
+	movl	20(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	%esi,		%ebp
+.byte 209
+.byte 194		/* roll $1 %edx */
+	orl	%eax,		%ebp
+	movl	%edx,		32(%esp)
+	andl	%ebx,		%ebp
+	leal	2400959708(%edx,%ecx,1),%edx
+	movl	%esi,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	andl	%eax,		%ecx
+	orl	%ecx,		%ebp
+	movl	%edi,		%ecx
+	roll	$5,		%ecx
+	addl	%ecx,		%ebp
+	movl	36(%esp),	%ecx
+	addl	%ebp,		%edx
+	movl	44(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	4(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	24(%esp),	%ebp
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	xorl	%ebp,		%ecx
+.byte 209
+.byte 193		/* roll $1 %ecx */
+	movl	%edi,		%ebp
+	movl	%ecx,		36(%esp)
+	orl	%esi,		%ebp
+	leal	2400959708(%ecx,%ebx,1),%ecx
+	movl	%edi,		%ebx
+	andl	%eax,		%ebp
+	andl	%esi,		%ebx
+	orl	%ebx,		%ebp
+	movl	%edx,		%ebx
+	roll	$5,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebx,		%ebp
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebp,		%ecx
+	/* 40_59 57 */
+	/* 40_59 58 */
+	movl	40(%esp),	%ebx
+	movl	48(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	8(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	28(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	%edx,		%ebp
+.byte 209
+.byte 195		/* roll $1 %ebx */
+	orl	%edi,		%ebp
+	movl	%ebx,		40(%esp)
+	andl	%esi,		%ebp
+	leal	2400959708(%ebx,%eax,1),%ebx
+	movl	%edx,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	andl	%edi,		%eax
+	orl	%eax,		%ebp
+	movl	%ecx,		%eax
+	roll	$5,		%eax
+	addl	%eax,		%ebp
+	movl	44(%esp),	%eax
+	addl	%ebp,		%ebx
+	movl	52(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	12(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	32(%esp),	%ebp
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	xorl	%ebp,		%eax
+.byte 209
+.byte 192		/* roll $1 %eax */
+	movl	%ecx,		%ebp
+	movl	%eax,		44(%esp)
+	orl	%edx,		%ebp
+	leal	2400959708(%eax,%esi,1),%eax
+	movl	%ecx,		%esi
+	andl	%edi,		%ebp
+	andl	%edx,		%esi
+	orl	%esi,		%ebp
+	movl	%ebx,		%esi
+	roll	$5,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%esi,		%ebp
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%ebp,		%eax
+	/* 40_59 59 */
+	/* 20_39 60 */
+	movl	48(%esp),	%esi
+	movl	56(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	16(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	36(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	%ebx,		%ebp
+.byte 209
+.byte 198		/* roll $1 %esi */
+	xorl	%ecx,		%ebp
+	movl	%esi,		48(%esp)
+	xorl	%edx,		%ebp
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	%eax,		%edi
+	roll	$5,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%ebp,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%edi,		%esi
+	/* 20_39 61 */
+	movl	52(%esp),	%edi
+	movl	60(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	20(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	40(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	%eax,		%ebp
+.byte 209
+.byte 199		/* roll $1 %edi */
+	xorl	%ebx,		%ebp
+	movl	%edi,		52(%esp)
+	xorl	%ecx,		%ebp
+	leal	3395469782(%edi,%edx,1),%edi
+	movl	%esi,		%edx
+	roll	$5,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%ebp,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%edx,		%edi
+	/* 20_39 62 */
+	movl	56(%esp),	%edx
+	movl	(%esp),		%ebp
+	xorl	%ebp,		%edx
+	movl	24(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	44(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	%esi,		%ebp
+.byte 209
+.byte 194		/* roll $1 %edx */
+	xorl	%eax,		%ebp
+	movl	%edx,		56(%esp)
+	xorl	%ebx,		%ebp
+	leal	3395469782(%edx,%ecx,1),%edx
+	movl	%edi,		%ecx
+	roll	$5,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	addl	%ebp,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	addl	%ecx,		%edx
+	/* 20_39 63 */
+	movl	60(%esp),	%ecx
+	movl	4(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	28(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	48(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	%edi,		%ebp
+.byte 209
+.byte 193		/* roll $1 %ecx */
+	xorl	%esi,		%ebp
+	movl	%ecx,		60(%esp)
+	xorl	%eax,		%ebp
+	leal	3395469782(%ecx,%ebx,1),%ecx
+	movl	%edx,		%ebx
+	roll	$5,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebp,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebx,		%ecx
+	/* 20_39 64 */
+	movl	(%esp),		%ebx
+	movl	8(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	32(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	52(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	%edx,		%ebp
+.byte 209
+.byte 195		/* roll $1 %ebx */
+	xorl	%edi,		%ebp
+	movl	%ebx,		(%esp)
+	xorl	%esi,		%ebp
+	leal	3395469782(%ebx,%eax,1),%ebx
+	movl	%ecx,		%eax
+	roll	$5,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	addl	%ebp,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	addl	%eax,		%ebx
+	/* 20_39 65 */
+	movl	4(%esp),	%eax
+	movl	12(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	36(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	56(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	%ecx,		%ebp
+.byte 209
+.byte 192		/* roll $1 %eax */
+	xorl	%edx,		%ebp
+	movl	%eax,		4(%esp)
+	xorl	%edi,		%ebp
+	leal	3395469782(%eax,%esi,1),%eax
+	movl	%ebx,		%esi
+	roll	$5,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%ebp,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%esi,		%eax
+	/* 20_39 66 */
+	movl	8(%esp),	%esi
+	movl	16(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	40(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	60(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	%ebx,		%ebp
+.byte 209
+.byte 198		/* roll $1 %esi */
+	xorl	%ecx,		%ebp
+	movl	%esi,		8(%esp)
+	xorl	%edx,		%ebp
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	%eax,		%edi
+	roll	$5,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%ebp,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%edi,		%esi
+	/* 20_39 67 */
+	movl	12(%esp),	%edi
+	movl	20(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	44(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	(%esp),		%ebp
+	xorl	%ebp,		%edi
+	movl	%eax,		%ebp
+.byte 209
+.byte 199		/* roll $1 %edi */
+	xorl	%ebx,		%ebp
+	movl	%edi,		12(%esp)
+	xorl	%ecx,		%ebp
+	leal	3395469782(%edi,%edx,1),%edi
+	movl	%esi,		%edx
+	roll	$5,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%ebp,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%edx,		%edi
+	/* 20_39 68 */
+	movl	16(%esp),	%edx
+	movl	24(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	48(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	4(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	%esi,		%ebp
+.byte 209
+.byte 194		/* roll $1 %edx */
+	xorl	%eax,		%ebp
+	movl	%edx,		16(%esp)
+	xorl	%ebx,		%ebp
+	leal	3395469782(%edx,%ecx,1),%edx
+	movl	%edi,		%ecx
+	roll	$5,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	addl	%ebp,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	addl	%ecx,		%edx
+	/* 20_39 69 */
+	movl	20(%esp),	%ecx
+	movl	28(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	52(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	8(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	%edi,		%ebp
+.byte 209
+.byte 193		/* roll $1 %ecx */
+	xorl	%esi,		%ebp
+	movl	%ecx,		20(%esp)
+	xorl	%eax,		%ebp
+	leal	3395469782(%ecx,%ebx,1),%ecx
+	movl	%edx,		%ebx
+	roll	$5,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebp,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebx,		%ecx
+	/* 20_39 70 */
+	movl	24(%esp),	%ebx
+	movl	32(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	56(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	12(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	%edx,		%ebp
+.byte 209
+.byte 195		/* roll $1 %ebx */
+	xorl	%edi,		%ebp
+	movl	%ebx,		24(%esp)
+	xorl	%esi,		%ebp
+	leal	3395469782(%ebx,%eax,1),%ebx
+	movl	%ecx,		%eax
+	roll	$5,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	addl	%ebp,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	addl	%eax,		%ebx
+	/* 20_39 71 */
+	movl	28(%esp),	%eax
+	movl	36(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	60(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	16(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	%ecx,		%ebp
+.byte 209
+.byte 192		/* roll $1 %eax */
+	xorl	%edx,		%ebp
+	movl	%eax,		28(%esp)
+	xorl	%edi,		%ebp
+	leal	3395469782(%eax,%esi,1),%eax
+	movl	%ebx,		%esi
+	roll	$5,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%ebp,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%esi,		%eax
+	/* 20_39 72 */
+	movl	32(%esp),	%esi
+	movl	40(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	(%esp),		%ebp
+	xorl	%ebp,		%esi
+	movl	20(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	%ebx,		%ebp
+.byte 209
+.byte 198		/* roll $1 %esi */
+	xorl	%ecx,		%ebp
+	movl	%esi,		32(%esp)
+	xorl	%edx,		%ebp
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	%eax,		%edi
+	roll	$5,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%ebp,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%edi,		%esi
+	/* 20_39 73 */
+	movl	36(%esp),	%edi
+	movl	44(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	4(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	%eax,		%ebp
+.byte 209
+.byte 199		/* roll $1 %edi */
+	xorl	%ebx,		%ebp
+	movl	%edi,		36(%esp)
+	xorl	%ecx,		%ebp
+	leal	3395469782(%edi,%edx,1),%edi
+	movl	%esi,		%edx
+	roll	$5,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%ebp,		%edx
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%edx,		%edi
+	/* 20_39 74 */
+	movl	40(%esp),	%edx
+	movl	48(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	8(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	28(%esp),	%ebp
+	xorl	%ebp,		%edx
+	movl	%esi,		%ebp
+.byte 209
+.byte 194		/* roll $1 %edx */
+	xorl	%eax,		%ebp
+	movl	%edx,		40(%esp)
+	xorl	%ebx,		%ebp
+	leal	3395469782(%edx,%ecx,1),%edx
+	movl	%edi,		%ecx
+	roll	$5,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	addl	%ebp,		%ecx
+.byte 209
+.byte 206		/* rorl $1 %esi */
+	addl	%ecx,		%edx
+	/* 20_39 75 */
+	movl	44(%esp),	%ecx
+	movl	52(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	12(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	32(%esp),	%ebp
+	xorl	%ebp,		%ecx
+	movl	%edi,		%ebp
+.byte 209
+.byte 193		/* roll $1 %ecx */
+	xorl	%esi,		%ebp
+	movl	%ecx,		44(%esp)
+	xorl	%eax,		%ebp
+	leal	3395469782(%ecx,%ebx,1),%ecx
+	movl	%edx,		%ebx
+	roll	$5,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebp,		%ebx
+.byte 209
+.byte 207		/* rorl $1 %edi */
+	addl	%ebx,		%ecx
+	/* 20_39 76 */
+	movl	48(%esp),	%ebx
+	movl	56(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	16(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	36(%esp),	%ebp
+	xorl	%ebp,		%ebx
+	movl	%edx,		%ebp
+.byte 209
+.byte 195		/* roll $1 %ebx */
+	xorl	%edi,		%ebp
+	movl	%ebx,		48(%esp)
+	xorl	%esi,		%ebp
+	leal	3395469782(%ebx,%eax,1),%ebx
+	movl	%ecx,		%eax
+	roll	$5,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	addl	%ebp,		%eax
+.byte 209
+.byte 202		/* rorl $1 %edx */
+	addl	%eax,		%ebx
+	/* 20_39 77 */
+	movl	52(%esp),	%eax
+	movl	60(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	20(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	40(%esp),	%ebp
+	xorl	%ebp,		%eax
+	movl	%ecx,		%ebp
+.byte 209
+.byte 192		/* roll $1 %eax */
+	xorl	%edx,		%ebp
+	movl	%eax,		52(%esp)
+	xorl	%edi,		%ebp
+	leal	3395469782(%eax,%esi,1),%eax
+	movl	%ebx,		%esi
+	roll	$5,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%ebp,		%esi
+.byte 209
+.byte 201		/* rorl $1 %ecx */
+	addl	%esi,		%eax
+	/* 20_39 78 */
+	movl	56(%esp),	%esi
+	movl	(%esp),		%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	44(%esp),	%ebp
+	xorl	%ebp,		%esi
+	movl	%ebx,		%ebp
+.byte 209
+.byte 198		/* roll $1 %esi */
+	xorl	%ecx,		%ebp
+	movl	%esi,		56(%esp)
+	xorl	%edx,		%ebp
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	%eax,		%edi
+	roll	$5,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%ebp,		%edi
+.byte 209
+.byte 203		/* rorl $1 %ebx */
+	addl	%edi,		%esi
+	/* 20_39 79 */
+	movl	60(%esp),	%edi
+	movl	4(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	28(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	48(%esp),	%ebp
+	xorl	%ebp,		%edi
+	movl	%eax,		%ebp
+.byte 209
+.byte 199		/* roll $1 %edi */
+	xorl	%ebx,		%ebp
+	movl	%edi,		60(%esp)
+	xorl	%ecx,		%ebp
+	leal	3395469782(%edi,%edx,1),%edi
+	movl	%esi,		%edx
+	roll	$5,		%edx
+	addl	%ebp,		%edx
+	movl	92(%esp),	%ebp
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	addl	%edx,		%edi
+.byte 209
+.byte 200		/* rorl $1 %eax */
+	/* End processing */
+
+	movl	12(%ebp),	%edx
+	addl	%ebx,		%edx
+	movl	4(%ebp),	%ebx
+	addl	%esi,		%ebx
+	movl	%eax,		%esi
+	movl	(%ebp),		%eax
+	movl	%edx,		12(%ebp)
+	addl	%edi,		%eax
+	movl	16(%ebp),	%edi
+	addl	%ecx,		%edi
+	movl	8(%ebp),	%ecx
+	addl	%esi,		%ecx
+	movl	%eax,		(%ebp)
+	movl	64(%esp),	%esi
+	movl	%ecx,		8(%ebp)
+	addl	$64,		%esi
+	movl	68(%esp),	%eax
+	movl	%edi,		16(%ebp)
+	cmpl	%esi,		%eax
+	movl	%ebx,		4(%ebp)
+	jl	.L001end
+	movl	(%esi),		%eax
+	jmp	.L000start
+.L001end:
+	addl	$72,		%esp
+	popl	%edi
+	popl	%ebx
+	popl	%ebp
+	popl	%esi
+	ret
+.sha1_block_x86_end:
+	SIZE(sha1_block_x86,.sha1_block_x86_end-sha1_block_x86)
+.ident	"desasm.pl"
diff --git a/crypto/sha/sha.c b/crypto/sha/sha.c
index 2fcd9636ee..713fec3610 100644
--- a/crypto/sha/sha.c
+++ b/crypto/sha/sha.c
@@ -1,5 +1,5 @@
 /* crypto/sha/sha.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h
index 9e22fa87c0..4cf0ea0225 100644
--- a/crypto/sha/sha.h
+++ b/crypto/sha/sha.h
@@ -1,5 +1,5 @@
 /* crypto/sha/sha.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -83,19 +83,23 @@ void SHA_Init(SHA_CTX *c);
 void SHA_Update(SHA_CTX *c, unsigned char *data, unsigned long len);
 void SHA_Final(unsigned char *md, SHA_CTX *c);
 unsigned char *SHA(unsigned char *d, unsigned long n,unsigned char *md);
+void SHA_Transform(SHA_CTX *c, unsigned char *data);
 void SHA1_Init(SHA_CTX *c);
 void SHA1_Update(SHA_CTX *c, unsigned char *data, unsigned long len);
 void SHA1_Final(unsigned char *md, SHA_CTX *c);
 unsigned char *SHA1(unsigned char *d, unsigned long n,unsigned char *md);
+void SHA1_Transform(SHA_CTX *c, unsigned char *data);
 #else
 void SHA_Init();
 void SHA_Update();
 void SHA_Final();
 unsigned char *SHA();
+void SHA_Transform();
 void SHA1_Init();
 void SHA1_Update();
 void SHA1_Final();
 unsigned char *SHA1();
+void SHA1_Transform();
 #endif
 
 #ifdef  __cplusplus
diff --git a/crypto/sha/sha1.c b/crypto/sha/sha1.c
new file mode 100644
index 0000000000..a4739ac9fd
--- /dev/null
+++ b/crypto/sha/sha1.c
@@ -0,0 +1,135 @@
+/* crypto/sha/sha1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#define BUFSIZE	1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+	{
+	int i,err=0;
+	FILE *IN;
+
+	if (argc == 1)
+		{
+		do_fp(stdin);
+		}
+	else
+		{
+		for (i=1; i<argc; i++)
+			{
+			IN=fopen(argv[i],"r");
+			if (IN == NULL)
+				{
+				perror(argv[i]);
+				err++;
+				continue;
+				}
+			printf("SHA1(%s)= ",argv[i]);
+			do_fp(IN);
+			fclose(IN);
+			}
+		}
+	exit(err);
+	}
+
+void do_fp(f)
+FILE *f;
+	{
+	SHA_CTX c;
+	unsigned char md[SHA_DIGEST_LENGTH];
+	int fd;
+	int i;
+	unsigned char buf[BUFSIZE];
+
+	fd=fileno(f);
+	SHA1_Init(&c);
+	for (;;)
+		{
+		i=read(fd,buf,BUFSIZE);
+		if (i <= 0) break;
+		SHA1_Update(&c,buf,(unsigned long)i);
+		}
+	SHA1_Final(&(md[0]),&c);
+	pt(md);
+	}
+
+void pt(md)
+unsigned char *md;
+	{
+	int i;
+
+	for (i=0; i<SHA_DIGEST_LENGTH; i++)
+		printf("%02x",md[i]);
+	printf("\n");
+	}
+
diff --git a/crypto/sha/sha1_one.c b/crypto/sha/sha1_one.c
index cf381fa393..fe5770d601 100644
--- a/crypto/sha/sha1_one.c
+++ b/crypto/sha/sha1_one.c
@@ -1,5 +1,5 @@
 /* crypto/sha/sha1_one.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -57,7 +57,7 @@
  */
 
 #include <stdio.h>
-#include "cryptlib.h"
+#include <string.h>
 #include "sha.h"
 
 unsigned char *SHA1(d, n, md)
diff --git a/crypto/sha/sha1dgst.c b/crypto/sha/sha1dgst.c
index 1a181263ad..2b0ae1f0d4 100644
--- a/crypto/sha/sha1dgst.c
+++ b/crypto/sha/sha1dgst.c
@@ -1,5 +1,5 @@
 /* crypto/sha/sha1dgst.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -57,12 +57,13 @@
  */
 
 #include <stdio.h>
+#include <string.h>
 #undef  SHA_0
 #define SHA_1
 #include "sha.h"
 #include "sha_locl.h"
 
-char *SHA1_version="SHA1 part of SSLeay 0.8.1b 29-Jun-1998";
+char *SHA1_version="SHA1 part of SSLeay 0.9.0b 29-Jun-1998";
 
 /* Implemented from SHA-1 document - The Secure Hash Algorithm
  */
@@ -79,9 +80,34 @@ char *SHA1_version="SHA1 part of SSLeay 0.8.1b 29-Jun-1998";
 #define K_60_79 0xca62c1d6L
 
 #ifndef NOPROTO
-static void sha1_block(SHA_CTX *c, register unsigned long *p);
+#  ifdef SHA1_ASM
+     void sha1_block_x86(SHA_CTX *c, register unsigned long *p, int num);
+#    define sha1_block sha1_block_x86
+#  else
+     void sha1_block(SHA_CTX *c, register unsigned long *p, int num);
+#  endif
 #else
-static void sha1_block();
+#  ifdef SHA1_ASM
+     void sha1_block_x86();
+#    define sha1_block sha1_block_x86
+#  else
+     void sha1_block();
+#  endif
+#endif
+
+
+#if defined(L_ENDIAN) && defined(SHA1_ASM)
+#  define	M_c2nl 		c2l
+#  define	M_p_c2nl 	p_c2l
+#  define	M_c2nl_p	c2l_p
+#  define	M_p_c2nl_p	p_c2l_p
+#  define	M_nl2c		l2c
+#else
+#  define	M_c2nl 		c2nl
+#  define	M_p_c2nl	p_c2nl
+#  define	M_c2nl_p	c2nl_p
+#  define	M_p_c2nl_p	p_c2nl_p
+#  define	M_nl2c		nl2c
 #endif
 
 void SHA1_Init(c)
@@ -108,7 +134,7 @@ unsigned long len;
 
 	if (len == 0) return;
 
-	l=(c->Nl+(len<<3))&0xffffffff;
+	l=(c->Nl+(len<<3))&0xffffffffL;
 	if (l < c->Nl) /* overflow */
 		c->Nh++;
 	c->Nh+=(len>>29);
@@ -123,16 +149,16 @@ unsigned long len;
 		if ((c->num+len) >= SHA_CBLOCK)
 			{
 			l= p[sw];
-			p_c2nl(data,l,sc);
+			M_p_c2nl(data,l,sc);
 			p[sw++]=l;
 			for (; sw<SHA_LBLOCK; sw++)
 				{
-				c2nl(data,l);
+				M_c2nl(data,l);
 				p[sw]=l;
 				}
 			len-=(SHA_CBLOCK-c->num);
 
-			sha1_block(c,p);
+			sha1_block(c,p,64);
 			c->num=0;
 			/* drop through and do the rest */
 			}
@@ -142,7 +168,7 @@ unsigned long len;
 			if ((sc+len) < 4) /* ugly, add char's to a word */
 				{
 				l= p[sw];
-				p_c2nl_p(data,l,sc,len);
+				M_p_c2nl_p(data,l,sc,len);
 				p[sw]=l;
 				}
 			else
@@ -150,28 +176,51 @@ unsigned long len;
 				ew=(c->num>>2);
 				ec=(c->num&0x03);
 				l= p[sw];
-				p_c2nl(data,l,sc);
+				M_p_c2nl(data,l,sc);
 				p[sw++]=l;
 				for (; sw < ew; sw++)
-					{ c2nl(data,l); p[sw]=l; }
+					{ M_c2nl(data,l); p[sw]=l; }
 				if (ec)
 					{
-					c2nl_p(data,l,ec);
+					M_c2nl_p(data,l,ec);
 					p[sw]=l;
 					}
 				}
 			return;
 			}
 		}
+	/* We can only do the following code for assember, the reason
+	 * being that the sha1_block 'C' version changes the values
+	 * in the 'data' array.  The assember code avoids this and
+	 * copies it to a local array.  I should be able to do this for
+	 * the C version as well....
+	 */
+#if 1
+#if defined(B_ENDIAN) || defined(SHA1_ASM)
+	if ((((unsigned int)data)%sizeof(ULONG)) == 0)
+		{
+		sw=len/SHA_CBLOCK;
+		if (sw)
+			{
+			sw*=SHA_CBLOCK;
+			sha1_block(c,(ULONG *)data,sw);
+			data+=sw;
+			len-=sw;
+			}
+		}
+#endif
+#endif
 	/* we now can process the input data in blocks of SHA_CBLOCK
 	 * chars and save the leftovers to c->data. */
 	p=c->data;
 	while (len >= SHA_CBLOCK)
 		{
 #if defined(B_ENDIAN) || defined(L_ENDIAN)
-		memcpy(p,data,SHA_CBLOCK);
+		if (p != (unsigned long *)data)
+			memcpy(p,data,SHA_CBLOCK);
 		data+=SHA_CBLOCK;
-#ifdef L_ENDIAN
+#  ifdef L_ENDIAN
+#    ifndef SHA1_ASM /* Will not happen */
 		for (sw=(SHA_LBLOCK/4); sw; sw--)
 			{
 			Endian_Reverse32(p[0]);
@@ -180,18 +229,20 @@ unsigned long len;
 			Endian_Reverse32(p[3]);
 			p+=4;
 			}
-#endif
+		p=c->data;
+#    endif
+#  endif
 #else
 		for (sw=(SHA_BLOCK/4); sw; sw--)
 			{
-			c2nl(data,l); *(p++)=l;
-			c2nl(data,l); *(p++)=l;
-			c2nl(data,l); *(p++)=l;
-			c2nl(data,l); *(p++)=l;
+			M_c2nl(data,l); *(p++)=l;
+			M_c2nl(data,l); *(p++)=l;
+			M_c2nl(data,l); *(p++)=l;
+			M_c2nl(data,l); *(p++)=l;
 			}
-#endif
 		p=c->data;
-		sha1_block(c,p);
+#endif
+		sha1_block(c,p,64);
 		len-=SHA_CBLOCK;
 		}
 	ec=(int)len;
@@ -200,16 +251,158 @@ unsigned long len;
 	ec&=0x03;
 
 	for (sw=0; sw < ew; sw++)
-		{ c2nl(data,l); p[sw]=l; }
-	c2nl_p(data,l,ec);
+		{ M_c2nl(data,l); p[sw]=l; }
+	M_c2nl_p(data,l,ec);
 	p[sw]=l;
 	}
 
-static void sha1_block(c, X)
+void SHA1_Transform(c,b)
 SHA_CTX *c;
-register unsigned long *X;
+unsigned char *b;
+	{
+	ULONG p[16];
+#ifndef B_ENDIAN
+	ULONG *q;
+	int i;
+#endif
+
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+	memcpy(p,b,64);
+#ifdef L_ENDIAN
+	q=p;
+	for (i=(SHA_LBLOCK/4); i; i--)
+		{
+		Endian_Reverse32(q[0]);
+		Endian_Reverse32(q[1]);
+		Endian_Reverse32(q[2]);
+		Endian_Reverse32(q[3]);
+		q+=4;
+		}
+#endif
+#else
+	q=p;
+	for (i=(SHA_LBLOCK/4); i; i--)
+		{
+		ULONG l;
+		c2nl(b,l); *(q++)=l;
+		c2nl(b,l); *(q++)=l;
+		c2nl(b,l); *(q++)=l;
+		c2nl(b,l); *(q++)=l; 
+		} 
+#endif
+	sha1_block(c,p,64);
+	}
+
+#ifndef SHA1_ASM
+
+void sha1_block(c, W, num)
+SHA_CTX *c;
+register unsigned long *W;
+int num;
 	{
 	register ULONG A,B,C,D,E,T;
+	ULONG X[16];
+
+	A=c->h0;
+	B=c->h1;
+	C=c->h2;
+	D=c->h3;
+	E=c->h4;
+
+	for (;;)
+		{
+	BODY_00_15( 0,A,B,C,D,E,T,W);
+	BODY_00_15( 1,T,A,B,C,D,E,W);
+	BODY_00_15( 2,E,T,A,B,C,D,W);
+	BODY_00_15( 3,D,E,T,A,B,C,W);
+	BODY_00_15( 4,C,D,E,T,A,B,W);
+	BODY_00_15( 5,B,C,D,E,T,A,W);
+	BODY_00_15( 6,A,B,C,D,E,T,W);
+	BODY_00_15( 7,T,A,B,C,D,E,W);
+	BODY_00_15( 8,E,T,A,B,C,D,W);
+	BODY_00_15( 9,D,E,T,A,B,C,W);
+	BODY_00_15(10,C,D,E,T,A,B,W);
+	BODY_00_15(11,B,C,D,E,T,A,W);
+	BODY_00_15(12,A,B,C,D,E,T,W);
+	BODY_00_15(13,T,A,B,C,D,E,W);
+	BODY_00_15(14,E,T,A,B,C,D,W);
+	BODY_00_15(15,D,E,T,A,B,C,W);
+	BODY_16_19(16,C,D,E,T,A,B,W,W,W,W);
+	BODY_16_19(17,B,C,D,E,T,A,W,W,W,W);
+	BODY_16_19(18,A,B,C,D,E,T,W,W,W,W);
+	BODY_16_19(19,T,A,B,C,D,E,W,W,W,X);
+
+	BODY_20_31(20,E,T,A,B,C,D,W,W,W,X);
+	BODY_20_31(21,D,E,T,A,B,C,W,W,W,X);
+	BODY_20_31(22,C,D,E,T,A,B,W,W,W,X);
+	BODY_20_31(23,B,C,D,E,T,A,W,W,W,X);
+	BODY_20_31(24,A,B,C,D,E,T,W,W,X,X);
+	BODY_20_31(25,T,A,B,C,D,E,W,W,X,X);
+	BODY_20_31(26,E,T,A,B,C,D,W,W,X,X);
+	BODY_20_31(27,D,E,T,A,B,C,W,W,X,X);
+	BODY_20_31(28,C,D,E,T,A,B,W,W,X,X);
+	BODY_20_31(29,B,C,D,E,T,A,W,W,X,X);
+	BODY_20_31(30,A,B,C,D,E,T,W,X,X,X);
+	BODY_20_31(31,T,A,B,C,D,E,W,X,X,X);
+	BODY_32_39(32,E,T,A,B,C,D,X);
+	BODY_32_39(33,D,E,T,A,B,C,X);
+	BODY_32_39(34,C,D,E,T,A,B,X);
+	BODY_32_39(35,B,C,D,E,T,A,X);
+	BODY_32_39(36,A,B,C,D,E,T,X);
+	BODY_32_39(37,T,A,B,C,D,E,X);
+	BODY_32_39(38,E,T,A,B,C,D,X);
+	BODY_32_39(39,D,E,T,A,B,C,X);
+
+	BODY_40_59(40,C,D,E,T,A,B,X);
+	BODY_40_59(41,B,C,D,E,T,A,X);
+	BODY_40_59(42,A,B,C,D,E,T,X);
+	BODY_40_59(43,T,A,B,C,D,E,X);
+	BODY_40_59(44,E,T,A,B,C,D,X);
+	BODY_40_59(45,D,E,T,A,B,C,X);
+	BODY_40_59(46,C,D,E,T,A,B,X);
+	BODY_40_59(47,B,C,D,E,T,A,X);
+	BODY_40_59(48,A,B,C,D,E,T,X);
+	BODY_40_59(49,T,A,B,C,D,E,X);
+	BODY_40_59(50,E,T,A,B,C,D,X);
+	BODY_40_59(51,D,E,T,A,B,C,X);
+	BODY_40_59(52,C,D,E,T,A,B,X);
+	BODY_40_59(53,B,C,D,E,T,A,X);
+	BODY_40_59(54,A,B,C,D,E,T,X);
+	BODY_40_59(55,T,A,B,C,D,E,X);
+	BODY_40_59(56,E,T,A,B,C,D,X);
+	BODY_40_59(57,D,E,T,A,B,C,X);
+	BODY_40_59(58,C,D,E,T,A,B,X);
+	BODY_40_59(59,B,C,D,E,T,A,X);
+
+	BODY_60_79(60,A,B,C,D,E,T,X);
+	BODY_60_79(61,T,A,B,C,D,E,X);
+	BODY_60_79(62,E,T,A,B,C,D,X);
+	BODY_60_79(63,D,E,T,A,B,C,X);
+	BODY_60_79(64,C,D,E,T,A,B,X);
+	BODY_60_79(65,B,C,D,E,T,A,X);
+	BODY_60_79(66,A,B,C,D,E,T,X);
+	BODY_60_79(67,T,A,B,C,D,E,X);
+	BODY_60_79(68,E,T,A,B,C,D,X);
+	BODY_60_79(69,D,E,T,A,B,C,X);
+	BODY_60_79(70,C,D,E,T,A,B,X);
+	BODY_60_79(71,B,C,D,E,T,A,X);
+	BODY_60_79(72,A,B,C,D,E,T,X);
+	BODY_60_79(73,T,A,B,C,D,E,X);
+	BODY_60_79(74,E,T,A,B,C,D,X);
+	BODY_60_79(75,D,E,T,A,B,C,X);
+	BODY_60_79(76,C,D,E,T,A,B,X);
+	BODY_60_79(77,B,C,D,E,T,A,X);
+	BODY_60_79(78,A,B,C,D,E,T,X);
+	BODY_60_79(79,T,A,B,C,D,E,X);
+	
+	c->h0=(c->h0+E)&0xffffffffL; 
+	c->h1=(c->h1+T)&0xffffffffL;
+	c->h2=(c->h2+A)&0xffffffffL;
+	c->h3=(c->h3+B)&0xffffffffL;
+	c->h4=(c->h4+C)&0xffffffffL;
+
+	num-=64;
+	if (num <= 0) break;
 
 	A=c->h0;
 	B=c->h1;
@@ -217,96 +410,10 @@ register unsigned long *X;
 	D=c->h3;
 	E=c->h4;
 
-	BODY_00_15( 0,A,B,C,D,E,T);
-	BODY_00_15( 1,T,A,B,C,D,E);
-	BODY_00_15( 2,E,T,A,B,C,D);
-	BODY_00_15( 3,D,E,T,A,B,C);
-	BODY_00_15( 4,C,D,E,T,A,B);
-	BODY_00_15( 5,B,C,D,E,T,A);
-	BODY_00_15( 6,A,B,C,D,E,T);
-	BODY_00_15( 7,T,A,B,C,D,E);
-	BODY_00_15( 8,E,T,A,B,C,D);
-	BODY_00_15( 9,D,E,T,A,B,C);
-	BODY_00_15(10,C,D,E,T,A,B);
-	BODY_00_15(11,B,C,D,E,T,A);
-	BODY_00_15(12,A,B,C,D,E,T);
-	BODY_00_15(13,T,A,B,C,D,E);
-	BODY_00_15(14,E,T,A,B,C,D);
-	BODY_00_15(15,D,E,T,A,B,C);
-	BODY_16_19(16,C,D,E,T,A,B);
-	BODY_16_19(17,B,C,D,E,T,A);
-	BODY_16_19(18,A,B,C,D,E,T);
-	BODY_16_19(19,T,A,B,C,D,E);
-
-	BODY_20_39(20,E,T,A,B,C,D);
-	BODY_20_39(21,D,E,T,A,B,C);
-	BODY_20_39(22,C,D,E,T,A,B);
-	BODY_20_39(23,B,C,D,E,T,A);
-	BODY_20_39(24,A,B,C,D,E,T);
-	BODY_20_39(25,T,A,B,C,D,E);
-	BODY_20_39(26,E,T,A,B,C,D);
-	BODY_20_39(27,D,E,T,A,B,C);
-	BODY_20_39(28,C,D,E,T,A,B);
-	BODY_20_39(29,B,C,D,E,T,A);
-	BODY_20_39(30,A,B,C,D,E,T);
-	BODY_20_39(31,T,A,B,C,D,E);
-	BODY_20_39(32,E,T,A,B,C,D);
-	BODY_20_39(33,D,E,T,A,B,C);
-	BODY_20_39(34,C,D,E,T,A,B);
-	BODY_20_39(35,B,C,D,E,T,A);
-	BODY_20_39(36,A,B,C,D,E,T);
-	BODY_20_39(37,T,A,B,C,D,E);
-	BODY_20_39(38,E,T,A,B,C,D);
-	BODY_20_39(39,D,E,T,A,B,C);
-
-	BODY_40_59(40,C,D,E,T,A,B);
-	BODY_40_59(41,B,C,D,E,T,A);
-	BODY_40_59(42,A,B,C,D,E,T);
-	BODY_40_59(43,T,A,B,C,D,E);
-	BODY_40_59(44,E,T,A,B,C,D);
-	BODY_40_59(45,D,E,T,A,B,C);
-	BODY_40_59(46,C,D,E,T,A,B);
-	BODY_40_59(47,B,C,D,E,T,A);
-	BODY_40_59(48,A,B,C,D,E,T);
-	BODY_40_59(49,T,A,B,C,D,E);
-	BODY_40_59(50,E,T,A,B,C,D);
-	BODY_40_59(51,D,E,T,A,B,C);
-	BODY_40_59(52,C,D,E,T,A,B);
-	BODY_40_59(53,B,C,D,E,T,A);
-	BODY_40_59(54,A,B,C,D,E,T);
-	BODY_40_59(55,T,A,B,C,D,E);
-	BODY_40_59(56,E,T,A,B,C,D);
-	BODY_40_59(57,D,E,T,A,B,C);
-	BODY_40_59(58,C,D,E,T,A,B);
-	BODY_40_59(59,B,C,D,E,T,A);
-
-	BODY_60_79(60,A,B,C,D,E,T);
-	BODY_60_79(61,T,A,B,C,D,E);
-	BODY_60_79(62,E,T,A,B,C,D);
-	BODY_60_79(63,D,E,T,A,B,C);
-	BODY_60_79(64,C,D,E,T,A,B);
-	BODY_60_79(65,B,C,D,E,T,A);
-	BODY_60_79(66,A,B,C,D,E,T);
-	BODY_60_79(67,T,A,B,C,D,E);
-	BODY_60_79(68,E,T,A,B,C,D);
-	BODY_60_79(69,D,E,T,A,B,C);
-	BODY_60_79(70,C,D,E,T,A,B);
-	BODY_60_79(71,B,C,D,E,T,A);
-	BODY_60_79(72,A,B,C,D,E,T);
-	BODY_60_79(73,T,A,B,C,D,E);
-	BODY_60_79(74,E,T,A,B,C,D);
-	BODY_60_79(75,D,E,T,A,B,C);
-	BODY_60_79(76,C,D,E,T,A,B);
-	BODY_60_79(77,B,C,D,E,T,A);
-	BODY_60_79(78,A,B,C,D,E,T);
-	BODY_60_79(79,T,A,B,C,D,E);
-
-	c->h0=(c->h0+E)&0xffffffff; 
-	c->h1=(c->h1+T)&0xffffffff;
-	c->h2=(c->h2+A)&0xffffffff;
-	c->h3=(c->h3+B)&0xffffffff;
-	c->h4=(c->h4+C)&0xffffffff;
+	W+=16;
+		}
 	}
+#endif
 
 void SHA1_Final(md, c)
 unsigned char *md;
@@ -326,7 +433,7 @@ SHA_CTX *c;
 	if ((j&0x03) == 0) p[i]=0;
 #endif
 	l=p[i];
-	p_c2nl(cp,l,j&0x03);
+	M_p_c2nl(cp,l,j&0x03);
 	p[i]=l;
 	i++;
 	/* i is the next 'undefined word' */
@@ -334,14 +441,18 @@ SHA_CTX *c;
 		{
 		for (; i<SHA_LBLOCK; i++)
 			p[i]=0;
-		sha1_block(c,p);
+		sha1_block(c,p,64);
 		i=0;
 		}
 	for (; i<(SHA_LBLOCK-2); i++)
 		p[i]=0;
 	p[SHA_LBLOCK-2]=c->Nh;
 	p[SHA_LBLOCK-1]=c->Nl;
-	sha1_block(c,p);
+#if defined(L_ENDIAN) && defined(SHA1_ASM)
+	Endian_Reverse32(p[SHA_LBLOCK-2]);
+	Endian_Reverse32(p[SHA_LBLOCK-1]);
+#endif
+	sha1_block(c,p,64);
 	cp=md;
 	l=c->h0; nl2c(l,cp);
 	l=c->h1; nl2c(l,cp);
@@ -355,19 +466,3 @@ SHA_CTX *c;
 /*	memset((char *)&c,0,sizeof(c));*/
 	}
 
-#ifdef undef
-int printit(l)
-unsigned long *l;
-	{
-	int i,ii;
-
-	for (i=0; i<2; i++)
-		{
-		for (ii=0; ii<8; ii++)
-			{
-			fprintf(stderr,"%08lx ",l[i*8+ii]);
-			}
-		fprintf(stderr,"\n");
-		}
-	}
-#endif
diff --git a/crypto/sha/sha1s.cpp b/crypto/sha/sha1s.cpp
new file mode 100644
index 0000000000..0163377de6
--- /dev/null
+++ b/crypto/sha/sha1s.cpp
@@ -0,0 +1,79 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "sha.h"
+
+extern "C" {
+void sha1_block_x86(SHA_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[64*256];
+	SHA_CTX ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=0,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=16;
+	if (num > 250) num=16;
+	numm=num+2;
+	num*=64;
+	numm*=64;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			sha1_block_x86(&ctx,buffer,numm);
+			GetTSC(s1);
+			sha1_block_x86(&ctx,buffer,numm);
+			GetTSC(e1);
+			GetTSC(s2);
+			sha1_block_x86(&ctx,buffer,num);
+			GetTSC(e2);
+			sha1_block_x86(&ctx,buffer,num);
+			}
+
+		printf("sha1 (%d bytes) %d %d (%.2f)\n",num,
+			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+		}
+	}
+
diff --git a/crypto/sha/sha1test.c b/crypto/sha/sha1test.c
index 9c172c0241..3c62a218b4 100644
--- a/crypto/sha/sha1test.c
+++ b/crypto/sha/sha1test.c
@@ -1,5 +1,5 @@
 /* crypto/sha/sha1test.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -133,7 +133,7 @@ char *argv[];
 	r=bigret;
 	if (strcmp(p,r) != 0)
 		{
-		printf("error calculating SHA1 on '%s'\n",p);
+		printf("error calculating SHA1 on 'a' * 1000\n");
 		printf("got %s instead of %s\n",p,r);
 		err++;
 		}
diff --git a/crypto/sha/sha_dgst.c b/crypto/sha/sha_dgst.c
index 311aa6fcc5..8ed533ea26 100644
--- a/crypto/sha/sha_dgst.c
+++ b/crypto/sha/sha_dgst.c
@@ -1,5 +1,5 @@
 /* crypto/sha/sha_dgst.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -57,14 +57,15 @@
  */
 
 #include <stdio.h>
-#define SHA_0
-#undef  SHA_1
+#include <string.h>
+#define  SHA_0
+#undef SHA_1
 #include "sha.h"
 #include "sha_locl.h"
 
-char *SHA_version="SHA part of SSLeay 0.8.1b 29-Jun-1998";
+char *SHA_version="SHA part of SSLeay 0.9.0b 29-Jun-1998";
 
-/* Implemented from SHA document - The Secure Hash Algorithm
+/* Implemented from SHA-0 document - The Secure Hash Algorithm
  */
 
 #define INIT_DATA_h0 (unsigned long)0x67452301L
@@ -79,11 +80,17 @@ char *SHA_version="SHA part of SSLeay 0.8.1b 29-Jun-1998";
 #define K_60_79 0xca62c1d6L
 
 #ifndef NOPROTO
-static void sha_block(SHA_CTX *c, register unsigned long *p);
+   void sha_block(SHA_CTX *c, register unsigned long *p, int num);
 #else
-static void sha_block();
+   void sha_block();
 #endif
 
+#define	M_c2nl 		c2nl
+#define	M_p_c2nl	p_c2nl
+#define	M_c2nl_p	c2nl_p
+#define	M_p_c2nl_p	p_c2nl_p
+#define	M_nl2c		nl2c
+
 void SHA_Init(c)
 SHA_CTX *c;
 	{
@@ -103,12 +110,12 @@ register unsigned char *data;
 unsigned long len;
 	{
 	register ULONG *p;
-	int sw,sc,ew,ec;
+	int ew,ec,sw,sc;
 	ULONG l;
 
 	if (len == 0) return;
 
-	l=(c->Nl+(len<<3))&0xffffffff;
+	l=(c->Nl+(len<<3))&0xffffffffL;
 	if (l < c->Nl) /* overflow */
 		c->Nh++;
 	c->Nh+=(len>>29);
@@ -123,16 +130,16 @@ unsigned long len;
 		if ((c->num+len) >= SHA_CBLOCK)
 			{
 			l= p[sw];
-			p_c2nl(data,l,sc);
+			M_p_c2nl(data,l,sc);
 			p[sw++]=l;
 			for (; sw<SHA_LBLOCK; sw++)
 				{
-				c2nl(data,l);
+				M_c2nl(data,l);
 				p[sw]=l;
 				}
 			len-=(SHA_CBLOCK-c->num);
 
-			sha_block(c,p);
+			sha_block(c,p,64);
 			c->num=0;
 			/* drop through and do the rest */
 			}
@@ -142,7 +149,7 @@ unsigned long len;
 			if ((sc+len) < 4) /* ugly, add char's to a word */
 				{
 				l= p[sw];
-				p_c2nl_p(data,l,sc,len);
+				M_p_c2nl_p(data,l,sc,len);
 				p[sw]=l;
 				}
 			else
@@ -150,28 +157,51 @@ unsigned long len;
 				ew=(c->num>>2);
 				ec=(c->num&0x03);
 				l= p[sw];
-				p_c2nl(data,l,sc);
+				M_p_c2nl(data,l,sc);
 				p[sw++]=l;
 				for (; sw < ew; sw++)
-					{ c2nl(data,l); p[sw]=l; }
+					{ M_c2nl(data,l); p[sw]=l; }
 				if (ec)
 					{
-					c2nl_p(data,l,ec);
+					M_c2nl_p(data,l,ec);
 					p[sw]=l;
 					}
 				}
 			return;
 			}
 		}
+	/* We can only do the following code for assember, the reason
+	 * being that the sha_block 'C' version changes the values
+	 * in the 'data' array.  The assember code avoids this and
+	 * copies it to a local array.  I should be able to do this for
+	 * the C version as well....
+	 */
+#if 1
+#if defined(B_ENDIAN) || defined(SHA_ASM)
+	if ((((unsigned int)data)%sizeof(ULONG)) == 0)
+		{
+		sw=len/SHA_CBLOCK;
+		if (sw)
+			{
+			sw*=SHA_CBLOCK;
+			sha_block(c,(ULONG *)data,sw);
+			data+=sw;
+			len-=sw;
+			}
+		}
+#endif
+#endif
 	/* we now can process the input data in blocks of SHA_CBLOCK
 	 * chars and save the leftovers to c->data. */
 	p=c->data;
 	while (len >= SHA_CBLOCK)
 		{
 #if defined(B_ENDIAN) || defined(L_ENDIAN)
-		memcpy(p,data,SHA_CBLOCK);
+		if (p != (unsigned long *)data)
+			memcpy(p,data,SHA_CBLOCK);
 		data+=SHA_CBLOCK;
-#ifdef L_ENDIAN
+#  ifdef L_ENDIAN
+#    ifndef SHA_ASM /* Will not happen */
 		for (sw=(SHA_LBLOCK/4); sw; sw--)
 			{
 			Endian_Reverse32(p[0]);
@@ -180,18 +210,20 @@ unsigned long len;
 			Endian_Reverse32(p[3]);
 			p+=4;
 			}
-#endif
+		p=c->data;
+#    endif
+#  endif
 #else
-		for (sw=(SHA_LBLOCK/4); sw; sw--)
+		for (sw=(SHA_BLOCK/4); sw; sw--)
 			{
-			c2nl(data,l); *(p++)=l;
-			c2nl(data,l); *(p++)=l;
-			c2nl(data,l); *(p++)=l;
-			c2nl(data,l); *(p++)=l;
+			M_c2nl(data,l); *(p++)=l;
+			M_c2nl(data,l); *(p++)=l;
+			M_c2nl(data,l); *(p++)=l;
+			M_c2nl(data,l); *(p++)=l;
 			}
-#endif
 		p=c->data;
-		sha_block(c,p);
+#endif
+		sha_block(c,p,64);
 		len-=SHA_CBLOCK;
 		}
 	ec=(int)len;
@@ -200,16 +232,55 @@ unsigned long len;
 	ec&=0x03;
 
 	for (sw=0; sw < ew; sw++)
-		{ c2nl(data,l); p[sw]=l; }
-	c2nl_p(data,l,ec);
+		{ M_c2nl(data,l); p[sw]=l; }
+	M_c2nl_p(data,l,ec);
 	p[sw]=l;
 	}
 
-static void sha_block(c, X)
+void SHA_Transform(c,b)
 SHA_CTX *c;
-register unsigned long *X;
+unsigned char *b;
+	{
+	ULONG p[16];
+#if !defined(B_ENDIAN)
+	ULONG *q;
+	int i;
+#endif
+
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+	memcpy(p,b,64);
+#ifdef L_ENDIAN
+	q=p;
+	for (i=(SHA_LBLOCK/4); i; i--)
+		{
+		Endian_Reverse32(q[0]);
+		Endian_Reverse32(q[1]);
+		Endian_Reverse32(q[2]);
+		Endian_Reverse32(q[3]);
+		q+=4;
+		}
+#endif
+#else
+	q=p;
+	for (i=(SHA_LBLOCK/4); i; i--)
+		{
+		ULONG l;
+		c2nl(b,l); *(q++)=l;
+		c2nl(b,l); *(q++)=l;
+		c2nl(b,l); *(q++)=l;
+		c2nl(b,l); *(q++)=l; 
+		} 
+#endif
+	sha_block(c,p,64);
+	}
+
+void sha_block(c, W, num)
+SHA_CTX *c;
+register unsigned long *W;
+int num;
 	{
 	register ULONG A,B,C,D,E,T;
+	ULONG X[16];
 
 	A=c->h0;
 	B=c->h1;
@@ -217,95 +288,109 @@ register unsigned long *X;
 	D=c->h3;
 	E=c->h4;
 
-	BODY_00_15( 0,A,B,C,D,E,T);
-	BODY_00_15( 1,T,A,B,C,D,E);
-	BODY_00_15( 2,E,T,A,B,C,D);
-	BODY_00_15( 3,D,E,T,A,B,C);
-	BODY_00_15( 4,C,D,E,T,A,B);
-	BODY_00_15( 5,B,C,D,E,T,A);
-	BODY_00_15( 6,A,B,C,D,E,T);
-	BODY_00_15( 7,T,A,B,C,D,E);
-	BODY_00_15( 8,E,T,A,B,C,D);
-	BODY_00_15( 9,D,E,T,A,B,C);
-	BODY_00_15(10,C,D,E,T,A,B);
-	BODY_00_15(11,B,C,D,E,T,A);
-	BODY_00_15(12,A,B,C,D,E,T);
-	BODY_00_15(13,T,A,B,C,D,E);
-	BODY_00_15(14,E,T,A,B,C,D);
-	BODY_00_15(15,D,E,T,A,B,C);
-	BODY_16_19(16,C,D,E,T,A,B);
-	BODY_16_19(17,B,C,D,E,T,A);
-	BODY_16_19(18,A,B,C,D,E,T);
-	BODY_16_19(19,T,A,B,C,D,E);
+	for (;;)
+		{
+	BODY_00_15( 0,A,B,C,D,E,T,W);
+	BODY_00_15( 1,T,A,B,C,D,E,W);
+	BODY_00_15( 2,E,T,A,B,C,D,W);
+	BODY_00_15( 3,D,E,T,A,B,C,W);
+	BODY_00_15( 4,C,D,E,T,A,B,W);
+	BODY_00_15( 5,B,C,D,E,T,A,W);
+	BODY_00_15( 6,A,B,C,D,E,T,W);
+	BODY_00_15( 7,T,A,B,C,D,E,W);
+	BODY_00_15( 8,E,T,A,B,C,D,W);
+	BODY_00_15( 9,D,E,T,A,B,C,W);
+	BODY_00_15(10,C,D,E,T,A,B,W);
+	BODY_00_15(11,B,C,D,E,T,A,W);
+	BODY_00_15(12,A,B,C,D,E,T,W);
+	BODY_00_15(13,T,A,B,C,D,E,W);
+	BODY_00_15(14,E,T,A,B,C,D,W);
+	BODY_00_15(15,D,E,T,A,B,C,W);
+	BODY_16_19(16,C,D,E,T,A,B,W,W,W,W);
+	BODY_16_19(17,B,C,D,E,T,A,W,W,W,W);
+	BODY_16_19(18,A,B,C,D,E,T,W,W,W,W);
+	BODY_16_19(19,T,A,B,C,D,E,W,W,W,X);
+
+	BODY_20_31(20,E,T,A,B,C,D,W,W,W,X);
+	BODY_20_31(21,D,E,T,A,B,C,W,W,W,X);
+	BODY_20_31(22,C,D,E,T,A,B,W,W,W,X);
+	BODY_20_31(23,B,C,D,E,T,A,W,W,W,X);
+	BODY_20_31(24,A,B,C,D,E,T,W,W,X,X);
+	BODY_20_31(25,T,A,B,C,D,E,W,W,X,X);
+	BODY_20_31(26,E,T,A,B,C,D,W,W,X,X);
+	BODY_20_31(27,D,E,T,A,B,C,W,W,X,X);
+	BODY_20_31(28,C,D,E,T,A,B,W,W,X,X);
+	BODY_20_31(29,B,C,D,E,T,A,W,W,X,X);
+	BODY_20_31(30,A,B,C,D,E,T,W,X,X,X);
+	BODY_20_31(31,T,A,B,C,D,E,W,X,X,X);
+	BODY_32_39(32,E,T,A,B,C,D,X);
+	BODY_32_39(33,D,E,T,A,B,C,X);
+	BODY_32_39(34,C,D,E,T,A,B,X);
+	BODY_32_39(35,B,C,D,E,T,A,X);
+	BODY_32_39(36,A,B,C,D,E,T,X);
+	BODY_32_39(37,T,A,B,C,D,E,X);
+	BODY_32_39(38,E,T,A,B,C,D,X);
+	BODY_32_39(39,D,E,T,A,B,C,X);
+
+	BODY_40_59(40,C,D,E,T,A,B,X);
+	BODY_40_59(41,B,C,D,E,T,A,X);
+	BODY_40_59(42,A,B,C,D,E,T,X);
+	BODY_40_59(43,T,A,B,C,D,E,X);
+	BODY_40_59(44,E,T,A,B,C,D,X);
+	BODY_40_59(45,D,E,T,A,B,C,X);
+	BODY_40_59(46,C,D,E,T,A,B,X);
+	BODY_40_59(47,B,C,D,E,T,A,X);
+	BODY_40_59(48,A,B,C,D,E,T,X);
+	BODY_40_59(49,T,A,B,C,D,E,X);
+	BODY_40_59(50,E,T,A,B,C,D,X);
+	BODY_40_59(51,D,E,T,A,B,C,X);
+	BODY_40_59(52,C,D,E,T,A,B,X);
+	BODY_40_59(53,B,C,D,E,T,A,X);
+	BODY_40_59(54,A,B,C,D,E,T,X);
+	BODY_40_59(55,T,A,B,C,D,E,X);
+	BODY_40_59(56,E,T,A,B,C,D,X);
+	BODY_40_59(57,D,E,T,A,B,C,X);
+	BODY_40_59(58,C,D,E,T,A,B,X);
+	BODY_40_59(59,B,C,D,E,T,A,X);
 
-	BODY_20_39(20,E,T,A,B,C,D);
-	BODY_20_39(21,D,E,T,A,B,C);
-	BODY_20_39(22,C,D,E,T,A,B);
-	BODY_20_39(23,B,C,D,E,T,A);
-	BODY_20_39(24,A,B,C,D,E,T);
-	BODY_20_39(25,T,A,B,C,D,E);
-	BODY_20_39(26,E,T,A,B,C,D);
-	BODY_20_39(27,D,E,T,A,B,C);
-	BODY_20_39(28,C,D,E,T,A,B);
-	BODY_20_39(29,B,C,D,E,T,A);
-	BODY_20_39(30,A,B,C,D,E,T);
-	BODY_20_39(31,T,A,B,C,D,E);
-	BODY_20_39(32,E,T,A,B,C,D);
-	BODY_20_39(33,D,E,T,A,B,C);
-	BODY_20_39(34,C,D,E,T,A,B);
-	BODY_20_39(35,B,C,D,E,T,A);
-	BODY_20_39(36,A,B,C,D,E,T);
-	BODY_20_39(37,T,A,B,C,D,E);
-	BODY_20_39(38,E,T,A,B,C,D);
-	BODY_20_39(39,D,E,T,A,B,C);
+	BODY_60_79(60,A,B,C,D,E,T,X);
+	BODY_60_79(61,T,A,B,C,D,E,X);
+	BODY_60_79(62,E,T,A,B,C,D,X);
+	BODY_60_79(63,D,E,T,A,B,C,X);
+	BODY_60_79(64,C,D,E,T,A,B,X);
+	BODY_60_79(65,B,C,D,E,T,A,X);
+	BODY_60_79(66,A,B,C,D,E,T,X);
+	BODY_60_79(67,T,A,B,C,D,E,X);
+	BODY_60_79(68,E,T,A,B,C,D,X);
+	BODY_60_79(69,D,E,T,A,B,C,X);
+	BODY_60_79(70,C,D,E,T,A,B,X);
+	BODY_60_79(71,B,C,D,E,T,A,X);
+	BODY_60_79(72,A,B,C,D,E,T,X);
+	BODY_60_79(73,T,A,B,C,D,E,X);
+	BODY_60_79(74,E,T,A,B,C,D,X);
+	BODY_60_79(75,D,E,T,A,B,C,X);
+	BODY_60_79(76,C,D,E,T,A,B,X);
+	BODY_60_79(77,B,C,D,E,T,A,X);
+	BODY_60_79(78,A,B,C,D,E,T,X);
+	BODY_60_79(79,T,A,B,C,D,E,X);
+	
+	c->h0=(c->h0+E)&0xffffffffL; 
+	c->h1=(c->h1+T)&0xffffffffL;
+	c->h2=(c->h2+A)&0xffffffffL;
+	c->h3=(c->h3+B)&0xffffffffL;
+	c->h4=(c->h4+C)&0xffffffffL;
 
-	BODY_40_59(40,C,D,E,T,A,B);
-	BODY_40_59(41,B,C,D,E,T,A);
-	BODY_40_59(42,A,B,C,D,E,T);
-	BODY_40_59(43,T,A,B,C,D,E);
-	BODY_40_59(44,E,T,A,B,C,D);
-	BODY_40_59(45,D,E,T,A,B,C);
-	BODY_40_59(46,C,D,E,T,A,B);
-	BODY_40_59(47,B,C,D,E,T,A);
-	BODY_40_59(48,A,B,C,D,E,T);
-	BODY_40_59(49,T,A,B,C,D,E);
-	BODY_40_59(50,E,T,A,B,C,D);
-	BODY_40_59(51,D,E,T,A,B,C);
-	BODY_40_59(52,C,D,E,T,A,B);
-	BODY_40_59(53,B,C,D,E,T,A);
-	BODY_40_59(54,A,B,C,D,E,T);
-	BODY_40_59(55,T,A,B,C,D,E);
-	BODY_40_59(56,E,T,A,B,C,D);
-	BODY_40_59(57,D,E,T,A,B,C);
-	BODY_40_59(58,C,D,E,T,A,B);
-	BODY_40_59(59,B,C,D,E,T,A);
+	num-=64;
+	if (num <= 0) break;
 
-	BODY_60_79(60,A,B,C,D,E,T);
-	BODY_60_79(61,T,A,B,C,D,E);
-	BODY_60_79(62,E,T,A,B,C,D);
-	BODY_60_79(63,D,E,T,A,B,C);
-	BODY_60_79(64,C,D,E,T,A,B);
-	BODY_60_79(65,B,C,D,E,T,A);
-	BODY_60_79(66,A,B,C,D,E,T);
-	BODY_60_79(67,T,A,B,C,D,E);
-	BODY_60_79(68,E,T,A,B,C,D);
-	BODY_60_79(69,D,E,T,A,B,C);
-	BODY_60_79(70,C,D,E,T,A,B);
-	BODY_60_79(71,B,C,D,E,T,A);
-	BODY_60_79(72,A,B,C,D,E,T);
-	BODY_60_79(73,T,A,B,C,D,E);
-	BODY_60_79(74,E,T,A,B,C,D);
-	BODY_60_79(75,D,E,T,A,B,C);
-	BODY_60_79(76,C,D,E,T,A,B);
-	BODY_60_79(77,B,C,D,E,T,A);
-	BODY_60_79(78,A,B,C,D,E,T);
-	BODY_60_79(79,T,A,B,C,D,E);
+	A=c->h0;
+	B=c->h1;
+	C=c->h2;
+	D=c->h3;
+	E=c->h4;
 
-	c->h0=(c->h0+E)&0xffffffff; 
-	c->h1=(c->h1+T)&0xffffffff;
-	c->h2=(c->h2+A)&0xffffffff;
-	c->h3=(c->h3+B)&0xffffffff;
-	c->h4=(c->h4+C)&0xffffffff;
+	W+=16;
+		}
 	}
 
 void SHA_Final(md, c)
@@ -326,7 +411,7 @@ SHA_CTX *c;
 	if ((j&0x03) == 0) p[i]=0;
 #endif
 	l=p[i];
-	p_c2nl(cp,l,j&0x03);
+	M_p_c2nl(cp,l,j&0x03);
 	p[i]=l;
 	i++;
 	/* i is the next 'undefined word' */
@@ -334,41 +419,24 @@ SHA_CTX *c;
 		{
 		for (; i<SHA_LBLOCK; i++)
 			p[i]=0;
-		sha_block(c,p);
+		sha_block(c,p,64);
 		i=0;
 		}
 	for (; i<(SHA_LBLOCK-2); i++)
 		p[i]=0;
 	p[SHA_LBLOCK-2]=c->Nh;
 	p[SHA_LBLOCK-1]=c->Nl;
-	sha_block(c,p);
+	sha_block(c,p,64);
 	cp=md;
 	l=c->h0; nl2c(l,cp);
 	l=c->h1; nl2c(l,cp);
 	l=c->h2; nl2c(l,cp);
 	l=c->h3; nl2c(l,cp);
 	l=c->h4; nl2c(l,cp);
+
 	/* clear stuff, sha_block may be leaving some stuff on the stack
 	 * but I'm not worried :-) */
 	c->num=0;
 /*	memset((char *)&c,0,sizeof(c));*/
 	}
 
-
-#ifdef undef
-int printit(l)
-unsigned long *l;
-	{
-	int i,ii;
-
-	for (i=0; i<2; i++)
-		{
-		for (ii=0; ii<8; ii++)
-			{
-			fprintf(stderr,"%08lx ",l[i*8+ii]);
-			}
-		fprintf(stderr,"\n");
-		}
-	}
-#endif
-
diff --git a/crypto/sha/sha_locl.h b/crypto/sha/sha_locl.h
index 0a5cf46990..2814ad15fa 100644
--- a/crypto/sha/sha_locl.h
+++ b/crypto/sha/sha_locl.h
@@ -1,5 +1,5 @@
 /* crypto/sha/sha_locl.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -120,7 +120,51 @@
 			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
 			 *((c)++)=(unsigned char)(((l)    )&0xff))
 
-/* I have taken some of this code from my MD5 implementation */
+#undef c2l
+#define c2l(c,l)	(l =(((unsigned long)(*((c)++)))    ), \
+			 l|=(((unsigned long)(*((c)++)))<< 8), \
+			 l|=(((unsigned long)(*((c)++)))<<16), \
+			 l|=(((unsigned long)(*((c)++)))<<24))
+
+#undef p_c2l
+#define p_c2l(c,l,n)	{ \
+			switch (n) { \
+			case 0: l =((unsigned long)(*((c)++))); \
+			case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+			case 2: l|=((unsigned long)(*((c)++)))<<16; \
+			case 3: l|=((unsigned long)(*((c)++)))<<24; \
+				} \
+			}
+
+#undef c2l_p
+/* NOTE the pointer is not incremented at the end of this */
+#define c2l_p(c,l,n)	{ \
+			l=0; \
+			(c)+=n; \
+			switch (n) { \
+			case 3: l =((unsigned long)(*(--(c))))<<16; \
+			case 2: l|=((unsigned long)(*(--(c))))<< 8; \
+			case 1: l|=((unsigned long)(*(--(c)))); \
+				} \
+			}
+
+#undef p_c2l_p
+#define p_c2l_p(c,l,sc,len) { \
+			switch (sc) \
+				{ \
+			case 0: l =((unsigned long)(*((c)++))); \
+				if (--len == 0) break; \
+			case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+				if (--len == 0) break; \
+			case 2: l|=((unsigned long)(*((c)++)))<<16; \
+				} \
+			}
+
+#undef l2c
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)    )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24)&0xff))
 
 #undef ROTATE
 #if defined(WIN32)
@@ -161,38 +205,42 @@
 
 #ifdef SHA_0
 #undef Xupdate
-#define Xupdate(a,i) \
-	X[(i)&0x0f]=(a)=\
-		(X[(i)&0x0f]^X[((i)+2)&0x0f]^X[((i)+8)&0x0f]^X[((i)+13)&0x0f]);
+#define Xupdate(a,i,ia,ib,ic,id) X[(i)&0x0f]=(a)=\
+	(ia[(i)&0x0f]^ib[((i)+2)&0x0f]^ic[((i)+8)&0x0f]^id[((i)+13)&0x0f]);
 #endif
 #ifdef SHA_1
 #undef Xupdate
-#define Xupdate(a,i) \
-	(a)=(X[(i)&0x0f]^X[((i)+2)&0x0f]^X[((i)+8)&0x0f]^X[((i)+13)&0x0f]); \
+#define Xupdate(a,i,ia,ib,ic,id) (a)=\
+	(ia[(i)&0x0f]^ib[((i)+2)&0x0f]^ic[((i)+8)&0x0f]^id[((i)+13)&0x0f]);\
 	X[(i)&0x0f]=(a)=ROTATE((a),1);
 #endif
 
-#define BODY_00_15(i,a,b,c,d,e,f) \
-	(f)=X[i]+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+#define BODY_00_15(i,a,b,c,d,e,f,xa) \
+	(f)=xa[i]+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
 	(b)=ROTATE((b),30);
 
-#define BODY_16_19(i,a,b,c,d,e,f) \
-	Xupdate(f,i); \
+#define BODY_16_19(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+	Xupdate(f,i,xa,xb,xc,xd); \
 	(f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
 	(b)=ROTATE((b),30);
 
-#define BODY_20_39(i,a,b,c,d,e,f) \
-	Xupdate(f,i); \
+#define BODY_20_31(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+	Xupdate(f,i,xa,xb,xc,xd); \
+	(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_32_39(i,a,b,c,d,e,f,xa) \
+	Xupdate(f,i,xa,xa,xa,xa); \
 	(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
 	(b)=ROTATE((b),30);
 
-#define BODY_40_59(i,a,b,c,d,e,f) \
-	Xupdate(f,i); \
+#define BODY_40_59(i,a,b,c,d,e,f,xa) \
+	Xupdate(f,i,xa,xa,xa,xa); \
 	(f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
 	(b)=ROTATE((b),30);
 
-#define BODY_60_79(i,a,b,c,d,e,f) \
-	Xupdate(f,i); \
+#define BODY_60_79(i,a,b,c,d,e,f,xa) \
+	Xupdate(f,i,xa,xa,xa,xa); \
 	(f)=X[(i)&0x0f]+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
 	(b)=ROTATE((b),30);
 
diff --git a/crypto/sha/sha_one.c b/crypto/sha/sha_one.c
index 87da617bec..18ab7f61bc 100644
--- a/crypto/sha/sha_one.c
+++ b/crypto/sha/sha_one.c
@@ -1,5 +1,5 @@
 /* crypto/sha/sha_one.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -57,7 +57,7 @@
  */
 
 #include <stdio.h>
-#include "cryptlib.h"
+#include <string.h>
 #include "sha.h"
 
 unsigned char *SHA(d, n, md)
diff --git a/crypto/sha/sha_sgst.c b/crypto/sha/sha_sgst.c
new file mode 100644
index 0000000000..8a16801328
--- /dev/null
+++ b/crypto/sha/sha_sgst.c
@@ -0,0 +1,246 @@
+/* crypto/sha/sha_sgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#ifdef undef
+/* one or the other needs to be defined */
+#ifndef SHA_1 /* FIPE 180-1 */
+#define SHA_0 /* FIPS 180   */
+#endif
+#endif
+
+#define ULONG	unsigned long
+#define UCHAR	unsigned char
+#define UINT	unsigned int
+
+#ifdef NOCONST
+#define const
+#endif
+
+#undef c2nl
+#define c2nl(c,l)	(l =(((unsigned long)(*((c)++)))<<24), \
+			 l|=(((unsigned long)(*((c)++)))<<16), \
+			 l|=(((unsigned long)(*((c)++)))<< 8), \
+			 l|=(((unsigned long)(*((c)++)))    ))
+
+#undef p_c2nl
+#define p_c2nl(c,l,n)	{ \
+			switch (n) { \
+			case 0: l =((unsigned long)(*((c)++)))<<24; \
+			case 1: l|=((unsigned long)(*((c)++)))<<16; \
+			case 2: l|=((unsigned long)(*((c)++)))<< 8; \
+			case 3: l|=((unsigned long)(*((c)++))); \
+				} \
+			}
+
+#undef c2nl_p
+/* NOTE the pointer is not incremented at the end of this */
+#define c2nl_p(c,l,n)	{ \
+			l=0; \
+			(c)+=n; \
+			switch (n) { \
+			case 3: l =((unsigned long)(*(--(c))))<< 8; \
+			case 2: l|=((unsigned long)(*(--(c))))<<16; \
+			case 1: l|=((unsigned long)(*(--(c))))<<24; \
+				} \
+			}
+
+#undef p_c2nl_p
+#define p_c2nl_p(c,l,sc,len) { \
+			switch (sc) \
+				{ \
+			case 0: l =((unsigned long)(*((c)++)))<<24; \
+				if (--len == 0) break; \
+			case 1: l|=((unsigned long)(*((c)++)))<<16; \
+				if (--len == 0) break; \
+			case 2: l|=((unsigned long)(*((c)++)))<< 8; \
+				} \
+			}
+
+#undef nl2c
+#define nl2c(l,c)	(*((c)++)=(unsigned char)(((l)>>24)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+			 *((c)++)=(unsigned char)(((l)    )&0xff))
+
+#undef c2l
+#define c2l(c,l)	(l =(((unsigned long)(*((c)++)))    ), \
+			 l|=(((unsigned long)(*((c)++)))<< 8), \
+			 l|=(((unsigned long)(*((c)++)))<<16), \
+			 l|=(((unsigned long)(*((c)++)))<<24))
+
+#undef p_c2l
+#define p_c2l(c,l,n)	{ \
+			switch (n) { \
+			case 0: l =((unsigned long)(*((c)++))); \
+			case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+			case 2: l|=((unsigned long)(*((c)++)))<<16; \
+			case 3: l|=((unsigned long)(*((c)++)))<<24; \
+				} \
+			}
+
+#undef c2l_p
+/* NOTE the pointer is not incremented at the end of this */
+#define c2l_p(c,l,n)	{ \
+			l=0; \
+			(c)+=n; \
+			switch (n) { \
+			case 3: l =((unsigned long)(*(--(c))))<<16; \
+			case 2: l|=((unsigned long)(*(--(c))))<< 8; \
+			case 1: l|=((unsigned long)(*(--(c)))); \
+				} \
+			}
+
+#undef p_c2l_p
+#define p_c2l_p(c,l,sc,len) { \
+			switch (sc) \
+				{ \
+			case 0: l =((unsigned long)(*((c)++))); \
+				if (--len == 0) break; \
+			case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+				if (--len == 0) break; \
+			case 2: l|=((unsigned long)(*((c)++)))<<16; \
+				} \
+			}
+
+#undef l2c
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)    )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24)&0xff))
+
+#undef ROTATE
+#if defined(WIN32)
+#define ROTATE(a,n)     _lrotl(a,n)
+#else
+#define ROTATE(a,n)     (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
+#endif
+
+/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
+#if defined(WIN32)
+/* 5 instructions with rotate instruction, else 9 */
+#define Endian_Reverse32(a) \
+	{ \
+	unsigned long l=(a); \
+	(a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \
+	}
+#else
+/* 6 instructions with rotate instruction, else 8 */
+#define Endian_Reverse32(a) \
+	{ \
+	unsigned long l=(a); \
+	l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \
+	(a)=ROTATE(l,16L); \
+	}
+#endif
+
+/* As  pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
+ * simplified to the code in F_00_19.  Wei attributes these optimisations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ * #define F(x,y,z) (((x) & (y))  |  ((~(x)) & (z)))
+ * I've just become aware of another tweak to be made, again from Wei Dai,
+ * in F_40_59, (x&a)|(y&a) -> (x|y)&a
+ */
+#define	F_00_19(b,c,d)	((((c) ^ (d)) & (b)) ^ (d)) 
+#define	F_20_39(b,c,d)	((b) ^ (c) ^ (d))
+#define F_40_59(b,c,d)	(((b) & (c)) | (((b)|(c)) & (d))) 
+#define	F_60_79(b,c,d)	F_20_39(b,c,d)
+
+#ifdef SHA_0
+#undef Xupdate
+#define Xupdate(a,i,ia,ib,ic,id) X[(i)&0x0f]=(a)=\
+	(ia[(i)&0x0f]^ib[((i)+2)&0x0f]^ic[((i)+8)&0x0f]^id[((i)+13)&0x0f]);
+#endif
+#ifdef SHA_1
+#undef Xupdate
+#define Xupdate(a,i,ia,ib,ic,id) (a)=\
+	(ia[(i)&0x0f]^ib[((i)+2)&0x0f]^ic[((i)+8)&0x0f]^id[((i)+13)&0x0f]);\
+	X[(i)&0x0f]=(a)=ROTATE((a),1);
+#endif
+
+#define BODY_00_15(i,a,b,c,d,e,f,xa) \
+	(f)=xa[i]+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_16_19(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+	Xupdate(f,i,xa,xb,xc,xd); \
+	(f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_20_31(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+	Xupdate(f,i,xa,xb,xc,xd); \
+	(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_32_39(i,a,b,c,d,e,f,xa) \
+	Xupdate(f,i,xa,xa,xa,xa); \
+	(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_40_59(i,a,b,c,d,e,f,xa) \
+	Xupdate(f,i,xa,xa,xa,xa); \
+	(f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_60_79(i,a,b,c,d,e,f,xa) \
+	Xupdate(f,i,xa,xa,xa,xa); \
+	(f)=X[(i)&0x0f]+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
diff --git a/crypto/sha/shatest.c b/crypto/sha/shatest.c
index 28c2e19236..03816e9b39 100644
--- a/crypto/sha/shatest.c
+++ b/crypto/sha/shatest.c
@@ -1,5 +1,5 @@
 /* crypto/sha/shatest.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c
index 712089ef31..610ccbb756 100644
--- a/crypto/stack/stack.c
+++ b/crypto/stack/stack.c
@@ -1,5 +1,5 @@
 /* crypto/stack/stack.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -72,7 +72,7 @@
 #undef MIN_NODES
 #define MIN_NODES	4
 
-char *STACK_version="STACK part of SSLeay 0.8.1b 29-Jun-1998";
+char *STACK_version="STACK part of SSLeay 0.9.0b 29-Jun-1998";
 
 #ifndef NOPROTO
 #define	FP_ICC	(int (*)(const void *,const void *))
@@ -193,14 +193,22 @@ STACK *st;
 int loc;
 	{
 	char *ret;
+	int i,j;
 
 	if ((st->num == 0) || (loc < 0) || (loc >= st->num)) return(NULL);
 
 	ret=st->data[loc];
 	if (loc != st->num-1)
-		memcpy( &(st->data[loc]),
-			&(st->data[loc+1]),
-			sizeof(char *)*(st->num-loc-1));
+		{
+		j=st->num-1;
+		for (i=loc; i<j; i++)
+			st->data[i]=st->data[i+1];
+		/* In theory memcpy is not safe for this
+		 * memcpy( &(st->data[loc]),
+		 *	&(st->data[loc+1]),
+		 *	sizeof(char *)*(st->num-loc-1));
+		 */
+		}
 	st->num--;
 	return(ret);
 	}
diff --git a/crypto/stack/stack.h b/crypto/stack/stack.h
index 66ba83ec40..615eb6ff94 100644
--- a/crypto/stack/stack.h
+++ b/crypto/stack/stack.h
@@ -1,5 +1,5 @@
 /* crypto/stack/stack.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -73,8 +73,8 @@ typedef struct stack_st
 	int (*comp)();
 	} STACK;
 
-#define sk_num(sk)	((sk)->num)
-#define sk_value(sk,n)	((sk)->data[n])
+#define sk_num(sk)		((sk)->num)
+#define sk_value(sk,n)		((sk)->data[n])
 
 #define sk_new_null()	sk_new(NULL)
 #ifndef NOPROTO
diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c
new file mode 100644
index 0000000000..be395f2bc4
--- /dev/null
+++ b/crypto/threads/mttest.c
@@ -0,0 +1,1115 @@
+/* crypto/threads/mttest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#ifdef LINUX
+#include <typedefs.h>
+#endif
+#ifdef WIN32
+#include <windows.h>
+#endif
+#ifdef SOLARIS
+#include <synch.h>
+#include <thread.h>
+#endif
+#ifdef IRIX
+#include <ulocks.h>
+#include <sys/prctl.h>
+#endif
+#include "lhash.h"
+#include "crypto.h"
+#include "buffer.h"
+#include "../e_os.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+
+#ifdef NO_FP_API
+#define APPS_WIN16
+#include "../crypto/buffer/bss_file.c"
+#endif
+
+#define TEST_SERVER_CERT "../apps/server.pem"
+#define TEST_CLIENT_CERT "../apps/client.pem"
+
+#define MAX_THREAD_NUMBER	100
+
+#ifndef NOPROTO
+int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth,
+	int error,char *arg);
+void thread_setup(void);
+void thread_cleanup(void);
+void do_threads(SSL_CTX *s_ctx,SSL_CTX *c_ctx);
+
+void irix_locking_callback(int mode,int type,char *file,int line);
+void solaris_locking_callback(int mode,int type,char *file,int line);
+void win32_locking_callback(int mode,int type,char *file,int line);
+void pthreads_locking_callback(int mode,int type,char *file,int line);
+
+unsigned long irix_thread_id(void );
+unsigned long solaris_thread_id(void );
+unsigned long pthreads_thread_id(void );
+
+#else
+int MS_CALLBACK verify_callback();
+void thread_setup();
+void thread_cleanup();
+void do_threads();
+
+void irix_locking_callback();
+void solaris_locking_callback();
+void win32_locking_callback();
+void pthreads_locking_callback();
+
+unsigned long irix_thread_id();
+unsigned long solaris_thread_id();
+unsigned long pthreads_thread_id();
+
+#endif
+
+BIO *bio_err=NULL;
+BIO *bio_stdout=NULL;
+
+static char *cipher=NULL;
+int verbose=0;
+#ifdef FIONBIO
+static int s_nbio=0;
+#endif
+
+int thread_number=10;
+int number_of_loops=10;
+int reconnect=0;
+int cache_stats=0;
+
+#ifndef  NOPROTO
+int doit(char *ctx[4]);
+#else
+int doit();
+#endif
+
+static void print_stats(fp,ctx)
+FILE *fp;
+SSL_CTX *ctx;
+{
+	fprintf(fp,"%4ld items in the session cache\n",
+		SSL_CTX_sess_number(ctx));
+	fprintf(fp,"%4d client connects (SSL_connect())\n",
+		SSL_CTX_sess_connect(ctx));
+	fprintf(fp,"%4d client connects that finished\n",
+		SSL_CTX_sess_connect_good(ctx));
+	fprintf(fp,"%4d server connects (SSL_accept())\n",
+		SSL_CTX_sess_accept(ctx));
+	fprintf(fp,"%4d server connects that finished\n",
+		SSL_CTX_sess_accept_good(ctx));
+	fprintf(fp,"%4d session cache hits\n",SSL_CTX_sess_hits(ctx));
+	fprintf(fp,"%4d session cache misses\n",SSL_CTX_sess_misses(ctx));
+	fprintf(fp,"%4d session cache timeouts\n",SSL_CTX_sess_timeouts(ctx));
+	}
+
+static void sv_usage()
+	{
+	fprintf(stderr,"usage: ssltest [args ...]\n");
+	fprintf(stderr,"\n");
+	fprintf(stderr," -server_auth  - check server certificate\n");
+	fprintf(stderr," -client_auth  - do client authentication\n");
+	fprintf(stderr," -v            - more output\n");
+	fprintf(stderr," -CApath arg   - PEM format directory of CA's\n");
+	fprintf(stderr," -CAfile arg   - PEM format file of CA's\n");
+	fprintf(stderr," -threads arg  - number of threads\n");
+	fprintf(stderr," -loops arg    - number of 'connections', per thread\n");
+	fprintf(stderr," -reconnect    - reuse session-id's\n");
+	fprintf(stderr," -stats        - server session-id cache stats\n");
+	fprintf(stderr," -cert arg     - server certificate/key\n");
+	fprintf(stderr," -ccert arg    - client certificate/key\n");
+	fprintf(stderr," -ssl3         - just SSLv3n\n");
+	}
+
+int main(argc, argv)
+int argc;
+char *argv[];
+	{
+	char *CApath=NULL,*CAfile=NULL;
+	int badop=0;
+	int ret=1;
+	int client_auth=0;
+	int server_auth=0;
+	SSL_CTX *s_ctx=NULL;
+	SSL_CTX *c_ctx=NULL;
+	char *scert=TEST_SERVER_CERT;
+	char *ccert=TEST_CLIENT_CERT;
+	SSL_METHOD *ssl_method=SSLv23_method();
+
+	if (bio_err == NULL)
+		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+	if (bio_stdout == NULL)
+		bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE);
+	argc--;
+	argv++;
+
+	while (argc >= 1)
+		{
+		if	(strcmp(*argv,"-server_auth") == 0)
+			server_auth=1;
+		else if	(strcmp(*argv,"-client_auth") == 0)
+			client_auth=1;
+		else if	(strcmp(*argv,"-reconnect") == 0)
+			reconnect=1;
+		else if	(strcmp(*argv,"-stats") == 0)
+			cache_stats=1;
+		else if	(strcmp(*argv,"-ssl3") == 0)
+			ssl_method=SSLv3_method();
+		else if	(strcmp(*argv,"-ssl2") == 0)
+			ssl_method=SSLv2_method();
+		else if	(strcmp(*argv,"-CApath") == 0)
+			{
+			if (--argc < 1) goto bad;
+			CApath= *(++argv);
+			}
+		else if	(strcmp(*argv,"-CAfile") == 0)
+			{
+			if (--argc < 1) goto bad;
+			CAfile= *(++argv);
+			}
+		else if	(strcmp(*argv,"-cert") == 0)
+			{
+			if (--argc < 1) goto bad;
+			scert= *(++argv);
+			}
+		else if	(strcmp(*argv,"-ccert") == 0)
+			{
+			if (--argc < 1) goto bad;
+			ccert= *(++argv);
+			}
+		else if	(strcmp(*argv,"-threads") == 0)
+			{
+			if (--argc < 1) goto bad;
+			thread_number= atoi(*(++argv));
+			if (thread_number == 0) thread_number=1;
+			if (thread_number > MAX_THREAD_NUMBER)
+				thread_number=MAX_THREAD_NUMBER;
+			}
+		else if	(strcmp(*argv,"-loops") == 0)
+			{
+			if (--argc < 1) goto bad;
+			number_of_loops= atoi(*(++argv));
+			if (number_of_loops == 0) number_of_loops=1;
+			}
+		else
+			{
+			fprintf(stderr,"unknown option %s\n",*argv);
+			badop=1;
+			break;
+			}
+		argc--;
+		argv++;
+		}
+	if (badop)
+		{
+bad:
+		sv_usage();
+		goto end;
+		}
+
+	if (cipher == NULL) cipher=getenv("SSL_CIPHER");
+
+	SSL_load_error_strings();
+	SSLeay_add_ssl_algorithms();
+
+	c_ctx=SSL_CTX_new(ssl_method);
+	s_ctx=SSL_CTX_new(ssl_method);
+	if ((c_ctx == NULL) || (s_ctx == NULL))
+		{
+		ERR_print_errors(bio_err);
+		goto end;
+		}
+
+	SSL_CTX_set_session_cache_mode(s_ctx,
+		SSL_SESS_CACHE_NO_AUTO_CLEAR|SSL_SESS_CACHE_SERVER);
+	SSL_CTX_set_session_cache_mode(c_ctx,
+		SSL_SESS_CACHE_NO_AUTO_CLEAR|SSL_SESS_CACHE_SERVER);
+
+	SSL_CTX_use_certificate_file(s_ctx,scert,SSL_FILETYPE_PEM);
+	SSL_CTX_use_RSAPrivateKey_file(s_ctx,scert,SSL_FILETYPE_PEM);
+
+	if (client_auth)
+		{
+		SSL_CTX_use_certificate_file(c_ctx,ccert,
+			SSL_FILETYPE_PEM);
+		SSL_CTX_use_RSAPrivateKey_file(c_ctx,ccert,
+			SSL_FILETYPE_PEM);
+		}
+
+	if (	(!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
+		(!SSL_CTX_set_default_verify_paths(s_ctx)) ||
+		(!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
+		(!SSL_CTX_set_default_verify_paths(c_ctx)))
+		{
+		fprintf(stderr,"SSL_load_verify_locations\n");
+		ERR_print_errors(bio_err);
+		goto end;
+		}
+
+	if (client_auth)
+		{
+		fprintf(stderr,"client authentication\n");
+		SSL_CTX_set_verify(s_ctx,
+			SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+			verify_callback);
+		}
+	if (server_auth)
+		{
+		fprintf(stderr,"server authentication\n");
+		SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
+			verify_callback);
+		}
+
+	thread_setup();
+	do_threads(s_ctx,c_ctx);
+	thread_cleanup();
+end:
+	
+	if (c_ctx != NULL) 
+		{
+		fprintf(stderr,"Client SSL_CTX stats then free it\n");
+		print_stats(stderr,c_ctx);
+		SSL_CTX_free(c_ctx);
+		}
+	if (s_ctx != NULL)
+		{
+		fprintf(stderr,"Server SSL_CTX stats then free it\n");
+		print_stats(stderr,s_ctx);
+		if (cache_stats)
+			{
+			fprintf(stderr,"-----\n");
+			lh_stats(SSL_CTX_sessions(s_ctx),stderr);
+			fprintf(stderr,"-----\n");
+		/*	lh_node_stats(SSL_CTX_sessions(s_ctx),stderr);
+			fprintf(stderr,"-----\n"); */
+			lh_node_usage_stats(SSL_CTX_sessions(s_ctx),stderr);
+			fprintf(stderr,"-----\n");
+			}
+		SSL_CTX_free(s_ctx);
+		fprintf(stderr,"done free\n");
+		}
+	exit(ret);
+	return(0);
+	}
+
+#define W_READ	1
+#define W_WRITE	2
+#define C_DONE	1
+#define S_DONE	2
+
+int ndoit(ssl_ctx)
+SSL_CTX *ssl_ctx[2];
+	{
+	int i;
+	int ret;
+	char *ctx[4];
+
+	ctx[0]=(char *)ssl_ctx[0];
+	ctx[1]=(char *)ssl_ctx[1];
+
+	if (reconnect)
+		{
+		ctx[2]=(char *)SSL_new(ssl_ctx[0]);
+		ctx[3]=(char *)SSL_new(ssl_ctx[1]);
+		}
+	else
+		{
+		ctx[2]=NULL;
+		ctx[3]=NULL;
+		}
+
+	fprintf(stdout,"started thread %lu\n",CRYPTO_thread_id());
+	for (i=0; i<number_of_loops; i++)
+		{
+/*		fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n",
+			CRYPTO_thread_id(),i,
+			ssl_ctx[0]->references,
+			ssl_ctx[1]->references); */
+	/*	pthread_delay_np(&tm);*/
+
+		ret=doit(ctx);
+		if (ret != 0)
+			{
+			fprintf(stdout,"error[%d] %lu - %d\n",
+				i,CRYPTO_thread_id(),ret);
+			return(ret);
+			}
+		}
+	fprintf(stdout,"DONE %lu\n",CRYPTO_thread_id());
+	if (reconnect)
+		{
+		SSL_free((SSL *)ctx[2]);
+		SSL_free((SSL *)ctx[3]);
+		}
+	return(0);
+	}
+
+int doit(ctx)
+char *ctx[4];
+	{
+	SSL_CTX *s_ctx,*c_ctx;
+	static char cbuf[200],sbuf[200];
+	SSL *c_ssl=NULL;
+	SSL *s_ssl=NULL;
+	BIO *c_to_s=NULL;
+	BIO *s_to_c=NULL;
+	BIO *c_bio=NULL;
+	BIO *s_bio=NULL;
+	int c_r,c_w,s_r,s_w;
+	int c_want,s_want;
+	int i;
+	int done=0;
+	int c_write,s_write;
+	int do_server=0,do_client=0;
+
+	s_ctx=(SSL_CTX *)ctx[0];
+	c_ctx=(SSL_CTX *)ctx[1];
+
+	if (ctx[2] != NULL)
+		s_ssl=(SSL *)ctx[2];
+	else
+		s_ssl=SSL_new(s_ctx);
+
+	if (ctx[3] != NULL)
+		c_ssl=(SSL *)ctx[3];
+	else
+		c_ssl=SSL_new(c_ctx);
+
+	if ((s_ssl == NULL) || (c_ssl == NULL)) goto err;
+
+	c_to_s=BIO_new(BIO_s_mem());
+	s_to_c=BIO_new(BIO_s_mem());
+	if ((s_to_c == NULL) || (c_to_s == NULL)) goto err;
+
+	c_bio=BIO_new(BIO_f_ssl());
+	s_bio=BIO_new(BIO_f_ssl());
+	if ((c_bio == NULL) || (s_bio == NULL)) goto err;
+
+	SSL_set_connect_state(c_ssl);
+	SSL_set_bio(c_ssl,s_to_c,c_to_s);
+	BIO_set_ssl(c_bio,c_ssl,(ctx[2] == NULL)?BIO_CLOSE:BIO_NOCLOSE);
+
+	SSL_set_accept_state(s_ssl);
+	SSL_set_bio(s_ssl,c_to_s,s_to_c);
+	BIO_set_ssl(s_bio,s_ssl,(ctx[3] == NULL)?BIO_CLOSE:BIO_NOCLOSE);
+
+	c_r=0; s_r=1;
+	c_w=1; s_w=0;
+	c_want=W_WRITE;
+	s_want=0;
+	c_write=1,s_write=0;
+
+	/* We can always do writes */
+	for (;;)
+		{
+		do_server=0;
+		do_client=0;
+
+		i=(int)BIO_pending(s_bio);
+		if ((i && s_r) || s_w) do_server=1;
+
+		i=(int)BIO_pending(c_bio);
+		if ((i && c_r) || c_w) do_client=1;
+
+		if (do_server && verbose)
+			{
+			if (SSL_in_init(s_ssl))
+				printf("server waiting in SSL_accept - %s\n",
+					SSL_state_string_long(s_ssl));
+			else if (s_write)
+				printf("server:SSL_write()\n");
+			else 
+				printf("server:SSL_read()\n");
+			}
+
+		if (do_client && verbose)
+			{
+			if (SSL_in_init(c_ssl))
+				printf("client waiting in SSL_connect - %s\n",
+					SSL_state_string_long(c_ssl));
+			else if (c_write)
+				printf("client:SSL_write()\n");
+			else
+				printf("client:SSL_read()\n");
+			}
+
+		if (!do_client && !do_server)
+			{
+			fprintf(stdout,"ERROR IN STARTUP\n");
+			break;
+			}
+		if (do_client && !(done & C_DONE))
+			{
+			if (c_write)
+				{
+				i=BIO_write(c_bio,"hello from client\n",18);
+				if (i < 0)
+					{
+					c_r=0;
+					c_w=0;
+					if (BIO_should_retry(c_bio))
+						{
+						if (BIO_should_read(c_bio))
+							c_r=1;
+						if (BIO_should_write(c_bio))
+							c_w=1;
+						}
+					else
+						{
+						fprintf(stderr,"ERROR in CLIENT\n");
+						return(1);
+						}
+					}
+				else if (i == 0)
+					{
+					fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
+					return(1);
+					}
+				else
+					{
+					/* ok */
+					c_write=0;
+					}
+				}
+			else
+				{
+				i=BIO_read(c_bio,cbuf,100);
+				if (i < 0)
+					{
+					c_r=0;
+					c_w=0;
+					if (BIO_should_retry(c_bio))
+						{
+						if (BIO_should_read(c_bio))
+							c_r=1;
+						if (BIO_should_write(c_bio))
+							c_w=1;
+						}
+					else
+						{
+						fprintf(stderr,"ERROR in CLIENT\n");
+						return(1);
+						}
+					}
+				else if (i == 0)
+					{
+					fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
+					return(1);
+					}
+				else
+					{
+					done|=C_DONE;
+#ifdef undef
+					fprintf(stdout,"CLIENT:from server:");
+					fwrite(cbuf,1,i,stdout);
+					fflush(stdout);
+#endif
+					}
+				}
+			}
+
+		if (do_server && !(done & S_DONE))
+			{
+			if (!s_write)
+				{
+				i=BIO_read(s_bio,sbuf,100);
+				if (i < 0)
+					{
+					s_r=0;
+					s_w=0;
+					if (BIO_should_retry(s_bio))
+						{
+						if (BIO_should_read(s_bio))
+							s_r=1;
+						if (BIO_should_write(s_bio))
+							s_w=1;
+						}
+					else
+						{
+						fprintf(stderr,"ERROR in SERVER\n");
+						ERR_print_errors_fp(stderr);
+						return(1);
+						}
+					}
+				else if (i == 0)
+					{
+					fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
+					return(1);
+					}
+				else
+					{
+					s_write=1;
+					s_w=1;
+#ifdef undef
+					fprintf(stdout,"SERVER:from client:");
+					fwrite(sbuf,1,i,stdout);
+					fflush(stdout);
+#endif
+					}
+				}
+			else
+				{
+				i=BIO_write(s_bio,"hello from server\n",18);
+				if (i < 0)
+					{
+					s_r=0;
+					s_w=0;
+					if (BIO_should_retry(s_bio))
+						{
+						if (BIO_should_read(s_bio))
+							s_r=1;
+						if (BIO_should_write(s_bio))
+							s_w=1;
+						}
+					else
+						{
+						fprintf(stderr,"ERROR in SERVER\n");
+						ERR_print_errors_fp(stderr);
+						return(1);
+						}
+					}
+				else if (i == 0)
+					{
+					fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
+					return(1);
+					}
+				else
+					{
+					s_write=0;
+					s_r=1;
+					done|=S_DONE;
+					}
+				}
+			}
+
+		if ((done & S_DONE) && (done & C_DONE)) break;
+		}
+
+	SSL_set_shutdown(c_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+	SSL_set_shutdown(s_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+
+#ifdef undef
+	fprintf(stdout,"DONE\n");
+#endif
+err:
+	/* We have to set the BIO's to NULL otherwise they will be
+	 * free()ed twice.  Once when th s_ssl is SSL_free()ed and
+	 * again when c_ssl is SSL_free()ed.
+	 * This is a hack required because s_ssl and c_ssl are sharing the same
+	 * BIO structure and SSL_set_bio() and SSL_free() automatically
+	 * BIO_free non NULL entries.
+	 * You should not normally do this or be required to do this */
+
+	if (s_ssl != NULL)
+		{
+		s_ssl->rbio=NULL;
+		s_ssl->wbio=NULL;
+		}
+	if (c_ssl != NULL)
+		{
+		c_ssl->rbio=NULL;
+		c_ssl->wbio=NULL;
+		}
+
+	/* The SSL's are optionally freed in the following calls */
+	if (c_to_s != NULL) BIO_free(c_to_s);
+	if (s_to_c != NULL) BIO_free(s_to_c);
+
+	if (c_bio != NULL) BIO_free(c_bio);
+	if (s_bio != NULL) BIO_free(s_bio);
+	return(0);
+	}
+
+int MS_CALLBACK verify_callback(ok, xs, xi, depth, error, arg)
+int ok;
+X509 *xs;
+X509 *xi;
+int depth;
+int error;
+char *arg;
+	{
+	char buf[256];
+
+	if (verbose)
+		{
+		X509_NAME_oneline(X509_get_subject_name(xs),buf,256);
+		if (ok)
+			fprintf(stderr,"depth=%d %s\n",depth,buf);
+		else
+			fprintf(stderr,"depth=%d error=%d %s\n",depth,error,buf);
+		}
+	return(ok);
+	}
+
+#define THREAD_STACK_SIZE (16*1024)
+
+#ifdef WIN32
+
+static HANDLE lock_cs[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+	{
+	int i;
+
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		lock_cs[i]=CreateMutex(NULL,FALSE,NULL);
+		}
+
+	CRYPTO_set_locking_callback((void (*)(int,int,char *,int))win32_locking_callback);
+	/* id callback defined */
+	}
+
+void thread_cleanup()
+	{
+	int i;
+
+	CRYPTO_set_locking_callback(NULL);
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		CloseHandle(lock_cs[i]);
+	}
+
+void win32_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+	{
+	if (mode & CRYPTO_LOCK)
+		{
+		WaitForSingleObject(lock_cs[type],INFINITE);
+		}
+	else
+		{
+		ReleaseMutex(lock_cs[type]);
+		}
+	}
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+	{
+	double ret;
+	SSL_CTX *ssl_ctx[2];
+	DWORD thread_id[MAX_THREAD_NUMBER];
+	HANDLE thread_handle[MAX_THREAD_NUMBER];
+	int i;
+	SYSTEMTIME start,end;
+
+	ssl_ctx[0]=s_ctx;
+	ssl_ctx[1]=c_ctx;
+
+	GetSystemTime(&start);
+	for (i=0; i<thread_number; i++)
+		{
+		thread_handle[i]=CreateThread(NULL,
+			THREAD_STACK_SIZE,
+			(LPTHREAD_START_ROUTINE)ndoit,
+			(void *)ssl_ctx,
+			0L,
+			&(thread_id[i]));
+		}
+
+	printf("reaping\n");
+	for (i=0; i<thread_number; i+=50)
+		{
+		int j;
+
+		j=(thread_number < (i+50))?(thread_number-i):50;
+
+		if (WaitForMultipleObjects(j,
+			(CONST HANDLE *)&(thread_handle[i]),TRUE,INFINITE)
+			== WAIT_FAILED)
+			{
+			fprintf(stderr,"WaitForMultipleObjects failed:%d\n",GetLastError());
+			exit(1);
+			}
+		}
+	GetSystemTime(&end);
+
+	if (start.wDayOfWeek > end.wDayOfWeek) end.wDayOfWeek+=7;
+	ret=(end.wDayOfWeek-start.wDayOfWeek)*24;
+
+	ret=(ret+end.wHour-start.wHour)*60;
+	ret=(ret+end.wMinute-start.wMinute)*60;
+	ret=(ret+end.wSecond-start.wSecond);
+	ret+=(end.wMilliseconds-start.wMilliseconds)/1000.0;
+
+	printf("win32 threads done - %.3f seconds\n",ret);
+	}
+
+#endif /* WIN32 */
+
+#ifdef SOLARIS
+
+static mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+/*static rwlock_t lock_cs[CRYPTO_NUM_LOCKS]; */
+static long lock_count[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+	{
+	int i;
+
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		lock_count[i]=0;
+		/* rwlock_init(&(lock_cs[i]),USYNC_THREAD,NULL); */
+		mutex_init(&(lock_cs[i]),USYNC_THREAD,NULL);
+		}
+
+	CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
+	CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
+	}
+
+void thread_cleanup()
+	{
+	int i;
+
+	CRYPTO_set_locking_callback(NULL);
+fprintf(stderr,"cleanup\n");
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		/* rwlock_destroy(&(lock_cs[i])); */
+		mutex_destroy(&(lock_cs[i]));
+		fprintf(stderr,"%8ld:%s\n",lock_count[i],CRYPTO_get_lock_name(i));
+		}
+fprintf(stderr,"done cleanup\n");
+	}
+
+void solaris_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+	{
+#ifdef undef
+fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+	CRYPTO_thread_id(),
+	(mode&CRYPTO_LOCK)?"l":"u",
+	(type&CRYPTO_READ)?"r":"w",file,line);
+#endif
+
+/*
+if (CRYPTO_LOCK_SSL_CERT == type)
+	fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+		CRYPTO_thread_id(),
+		mode,file,line);
+*/
+	if (mode & CRYPTO_LOCK)
+		{
+	/*	if (mode & CRYPTO_READ)
+			rw_rdlock(&(lock_cs[type]));
+		else
+			rw_wrlock(&(lock_cs[type])); */
+
+		mutex_lock(&(lock_cs[type]));
+		lock_count[type]++;
+		}
+	else
+		{
+/*		rw_unlock(&(lock_cs[type]));  */
+		mutex_unlock(&(lock_cs[type]));
+		}
+	}
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+	{
+	SSL_CTX *ssl_ctx[2];
+	thread_t thread_ctx[MAX_THREAD_NUMBER];
+	int i;
+
+	ssl_ctx[0]=s_ctx;
+	ssl_ctx[1]=c_ctx;
+
+	thr_setconcurrency(thread_number);
+	for (i=0; i<thread_number; i++)
+		{
+		thr_create(NULL, THREAD_STACK_SIZE,
+			(void *(*)())ndoit,
+			(void *)ssl_ctx,
+			0L,
+			&(thread_ctx[i]));
+		}
+
+	printf("reaping\n");
+	for (i=0; i<thread_number; i++)
+		{
+		thr_join(thread_ctx[i],NULL,NULL);
+		}
+
+	printf("solaris threads done (%d,%d)\n",
+		s_ctx->references,c_ctx->references);
+	}
+
+unsigned long solaris_thread_id()
+	{
+	unsigned long ret;
+
+	ret=(unsigned long)thr_self();
+	return(ret);
+	}
+#endif /* SOLARIS */
+
+#ifdef IRIX
+
+
+static usptr_t *arena;
+static usema_t *lock_cs[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+	{
+	int i;
+	char filename[20];
+
+	strcpy(filename,"/tmp/mttest.XXXXXX");
+	mktemp(filename);
+
+	usconfig(CONF_STHREADIOOFF);
+	usconfig(CONF_STHREADMALLOCOFF);
+	usconfig(CONF_INITUSERS,100);
+	usconfig(CONF_LOCKTYPE,US_DEBUGPLUS);
+	arena=usinit(filename);
+	unlink(filename);
+
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		lock_cs[i]=usnewsema(arena,1);
+		}
+
+	CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id);
+	CRYPTO_set_locking_callback((void (*)())irix_locking_callback);
+	}
+
+void thread_cleanup()
+	{
+	int i;
+
+	CRYPTO_set_locking_callback(NULL);
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		char buf[10];
+
+		sprintf(buf,"%2d:",i);
+		usdumpsema(lock_cs[i],stdout,buf);
+		usfreesema(lock_cs[i],arena);
+		}
+	}
+
+void irix_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+	{
+	if (mode & CRYPTO_LOCK)
+		{
+		printf("lock %d\n",type);
+		uspsema(lock_cs[type]);
+		}
+	else
+		{
+		printf("unlock %d\n",type);
+		usvsema(lock_cs[type]);
+		}
+	}
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+	{
+	SSL_CTX *ssl_ctx[2];
+	int thread_ctx[MAX_THREAD_NUMBER];
+	int i;
+
+	ssl_ctx[0]=s_ctx;
+	ssl_ctx[1]=c_ctx;
+
+	for (i=0; i<thread_number; i++)
+		{
+		thread_ctx[i]=sproc((void (*)())ndoit,
+			PR_SADDR|PR_SFDS,(void *)ssl_ctx);
+		}
+
+	printf("reaping\n");
+	for (i=0; i<thread_number; i++)
+		{
+		wait(NULL);
+		}
+
+	printf("irix threads done (%d,%d)\n",
+		s_ctx->references,c_ctx->references);
+	}
+
+unsigned long irix_thread_id()
+	{
+	unsigned long ret;
+
+	ret=(unsigned long)getpid();
+	return(ret);
+	}
+#endif /* IRIX */
+
+#ifdef PTHREADS
+
+static pthread_mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+static long lock_count[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+	{
+	int i;
+
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		lock_count[i]=0;
+		pthread_mutex_init(&(lock_cs[i]),NULL);
+		}
+
+	CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
+	CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
+	}
+
+void thread_cleanup()
+	{
+	int i;
+
+	CRYPTO_set_locking_callback(NULL);
+	fprintf(stderr,"cleanup\n");
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		pthread_mutex_destroy(&(lock_cs[i]));
+		fprintf(stderr,"%8ld:%s\n",lock_count[i],
+			CRYPTO_get_lock_name(i));
+		}
+	fprintf(stderr,"done cleanup\n");
+	}
+
+void pthreads_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+      {
+#ifdef undef
+	fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+		CRYPTO_thread_id(),
+		(mode&CRYPTO_LOCK)?"l":"u",
+		(type&CRYPTO_READ)?"r":"w",file,line);
+#endif
+/*
+	if (CRYPTO_LOCK_SSL_CERT == type)
+		fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+		CRYPTO_thread_id(),
+		mode,file,line);
+*/
+	if (mode & CRYPTO_LOCK)
+		{
+		pthread_mutex_lock(&(lock_cs[type]));
+		lock_count[type]++;
+		}
+	else
+		{
+		pthread_mutex_unlock(&(lock_cs[type]));
+		}
+	}
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+	{
+	SSL_CTX *ssl_ctx[2];
+	pthread_t thread_ctx[MAX_THREAD_NUMBER];
+	int i;
+
+	ssl_ctx[0]=s_ctx;
+	ssl_ctx[1]=c_ctx;
+
+	/*
+	thr_setconcurrency(thread_number);
+	*/
+	for (i=0; i<thread_number; i++)
+		{
+		pthread_create(&(thread_ctx[i]), NULL,
+			(void *(*)())ndoit, (void *)ssl_ctx);
+		}
+
+	printf("reaping\n");
+	for (i=0; i<thread_number; i++)
+		{
+		pthread_join(thread_ctx[i],NULL);
+		}
+
+	printf("pthreads threads done (%d,%d)\n",
+	s_ctx->references,c_ctx->references);
+	}
+
+unsigned long pthreads_thread_id()
+	{
+	unsigned long ret;
+
+	ret=(unsigned long)pthread_self();
+	return(ret);
+	}
+
+#endif /* PTHREADS */
+
+
+
diff --git a/crypto/threads/th-lock.c b/crypto/threads/th-lock.c
new file mode 100644
index 0000000000..039022446d
--- /dev/null
+++ b/crypto/threads/th-lock.c
@@ -0,0 +1,399 @@
+/* crypto/threads/th-lock.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#ifdef LINUX
+#include <typedefs.h>
+#endif
+#ifdef WIN32
+#include <windows.h>
+#endif
+#ifdef SOLARIS
+#include <synch.h>
+#include <thread.h>
+#endif
+#ifdef IRIX
+#include <ulocks.h>
+#include <sys/prctl.h>
+#endif
+#include "lhash.h"
+#include "crypto.h"
+#include "buffer.h"
+#include "e_os.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+
+#ifndef NOPROTO
+int CRYPTO_thread_setup(void);
+void CRYPTO_thread_cleanup(void);
+
+static void irix_locking_callback(int mode,int type,char *file,int line);
+static void solaris_locking_callback(int mode,int type,char *file,int line);
+static void win32_locking_callback(int mode,int type,char *file,int line);
+static void pthreads_locking_callback(int mode,int type,char *file,int line);
+
+static unsigned long irix_thread_id(void );
+static unsigned long solaris_thread_id(void );
+static unsigned long pthreads_thread_id(void );
+
+#else
+int CRYPOTO_thread_setup();
+void CRYPTO_cleanup();
+
+static void irix_locking_callback();
+static void solaris_locking_callback();
+static void win32_locking_callback();
+static void pthreads_locking_callback();
+
+static unsigned long irix_thread_id();
+static unsigned long solaris_thread_id();
+static unsigned long pthreads_thread_id();
+
+#endif
+
+/* usage:
+ * CRYPTO_thread_setup();
+ * applicaion code
+ * CRYPTO_thread_cleanup();
+ */
+
+#define THREAD_STACK_SIZE (16*1024)
+
+#ifdef WIN32
+
+static HANDLE lock_cs[CRYPTO_NUM_LOCKS];
+
+int CRYPTO_thread_setup()
+	{
+	int i;
+
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		lock_cs[i]=CreateMutex(NULL,FALSE,NULL);
+		}
+
+	CRYPTO_set_locking_callback((void (*)(int,int,char *,int))win32_locking_callback);
+	/* id callback defined */
+	return(1);
+	}
+
+static void CRYPTO_thread_cleanup()
+	{
+	int i;
+
+	CRYPTO_set_locking_callback(NULL);
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		CloseHandle(lock_cs[i]);
+	}
+
+void win32_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+	{
+	if (mode & CRYPTO_LOCK)
+		{
+		WaitForSingleObject(lock_cs[type],INFINITE);
+		}
+	else
+		{
+		ReleaseMutex(lock_cs[type]);
+		}
+	}
+
+#endif /* WIN32 */
+
+#ifdef SOLARIS
+
+#define USE_MUTEX
+
+static mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+#ifdef USE_MUTEX
+static long lock_count[CRYPTO_NUM_LOCKS];
+#else
+static rwlock_t lock_cs[CRYPTO_NUM_LOCKS];
+#endif
+
+void CRYPTO_thread_setup()
+	{
+	int i;
+
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		lock_count[i]=0;
+#ifdef USE_MUTEX
+		mutex_init(&(lock_cs[i]),USYNC_THREAD,NULL);
+#else
+		rwlock_init(&(lock_cs[i]),USYNC_THREAD,NULL);
+#endif
+		}
+
+	CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
+	CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
+	}
+
+void CRYPTO_thread_cleanup()
+	{
+	int i;
+
+	CRYPTO_set_locking_callback(NULL);
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+#ifdef USE_MUTEX
+		mutex_destroy(&(lock_cs[i]));
+#else
+		rwlock_destroy(&(lock_cs[i]));
+#endif
+		}
+	}
+
+void solaris_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+	{
+#if 0
+	fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+		CRYPTO_thread_id(),
+		(mode&CRYPTO_LOCK)?"l":"u",
+		(type&CRYPTO_READ)?"r":"w",file,line);
+#endif
+
+#if 0
+	if (CRYPTO_LOCK_SSL_CERT == type)
+		fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+			CRYPTO_thread_id(),
+			mode,file,line);
+#endif
+	if (mode & CRYPTO_LOCK)
+		{
+#ifdef USE_MUTEX
+		mutex_lock(&(lock_cs[type]));
+#else
+		if (mode & CRYPTO_READ)
+			rw_rdlock(&(lock_cs[type]));
+		else
+			rw_wrlock(&(lock_cs[type]));
+#endif
+		lock_count[type]++;
+		}
+	else
+		{
+#ifdef USE_MUTEX
+		mutex_unlock(&(lock_cs[type]));
+#else
+		rw_unlock(&(lock_cs[type]));
+#endif
+		}
+	}
+
+unsigned long solaris_thread_id()
+	{
+	unsigned long ret;
+
+	ret=(unsigned long)thr_self();
+	return(ret);
+	}
+#endif /* SOLARIS */
+
+#ifdef IRIX
+/* I don't think this works..... */
+
+static usptr_t *arena;
+static usema_t *lock_cs[CRYPTO_NUM_LOCKS];
+
+void CRYPTO_thread_setup()
+	{
+	int i;
+	char filename[20];
+
+	strcpy(filename,"/tmp/mttest.XXXXXX");
+	mktemp(filename);
+
+	usconfig(CONF_STHREADIOOFF);
+	usconfig(CONF_STHREADMALLOCOFF);
+	usconfig(CONF_INITUSERS,100);
+	usconfig(CONF_LOCKTYPE,US_DEBUGPLUS);
+	arena=usinit(filename);
+	unlink(filename);
+
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		lock_cs[i]=usnewsema(arena,1);
+		}
+
+	CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id);
+	CRYPTO_set_locking_callback((void (*)())irix_locking_callback);
+	}
+
+void CRYPTO_thread_cleanup()
+	{
+	int i;
+
+	CRYPTO_set_locking_callback(NULL);
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		char buf[10];
+
+		sprintf(buf,"%2d:",i);
+		usdumpsema(lock_cs[i],stdout,buf);
+		usfreesema(lock_cs[i],arena);
+		}
+	}
+
+void irix_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+	{
+	if (mode & CRYPTO_LOCK)
+		{
+		uspsema(lock_cs[type]);
+		}
+	else
+		{
+		usvsema(lock_cs[type]);
+		}
+	}
+
+unsigned long irix_thread_id()
+	{
+	unsigned long ret;
+
+	ret=(unsigned long)getpid();
+	return(ret);
+	}
+#endif /* IRIX */
+
+/* Linux and a few others */
+#ifdef PTHREADS
+
+static pthread_mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+static long lock_count[CRYPTO_NUM_LOCKS];
+
+void CRYPTO_thread_setup()
+	{
+	int i;
+
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		lock_count[i]=0;
+		pthread_mutex_init(&(lock_cs[i]),NULL);
+		}
+
+	CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
+	CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
+	}
+
+void thread_cleanup()
+	{
+	int i;
+
+	CRYPTO_set_locking_callback(NULL);
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		pthread_mutex_destroy(&(lock_cs[i]));
+		}
+	}
+
+void pthreads_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+      {
+#if 0
+	fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+		CRYPTO_thread_id(),
+		(mode&CRYPTO_LOCK)?"l":"u",
+		(type&CRYPTO_READ)?"r":"w",file,line);
+#endif
+#if 0
+	if (CRYPTO_LOCK_SSL_CERT == type)
+		fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+		CRYPTO_thread_id(),
+		mode,file,line);
+#endif
+	if (mode & CRYPTO_LOCK)
+		{
+		pthread_mutex_lock(&(lock_cs[type]));
+		lock_count[type]++;
+		}
+	else
+		{
+		pthread_mutex_unlock(&(lock_cs[type]));
+		}
+	}
+
+unsigned long pthreads_thread_id()
+	{
+	unsigned long ret;
+
+	ret=(unsigned long)pthread_self();
+	return(ret);
+	}
+
+#endif /* PTHREADS */
+
diff --git a/crypto/tmdiff.c b/crypto/tmdiff.c
new file mode 100644
index 0000000000..b93799fc03
--- /dev/null
+++ b/crypto/tmdiff.c
@@ -0,0 +1,217 @@
+/* crypto/tmdiff.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <stdlib.h>
+
+#ifndef MSDOS
+#  ifndef WIN32
+#  define TIMES
+#  endif
+#endif
+
+#ifndef VMS
+#  ifndef _IRIX
+#   include <time.h>
+#  endif
+#  ifdef TIMES
+#    include <sys/types.h>
+#    include <sys/times.h>
+#  endif
+#else /* VMS */
+#  include <types.h>
+	struct tms {
+		time_t tms_utime;
+		time_t tms_stime;
+		time_t tms_uchild;      /* I dunno...  */
+		time_t tms_uchildsys;   /* so these names are a guess :-) */
+		}
+#endif /* VMS */
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef WIN32
+#include <windows.h>
+#endif
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
+#   ifndef VMS
+#    define HZ  100.0
+#   else /* VMS */
+#    define HZ  100.0
+#   endif
+#  else /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+typedef struct ms_tm
+	{
+#ifdef TIMES
+	struct tms ms_tms;
+#else
+#  ifdef WIN32
+	HANDLE thread_id;
+	FILETIME ms_win32;
+#  else
+	struct timeb ms_timeb;
+#  endif
+#endif
+	} MS_TM;
+
+char *ms_time_init()
+	{
+	MS_TM *ret;
+
+	ret=malloc(sizeof(MS_TM));
+	if (ret == NULL)
+		return(NULL);
+	memset(ret,0,sizeof(MS_TM));
+#ifdef WIN32
+	ret->thread_id=GetCurrentThread();
+#endif
+	return((char *)ret);
+	}
+
+void ms_time_final(a)
+char *a;
+	{
+	if (a != NULL)
+		free(a);
+	}
+
+void ms_time_get(a)
+char *a;
+	{
+	MS_TM *tm=(MS_TM *)a;
+    FILETIME tmpa,tmpb,tmpc;
+
+#ifdef TIMES
+    printf("AAA\n");
+	times(&tm->ms_tms);
+#else
+#  ifdef WIN32
+	GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32));
+#  else
+    printf("CCC\n");
+	ftime(tm->ms_timeb);
+#  endif
+#endif
+	}
+
+double ms_time_diff(ap,bp)
+char *ap,*bp;
+	{
+	MS_TM *a=(MS_TM *)ap;
+	MS_TM *b=(MS_TM *)bp;
+	double ret;
+
+#ifdef TIMES
+	ret=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ;
+#else
+# ifdef WIN32
+	ret =(double)(b->ms_win32.dwHighDateTime&0x000fffff)*10+
+		b->ms_win32.dwLowDateTime/1e7;
+	ret-=(double)(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7;
+# else
+	ret=	 (double)(b->time-a->time)+
+		((double)((unsigned long)b->mullitm-(unsigned long)))/1000.0;
+#  endif
+#endif
+	return((ret < 0.0000001)?0.0000001:ret);
+	}
+
+int ms_time_cmp(ap,bp)
+char *ap,*bp;
+	{
+	MS_TM *a=(MS_TM *)ap,*b=(MS_TM *)bp;
+	double d;
+	int ret;
+
+#ifdef TIMES
+	d=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ;
+#else
+# ifdef WIN32
+	d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7;
+	d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7;
+# else
+	d=	 (double)(b->time-a->time)+
+		((double)((unsigned long)b->mullitm-(unsigned long)))/1000.0;
+#  endif
+#endif
+	if (d == 0.0)
+		ret=0;
+	else if (d < 0)
+		ret= -1;
+	else
+		ret=1;
+	return(ret);
+	}
+
diff --git a/crypto/txt_db/txt_db.c b/crypto/txt_db/txt_db.c
index ae8db3917b..e34ce4efa9 100644
--- a/crypto/txt_db/txt_db.c
+++ b/crypto/txt_db/txt_db.c
@@ -1,5 +1,5 @@
 /* crypto/txt_db/txt_db.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -66,7 +66,7 @@
 #undef BUFSIZE
 #define BUFSIZE	512
 
-char *TXT_DB_version="TXT_DB part of SSLeay 0.8.1b 29-Jun-1998";
+char *TXT_DB_version="TXT_DB part of SSLeay 0.9.0b 29-Jun-1998";
 
 TXT_DB *TXT_DB_read(in,num)
 BIO *in;
@@ -157,7 +157,7 @@ int num;
 		*(p++)='\0';
 		if ((n != num) || (*f != '\0'))
 			{
-#ifndef WIN16	/* temporaty fix :-( */
+#if !defined(NO_STDIO) && !defined(WIN16)	/* temporaty fix :-( */
 			fprintf(stderr,"wrong number of fields on line %ld\n",ln);
 #endif
 			er=2;
@@ -166,7 +166,7 @@ int num;
 		pp[n]=p;
 		if (!sk_push(ret->data,(char *)pp))
 			{
-#ifndef WIN16	/* temporaty fix :-( */
+#if !defined(NO_STDIO) && !defined(WIN16)	/* temporaty fix :-( */
 			fprintf(stderr,"failure in sk_push\n");
 #endif
 			er=2;
@@ -178,7 +178,7 @@ err:
 	BUF_MEM_free(buf);
 	if (er)
 		{
-#ifndef WIN16
+#if !defined(NO_STDIO) && !defined(WIN16)
 		if (er == 1) fprintf(stderr,"Malloc failure\n");
 #endif
 		if (ret->data != NULL) sk_free(ret->data);
diff --git a/crypto/txt_db/txt_db.h b/crypto/txt_db/txt_db.h
index 4775d5ecce..aca6dae393 100644
--- a/crypto/txt_db/txt_db.h
+++ b/crypto/txt_db/txt_db.h
@@ -1,5 +1,5 @@
 /* crypto/txt_db/txt_db.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/x509/Makefile.ssl b/crypto/x509/Makefile.ssl
index e54a74d1e8..1c1ca2ffa0 100644
--- a/crypto/x509/Makefile.ssl
+++ b/crypto/x509/Makefile.ssl
@@ -91,6 +91,6 @@ clean:
 
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 6676a2e404..11725ec94c 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -1,5 +1,5 @@
 /* crypto/x509/by_dir.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -250,21 +250,46 @@ X509_NAME *name;
 X509_OBJECT *ret;
 	{
 	BY_DIR *ctx;
-	X509 st_x509;
-	X509_CINF st_x509_cinf;
+	union	{
+		struct	{
+			X509 st_x509;
+			X509_CINF st_x509_cinf;
+			} x509;
+		struct	{
+			X509_CRL st_crl;
+			X509_CRL_INFO st_crl_info;
+			} crl;
+		} data;
 	int ok=0;
 	int i,j,k;
 	unsigned long h;
 	BUF_MEM *b=NULL;
 	struct stat st;
 	X509_OBJECT stmp,*tmp;
+	char *postfix="";
 
 	if (name == NULL) return(0);
 
-	st_x509.cert_info= &st_x509_cinf;
-	st_x509_cinf.subject=name;
-	stmp.data.x509= &st_x509;
 	stmp.type=type;
+	if (type == X509_LU_X509)
+		{
+		data.x509.st_x509.cert_info= &data.x509.st_x509_cinf;
+		data.x509.st_x509_cinf.subject=name;
+		stmp.data.x509= &data.x509.st_x509;
+		postfix="";
+		}
+	else if (type == X509_LU_CRL)
+		{
+		data.crl.st_crl.crl= &data.crl.st_crl_info;
+		data.crl.st_crl_info.issuer=name;
+		stmp.data.crl= &data.crl.st_crl;
+		postfix="r";
+		}
+	else
+		{
+		X509err(X509_F_GET_CERT_BY_SUBJECT,X509_R_WRONG_LOOKUP_TYPE);
+		goto finish;
+		}
 
 	if ((b=BUF_MEM_new()) == NULL)
 		{
@@ -277,7 +302,7 @@ X509_OBJECT *ret;
 	h=X509_NAME_hash(name);
 	for (i=0; i<ctx->num_dirs; i++)
 		{
-		j=strlen(ctx->dirs[i])+1+8+6+1;
+		j=strlen(ctx->dirs[i])+1+8+6+1+1;
 		if (!BUF_MEM_grow(b,j))
 			{
 			X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE);
@@ -286,14 +311,25 @@ X509_OBJECT *ret;
 		k=0;
 		for (;;)
 			{
-			sprintf(b->data,"%s/%08lx.%d",ctx->dirs[i],h,k);
+			sprintf(b->data,"%s/%08lx.%s%d",ctx->dirs[i],h,
+				postfix,k);
 			k++;
 			if (stat(b->data,&st) < 0)
 				break;
 			/* found one. */
-			if ((X509_load_cert_file(xl,b->data,
-				ctx->dirs_type[i])) == 0)
+			if (type == X509_LU_X509)
+				{
+				if ((X509_load_cert_file(xl,b->data,
+					ctx->dirs_type[i])) == 0)
+					break;
+				}
+			else if (type == X509_LU_CRL)
+				{
+				if ((X509_load_crl_file(xl,b->data,
+					ctx->dirs_type[i])) == 0)
 					break;
+				}
+			/* else case will caught higher up */
 			}
 
 		/* we have added it to the cache so now pull
@@ -307,7 +343,10 @@ X509_OBJECT *ret;
 			{
 			ok=1;
 			ret->type=tmp->type;
-			ret->data.x509=tmp->data.x509;
+			memcpy(&ret->data,&tmp->data,sizeof(ret->data));
+			/* If we were going to up the reference count,
+			 * we would need to do it on a perl 'type'
+			 * basis */
 	/*		CRYPTO_add(&tmp->data.x509->references,1,
 				CRYPTO_LOCK_X509);*/
 			goto finish;
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
index 2dac28f542..09ebb9bf08 100644
--- a/crypto/x509/by_file.c
+++ b/crypto/x509/by_file.c
@@ -1,5 +1,5 @@
 /* crypto/x509/by_file.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -68,6 +68,8 @@
 #include "x509.h"
 #include "pem.h"
 
+#ifndef NO_STDIO
+
 #ifndef NOPROTO
 static int by_file_ctrl(X509_LOOKUP *ctx,int cmd,char *argc,
 	long argl,char **ret);
@@ -101,7 +103,7 @@ char *argp;
 long argl;
 char **ret;
 	{
-	int ok=0;
+	int ok=0,ok2=0;
 	char *file;
 
 	switch (cmd)
@@ -111,7 +113,9 @@ char **ret;
 			{
 			ok=X509_load_cert_file(ctx,X509_get_default_cert_file(),
 				X509_FILETYPE_PEM);
-			if (!ok)
+			ok2=X509_load_crl_file(ctx,X509_get_default_cert_file(),
+				X509_FILETYPE_PEM);
+			if (!ok || !ok2)
 				{
 				X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS);
 				}
@@ -120,13 +124,18 @@ char **ret;
 				file=(char *)Getenv(X509_get_default_cert_file_env());
 				ok=X509_load_cert_file(ctx,file,
 					X509_FILETYPE_PEM);
+				ok2=X509_load_crl_file(ctx,file,
+					X509_FILETYPE_PEM);
 				}
 			}
 		else
+			{
 			ok=X509_load_cert_file(ctx,argp,(int)argl);
+			ok2=X509_load_crl_file(ctx,argp,(int)argl);
+			}
 		break;
 		}
-	return(ok);
+	return((ok && ok2)?ok:0);
 	}
 
 int X509_load_cert_file(ctx,file,type)
@@ -140,11 +149,7 @@ int type;
 	X509 *x=NULL;
 
 	if (file == NULL) return(1);
-#ifndef WIN16
-	in=BIO_new(BIO_s_file());
-#else
-	in=BIO_new(BIO_s_file_internal_w16());
-#endif
+	in=BIO_new(BIO_s_file_internal());
 
 	if ((in == NULL) || (BIO_read_filename(in,file) <= 0))
 		{
@@ -203,3 +208,75 @@ err:
 	return(ret);
 	}
 
+int X509_load_crl_file(ctx,file,type)
+X509_LOOKUP *ctx;
+char *file;
+int type;
+	{
+	int ret=0;
+	BIO *in=NULL;
+	int i,count=0;
+	X509_CRL *x=NULL;
+
+	if (file == NULL) return(1);
+	in=BIO_new(BIO_s_file_internal());
+
+	if ((in == NULL) || (BIO_read_filename(in,file) <= 0))
+		{
+		X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_SYS_LIB);
+		goto err;
+		}
+
+	if (type == X509_FILETYPE_PEM)
+		{
+		for (;;)
+			{
+			x=PEM_read_bio_X509_CRL(in,NULL,NULL);
+			if (x == NULL)
+				{
+				if ((ERR_GET_REASON(ERR_peek_error()) ==
+					PEM_R_NO_START_LINE) && (count > 0))
+					{
+					ERR_clear_error();
+					break;
+					}
+				else
+					{
+					X509err(X509_F_X509_LOAD_CRL_FILE,
+						ERR_R_PEM_LIB);
+					goto err;
+					}
+				}
+			i=X509_STORE_add_crl(ctx->store_ctx,x);
+			if (!i) goto err;
+			count++;
+			X509_CRL_free(x);
+			x=NULL;
+			}
+		ret=count;
+		}
+	else if (type == X509_FILETYPE_ASN1)
+		{
+		x=d2i_X509_CRL_bio(in,NULL);
+		if (x == NULL)
+			{
+			X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_ASN1_LIB);
+			goto err;
+			}
+		i=X509_STORE_add_crl(ctx->store_ctx,x);
+		if (!i) goto err;
+		ret=i;
+		}
+	else
+		{
+		X509err(X509_F_X509_LOAD_CRL_FILE,X509_R_BAD_X509_FILETYPE);
+		goto err;
+		}
+err:
+	if (x != NULL) X509_CRL_free(x);
+	if (in != NULL) BIO_free(in);
+	return(ret);
+	}
+
+#endif /* NO_STDIO */
+
diff --git a/crypto/x509/v3_net.c b/crypto/x509/v3_net.c
index 5e79a57f03..0c2d276d13 100644
--- a/crypto/x509/v3_net.c
+++ b/crypto/x509/v3_net.c
@@ -1,5 +1,5 @@
 /* crypto/x509/v3_net.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -66,9 +66,9 @@
 #define NETSCAPE_X509_EXT_NUM	8
 
 static X509_EXTENSION_METHOD netscape_x509_ext[NETSCAPE_X509_EXT_NUM]={
-{NID_netscape_ca_policy_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_netscape_ssl_server_name,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_netscape_revocation_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_ca_policy_url,	V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_ssl_server_name,	V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_revocation_url,	V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
 {NID_netscape_base_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
 {NID_netscape_cert_type,V_ASN1_BIT_STRING,X509_EXT_PACK_STRING},
 {NID_netscape_ca_revocation_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
diff --git a/crypto/x509/v3_x509.c b/crypto/x509/v3_x509.c
index 57a7b17df1..f685aa4c71 100644
--- a/crypto/x509/v3_x509.c
+++ b/crypto/x509/v3_x509.c
@@ -1,5 +1,5 @@
 /* crypto/x509/v3_x509.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -57,32 +57,197 @@
  */
 
 #include <stdio.h>
+#include <ctype.h>
 #include "stack.h"
 #include "cryptlib.h"
+#include "bio.h"
 #include "asn1.h"
 #include "objects.h"
 #include "x509.h"
 
+#if 0
+static int i2a_key_usage(BIO *bp, X509 *x);
+static int a2i_key_usage(X509 *x, char *str, int len);
+#endif
+
+int X509v3_get_key_usage(X509 *x);
+int X509v3_set_key_usage(X509 *x,unsigned int use);
+int i2a_X509v3_key_usage(BIO *bp, unsigned int use);
+unsigned int a2i_X509v3_key_usage(char *p);
+
 #define STD_X509_EXT_NUM	9
 
-static X509_EXTENSION_METHOD std_x509_ext[STD_X509_EXT_NUM]={
-{NID_subject_key_identifier,	V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_key_usage,			V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_private_key_usage_period,	V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_subject_alt_name,		V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_issuer_alt_name,		V_ASN1_BIT_STRING,X509_EXT_PACK_STRING},
-{NID_basic_constraints,		V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_crl_number,		V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_certificate_policies,	V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_authority_key_identifier,  V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+#if 0
+static X509_OBJECTS std_x509_ext[STD_X509_EXT_NUM]={
+{NID_subject_key_identifier,	NULL,NULL},
+{NID_key_usage,			a2i_key_usage,i2a_key_usage}, /**/
+{NID_private_key_usage_period,	NULL,NULL},
+{NID_subject_alt_name,		NULL,NULL},
+{NID_issuer_alt_name,		NULL,NULL},
+{NID_basic_constraints,		NULL,NULL},
+{NID_crl_number,		NULL,NULL},
+{NID_certificate_policies,	NULL,NULL},
+{NID_authority_key_identifier,  NULL,NULL},
 	};
+#endif
 
 int X509v3_add_standard_extensions()
 	{
-	int i;
 
+#if 0
 	for (i=0; i<STD_X509_EXT_NUM; i++)
 		if (!X509v3_add_extension(&(std_x509_ext[i])))
 			return(0);
+#endif
+	return(1);
+	}
+
+int X509v3_get_key_usage(x)
+X509 *x;
+	{
+	X509_EXTENSION *ext;
+	ASN1_STRING *st;
+	char *p;
+	int i;
+
+	i=X509_get_ext_by_NID(x,NID_key_usage,-1);
+	if (i < 0) return(X509v3_KU_UNDEF);
+	ext=X509_get_ext(x,i);
+	st=X509v3_unpack_string(NULL,V_ASN1_BIT_STRING,
+		X509_EXTENSION_get_data(X509_get_ext(x,i)));
+
+	p=(char *)ASN1_STRING_data(st);
+	if (ASN1_STRING_length(st) == 1)
+		i=p[0];
+	else if (ASN1_STRING_length(st) == 2)
+		i=p[0]|(p[1]<<8);
+	else
+		i=0;
+	return(i);
+	}
+
+static struct
+	{
+	char *name;
+	unsigned int value;
+	} key_usage_data[] ={
+	{"digitalSignature",	X509v3_KU_DIGITAL_SIGNATURE},
+	{"nonRepudiation",	X509v3_KU_NON_REPUDIATION},
+	{"keyEncipherment",	X509v3_KU_KEY_ENCIPHERMENT},
+	{"dataEncipherment",	X509v3_KU_DATA_ENCIPHERMENT},
+	{"keyAgreement",	X509v3_KU_KEY_AGREEMENT},
+	{"keyCertSign",		X509v3_KU_KEY_CERT_SIGN},
+	{"cRLSign",		X509v3_KU_CRL_SIGN},
+	{"encipherOnly",	X509v3_KU_ENCIPHER_ONLY},
+	{"decipherOnly",	X509v3_KU_DECIPHER_ONLY},
+	{NULL,0},
+	};
+
+#if 0
+static int a2i_key_usage(x,str,len)
+X509 *x;
+char *str;
+int len;
+	{
+	return(X509v3_set_key_usage(x,a2i_X509v3_key_usage(str)));
+	}
+
+static int i2a_key_usage(bp,x)
+BIO *bp;
+X509 *x;
+	{
+	return(i2a_X509v3_key_usage(bp,X509v3_get_key_usage(x)));
+	}
+#endif
+
+int i2a_X509v3_key_usage(bp,use)
+BIO *bp;
+unsigned int use;
+	{
+	int i=0,first=1;
+
+	for (;;)
+		{
+		if (use | key_usage_data[i].value)
+			{
+			BIO_printf(bp,"%s%s",((first)?"":" "),
+				key_usage_data[i].name);
+			first=0;
+			}
+		}
 	return(1);
 	}
+
+unsigned int a2i_X509v3_key_usage(p)
+char *p;
+	{
+	unsigned int ret=0;
+	char *q,*s;
+	int i,n;
+
+	q=p;
+	for (;;)
+		{
+		while ((*q != '\0') && isalnum(*q))
+			q++;
+		if (*q == '\0') break;
+		s=q++;
+		while (isalnum(*q))
+			q++;
+		n=q-s;
+		i=0;
+		for (;;)
+			{
+			if (strncmp(key_usage_data[i].name,s,n) == 0)
+				{
+				ret|=key_usage_data[i].value;
+				break;
+				}
+			i++;
+			if (key_usage_data[i].name == NULL)
+				return(X509v3_KU_UNDEF);
+			}
+		}
+	return(ret);
+	}
+
+int X509v3_set_key_usage(x,use)
+X509 *x;
+unsigned int use;
+	{
+	ASN1_OCTET_STRING *os;
+	X509_EXTENSION *ext;
+	int i;
+	unsigned char data[4];
+
+	i=X509_get_ext_by_NID(x,NID_key_usage,-1);
+	if (i < 0)
+		{
+		i=X509_get_ext_count(x)+1;
+		if ((ext=X509_EXTENSION_new()) == NULL) return(0);
+		if (!X509_add_ext(x,ext,i))
+			{
+			X509_EXTENSION_free(ext);
+			return(0);
+			}
+		}
+	else
+		ext=X509_get_ext(x,i);
+
+	/* fill in 'ext' */
+	os=X509_EXTENSION_get_data(ext);
+
+	i=0;
+	if (use > 0)
+		{
+		i=1;
+		data[0]=use&0xff;
+		}
+	if (use > 0xff)
+		{
+		i=2;
+		data[1]=(use>>8)&0xff;
+		}
+	return((X509v3_pack_string(&os,V_ASN1_BIT_STRING,data,i) == NULL)?0:1);
+	}
+
diff --git a/crypto/x509/x509.err b/crypto/x509/x509.err
index 7f8b33ed89..8d0862d7d1 100644
--- a/crypto/x509/x509.err
+++ b/crypto/x509/x509.err
@@ -13,20 +13,22 @@
 #define X509_F_X509_EXTENSION_CREATE_BY_OBJ		 109
 #define X509_F_X509_GET_PUBKEY_PARAMETERS		 110
 #define X509_F_X509_LOAD_CERT_FILE			 111
-#define X509_F_X509_NAME_ADD_ENTRY			 112
-#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID		 113
-#define X509_F_X509_NAME_ENTRY_SET_OBJECT		 114
-#define X509_F_X509_NAME_ONELINE			 115
-#define X509_F_X509_NAME_PRINT				 116
-#define X509_F_X509_PRINT_FP				 117
-#define X509_F_X509_PUBKEY_GET				 118
-#define X509_F_X509_PUBKEY_SET				 119
-#define X509_F_X509_REQ_PRINT				 120
-#define X509_F_X509_REQ_PRINT_FP			 121
-#define X509_F_X509_REQ_TO_X509				 122
-#define X509_F_X509_STORE_ADD_CERT			 123
-#define X509_F_X509_TO_X509_REQ				 124
-#define X509_F_X509_VERIFY_CERT				 125
+#define X509_F_X509_LOAD_CRL_FILE			 112
+#define X509_F_X509_NAME_ADD_ENTRY			 113
+#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID		 114
+#define X509_F_X509_NAME_ENTRY_SET_OBJECT		 115
+#define X509_F_X509_NAME_ONELINE			 116
+#define X509_F_X509_NAME_PRINT				 117
+#define X509_F_X509_PRINT_FP				 118
+#define X509_F_X509_PUBKEY_GET				 119
+#define X509_F_X509_PUBKEY_SET				 120
+#define X509_F_X509_REQ_PRINT				 121
+#define X509_F_X509_REQ_PRINT_FP			 122
+#define X509_F_X509_REQ_TO_X509				 123
+#define X509_F_X509_STORE_ADD_CERT			 124
+#define X509_F_X509_STORE_ADD_CRL			 125
+#define X509_F_X509_TO_X509_REQ				 126
+#define X509_F_X509_VERIFY_CERT				 127
 
 /* Reason codes. */
 #define X509_R_BAD_X509_FILETYPE			 100
@@ -41,3 +43,4 @@
 #define X509_R_UNKNOWN_NID				 109
 #define X509_R_UNKNOWN_STRING_TYPE			 110
 #define X509_R_UNSUPPORTED_ALGORITHM			 111
+#define X509_R_WRONG_LOOKUP_TYPE			 112
diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h
index a1f7556818..95114f7c43 100644
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h
@@ -1,5 +1,5 @@
 /* crypto/x509/x509.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -90,6 +90,24 @@ extern "C" {
 #define X509_FILETYPE_ASN1	2
 #define X509_FILETYPE_DEFAULT	3
 
+#define X509v3_KU_DIGITAL_SIGNATURE	0x0080
+#define X509v3_KU_NON_REPUDIATION	0x0040
+#define X509v3_KU_KEY_ENCIPHERMENT	0x0020
+#define X509v3_KU_DATA_ENCIPHERMENT	0x0010
+#define X509v3_KU_KEY_AGREEMENT		0x0008
+#define X509v3_KU_KEY_CERT_SIGN		0x0004
+#define X509v3_KU_CRL_SIGN		0x0002
+#define X509v3_KU_ENCIPHER_ONLY		0x0001
+#define X509v3_KU_DECIPHER_ONLY		0x8000
+#define X509v3_KU_UNDEF			0xffff
+
+typedef struct X509_objects_st
+	{
+	int nid;
+	int (*a2i)();
+	int (*i2a)();
+	} X509_OBJECTS;
+
 typedef struct X509_algor_st
 	{
 	ASN1_OBJECT *algorithm;
@@ -133,25 +151,39 @@ typedef struct X509_name_st
 #else
 	char *bytes;
 #endif
+	unsigned long hash; /* Keep the hash around for lookups */
 	} X509_NAME;
 
+#define X509_EX_V_NETSCAPE_HACK		0x8000
+#define X509_EX_V_INIT			0x0001
 typedef struct X509_extension_st
 	{
 	ASN1_OBJECT *object;
 	short critical;
 	short netscape_hack;
 	ASN1_OCTET_STRING *value;
+	long argl;			/* used when decoding */
+	char *argp;			/* used when decoding */
+	void (*ex_free)();		/* clear argp stuff */
 	} X509_EXTENSION;
 
-#define X509_EXT_PACK_UNKNOWN	0
-#define X509_EXT_PACK_STRING	1 /* X509v3_pack_string() */
-
+/* #if 1 */
 typedef struct x509_extension_method_st
 	{
 	int nid;
 	int data_type;
 	int pack_type;
+	void (*ex_clear)();
+	int (*ex_get_bool)();
+	int (*ex_set_bool)();
+	int (*ex_get_str)();
+	int (*ex_set_str)();
+	char *(*ex_get_struct)();
+	int (*ex_set_struct)();
+	int (*a2i)();
+	int (*i2a)();
 	} X509_EXTENSION_METHOD;
+/* #endif */
 
 typedef struct X509_req_info_st
 	{
@@ -307,8 +339,6 @@ typedef struct CBCParameter_st
 	a->sig_alg,a->signature,(char *)a->req_info,r)
 #define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \
 	a->sig_alg, a->signature,(char *)a->crl,r)
-#define NETSCAPE_SPKI_verify(a,r) ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC, \
-		a->sig_algor,a->signature, (char *)a->spkac,r)
 
 #define X509_sign(x,pkey,md) \
 	ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \
@@ -428,6 +458,9 @@ typedef struct CBCParameter_st
 		(char *)data,md,len)
 #endif
 
+#define X509_EXT_PACK_UNKNOWN	1
+#define X509_EXT_PACK_STRING	2
+
 #define		X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version)
 /* #define	X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */
 #define		X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
@@ -448,7 +481,7 @@ typedef struct CBCParameter_st
 #ifndef SSLEAY_MACROS
 #ifdef HEADER_ENVELOPE_H
 int X509_verify(X509 *a, EVP_PKEY *r);
-char *X509_verify_cert_error_string(int n);
+char *X509_verify_cert_error_string(long n);
 
 int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
 int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
@@ -464,7 +497,7 @@ int X509_NAME_digest(X509_NAME *data,EVP_MD *type,
 	unsigned char *md,unsigned int *len);
 #endif
 
-#ifndef WIN16
+#ifndef NO_FP_API
 X509 *d2i_X509_fp(FILE *fp, X509 *x509);
 int i2d_X509_fp(FILE *fp,X509 *x509);
 X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL *crl);
@@ -515,7 +548,7 @@ char *		X509_get_default_cert_dir_env(void );
 char *		X509_get_default_cert_file_env(void );
 char *		X509_get_default_private_dir(void );
 
-X509_REQ *	X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey);
+X509_REQ *	X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, EVP_MD *md);
 X509 *		X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey);
 void ERR_load_X509_strings(void );
 
@@ -674,7 +707,7 @@ int		X509_NAME_cmp (X509_NAME *a, X509_NAME *b);
 unsigned long	X509_NAME_hash(X509_NAME *x);
 
 int		X509_CRL_cmp(X509_CRL *a,X509_CRL *b);
-#ifndef WIN16
+#ifndef NO_FP_API
 int		X509_print_fp(FILE *bp,X509 *x);
 int		X509_REQ_print_fp(FILE *bp,X509_REQ *req);
 #endif
@@ -691,9 +724,11 @@ int 		X509_NAME_get_text_by_NID(X509_NAME *name, int nid,
 int		X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
 			char *buf,int len);
 
-int 		X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int oldpos);
+/* NOTE: you should be passsing -1, not 0 as lastpos.  The functions that use
+ * lastpos, seach after that position on. */
+int 		X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
 int 		X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj,
-			int oldpos);
+			int lastpos);
 X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
 X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
 int 		X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,
@@ -711,37 +746,38 @@ ASN1_OBJECT *	X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
 ASN1_STRING *	X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
 
 int		X509v3_get_ext_count(STACK *x);
-int		X509v3_get_ext_by_NID(STACK *x, int nid, int oldpos);
-int		X509v3_get_ext_by_OBJ(STACK *x,ASN1_OBJECT *obj,int oldpos);
-int		X509v3_get_ext_by_critical(STACK *x, int crit, int oldpos);
+int		X509v3_get_ext_by_NID(STACK *x, int nid, int lastpos);
+int		X509v3_get_ext_by_OBJ(STACK *x,ASN1_OBJECT *obj,int lastpos);
+int		X509v3_get_ext_by_critical(STACK *x, int crit, int lastpos);
 X509_EXTENSION *X509v3_get_ext(STACK *x, int loc);
 X509_EXTENSION *X509v3_delete_ext(STACK *x, int loc);
 STACK *		X509v3_add_ext(STACK **x, X509_EXTENSION *ex, int loc);
+
 int		X509v3_data_type_by_OBJ(ASN1_OBJECT *obj);
 int		X509v3_data_type_by_NID(int nid);
 int		X509v3_pack_type_by_OBJ(ASN1_OBJECT *obj);
 int		X509v3_pack_type_by_NID(int nid);
 
 int		X509_get_ext_count(X509 *x);
-int		X509_get_ext_by_NID(X509 *x, int nid, int oldpos);
-int		X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int oldpos);
-int		X509_get_ext_by_critical(X509 *x, int crit, int oldpos);
+int		X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
+int		X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos);
+int		X509_get_ext_by_critical(X509 *x, int crit, int lastpos);
 X509_EXTENSION *X509_get_ext(X509 *x, int loc);
 X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
 int		X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
 
 int		X509_CRL_get_ext_count(X509_CRL *x);
-int		X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int oldpos);
-int		X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int oldpos);
-int		X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int oldpos);
+int		X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos);
+int		X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos);
+int		X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos);
 X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
 X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
 int		X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
 
 int		X509_REVOKED_get_ext_count(X509_REVOKED *x);
-int		X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int oldpos);
-int		X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int oldpos);
-int		X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int oldpos);
+int		X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos);
+int		X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos);
+int		X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos);
 X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
 X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
 int		X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
@@ -787,7 +823,7 @@ int X509_digest();
 int X509_NAME_digest();
 #endif
 
-#ifndef WIN16
+#ifndef NO_FP_API
 X509 *d2i_X509_fp();
 int i2d_X509_fp();
 X509_CRL *d2i_X509_CRL_fp();
@@ -979,7 +1015,7 @@ int		X509_NAME_cmp ();
 unsigned long	X509_NAME_hash();
 
 int		X509_CRL_cmp();
-#ifndef WIN16
+#ifndef NO_FP_API
 int		X509_print_fp();
 int		X509_REQ_print_fp();
 #endif
@@ -1011,12 +1047,12 @@ int		X509v3_get_ext_by_critical();
 X509_EXTENSION *X509v3_get_ext();
 X509_EXTENSION *X509v3_delete_ext();
 STACK *		X509v3_add_ext();
+
 int		X509v3_data_type_by_OBJ();
 int		X509v3_data_type_by_NID();
 int		X509v3_pack_type_by_OBJ();
 int		X509v3_pack_type_by_NID();
 
-
 int		X509_get_ext_count();
 int		X509_get_ext_by_NID();
 int		X509_get_ext_by_OBJ();
@@ -1077,20 +1113,22 @@ X509 *X509_find_by_subject();
 #define X509_F_X509_EXTENSION_CREATE_BY_OBJ		 109
 #define X509_F_X509_GET_PUBKEY_PARAMETERS		 110
 #define X509_F_X509_LOAD_CERT_FILE			 111
-#define X509_F_X509_NAME_ADD_ENTRY			 112
-#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID		 113
-#define X509_F_X509_NAME_ENTRY_SET_OBJECT		 114
-#define X509_F_X509_NAME_ONELINE			 115
-#define X509_F_X509_NAME_PRINT				 116
-#define X509_F_X509_PRINT_FP				 117
-#define X509_F_X509_PUBKEY_GET				 118
-#define X509_F_X509_PUBKEY_SET				 119
-#define X509_F_X509_REQ_PRINT				 120
-#define X509_F_X509_REQ_PRINT_FP			 121
-#define X509_F_X509_REQ_TO_X509				 122
-#define X509_F_X509_STORE_ADD_CERT			 123
-#define X509_F_X509_TO_X509_REQ				 124
-#define X509_F_X509_VERIFY_CERT				 125
+#define X509_F_X509_LOAD_CRL_FILE			 112
+#define X509_F_X509_NAME_ADD_ENTRY			 113
+#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID		 114
+#define X509_F_X509_NAME_ENTRY_SET_OBJECT		 115
+#define X509_F_X509_NAME_ONELINE			 116
+#define X509_F_X509_NAME_PRINT				 117
+#define X509_F_X509_PRINT_FP				 118
+#define X509_F_X509_PUBKEY_GET				 119
+#define X509_F_X509_PUBKEY_SET				 120
+#define X509_F_X509_REQ_PRINT				 121
+#define X509_F_X509_REQ_PRINT_FP			 122
+#define X509_F_X509_REQ_TO_X509				 123
+#define X509_F_X509_STORE_ADD_CERT			 124
+#define X509_F_X509_STORE_ADD_CRL			 125
+#define X509_F_X509_TO_X509_REQ				 126
+#define X509_F_X509_VERIFY_CERT				 127
 
 /* Reason codes. */
 #define X509_R_BAD_X509_FILETYPE			 100
@@ -1105,6 +1143,7 @@ X509 *X509_find_by_subject();
 #define X509_R_UNKNOWN_NID				 109
 #define X509_R_UNKNOWN_STRING_TYPE			 110
 #define X509_R_UNSUPPORTED_ALGORITHM			 111
+#define X509_R_WRONG_LOOKUP_TYPE			 112
  
 #ifdef  __cplusplus
 }
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 14eebbfcb8..f9d9510ac5 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509_cmp.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -188,17 +188,27 @@ X509_NAME *b;
 	}
 
 #ifndef NO_MD5
-/* I should do a DER encoding of the name and then hash it. */
+/* I now DER encode the name and hash it.  Since I cache the DER encoding,
+ * this is reasonably effiecent. */
 unsigned long X509_NAME_hash(x)
 X509_NAME *x;
 	{
 	unsigned long ret=0;
 	unsigned char md[16];
-	char str[256];
+	unsigned char str[256],*p,*pp;
+	int i;
+
+	i=i2d_X509_NAME(x,NULL);
+	if (i > sizeof(str))
+		p=Malloc(i);
+	else
+		p=str;
+
+	pp=p;
+	i2d_X509_NAME(x,&pp);
+	MD5((unsigned char *)p,i,&(md[0]));
+	if (p != str) Free(p);
 
-	X509_NAME_oneline(x,str,256);
-	ret=strlen(str);
-	MD5((unsigned char *)str,ret,&(md[0]));
 	ret=(	((unsigned long)md[0]     )|((unsigned long)md[1]<<8L)|
 		((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
 		)&0xffffffffL;
@@ -226,7 +236,7 @@ ASN1_INTEGER *serial;
 		if (X509_issuer_and_serial_cmp(x509,&x) == 0)
 			return(x509);
 		}
-	return(x509);
+	return(NULL);
 	}
 
 X509 *X509_find_by_subject(sk,name)
diff --git a/crypto/x509/x509_d2.c b/crypto/x509/x509_d2.c
index 235d70f8d7..01e22f4cb4 100644
--- a/crypto/x509/x509_d2.c
+++ b/crypto/x509/x509_d2.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509_d2.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -63,6 +63,7 @@
 #include "crypto.h"
 #include "x509.h"
 
+#ifndef NO_STDIO
 int X509_STORE_set_default_paths(ctx)
 X509_STORE *ctx;
 	{
@@ -101,6 +102,9 @@ char *path;
 		if (lookup == NULL) return(0);
 		X509_LOOKUP_add_dir(lookup,path,X509_FILETYPE_PEM);
 		}
+	if ((path == NULL) && (file == NULL))
+		return(0);
 	return(1);
 	}
 
+#endif
diff --git a/crypto/x509/x509_def.c b/crypto/x509/x509_def.c
index 497923828c..d9ab39b15a 100644
--- a/crypto/x509/x509_def.c
+++ b/crypto/x509/x509_def.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509_def.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/x509/x509_err.c b/crypto/x509/x509_err.c
index bfcc47fe03..9304721612 100644
--- a/crypto/x509/x509_err.c
+++ b/crypto/x509/x509_err.c
@@ -60,6 +60,7 @@
 #include "x509.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA X509_str_functs[]=
 	{
 {ERR_PACK(0,X509_F_ADD_CERT_DIR,0),	"ADD_CERT_DIR"},
@@ -74,6 +75,7 @@ static ERR_STRING_DATA X509_str_functs[]=
 {ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0),	"X509_EXTENSION_create_by_OBJ"},
 {ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0),	"X509_get_pubkey_parameters"},
 {ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0),	"X509_LOAD_CERT_FILE"},
+{ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0),	"X509_LOAD_CRL_FILE"},
 {ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0),	"X509_NAME_add_entry"},
 {ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0),	"X509_NAME_ENTRY_create_by_NID"},
 {ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0),	"X509_NAME_ENTRY_set_object"},
@@ -86,6 +88,7 @@ static ERR_STRING_DATA X509_str_functs[]=
 {ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0),	"X509_REQ_print_fp"},
 {ERR_PACK(0,X509_F_X509_REQ_TO_X509,0),	"X509_REQ_to_X509"},
 {ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0),	"X509_STORE_ADD_CERT"},
+{ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0),	"X509_STORE_ADD_CRL"},
 {ERR_PACK(0,X509_F_X509_TO_X509_REQ,0),	"X509_to_X509_REQ"},
 {ERR_PACK(0,X509_F_X509_VERIFY_CERT,0),	"X509_verify_cert"},
 {0,NULL},
@@ -105,17 +108,23 @@ static ERR_STRING_DATA X509_str_reasons[]=
 {X509_R_UNKNOWN_NID                      ,"unknown nid"},
 {X509_R_UNKNOWN_STRING_TYPE              ,"unknown string type"},
 {X509_R_UNSUPPORTED_ALGORITHM            ,"unsupported algorithm"},
+{X509_R_WRONG_LOOKUP_TYPE                ,"wrong lookup type"},
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_X509_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_X509,X509_str_functs);
 		ERR_load_strings(ERR_LIB_X509,X509_str_reasons);
+#endif
+
 		}
 	}
diff --git a/crypto/x509/x509_ext.c b/crypto/x509/x509_ext.c
index 7495183e88..1d76ecfcfd 100644
--- a/crypto/x509/x509_ext.c
+++ b/crypto/x509/x509_ext.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509_ext.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -70,28 +70,28 @@ X509_CRL *x;
 	return(X509v3_get_ext_count(x->crl->extensions));
 	}
 
-int X509_CRL_get_ext_by_NID(x,nid,oldpos)
+int X509_CRL_get_ext_by_NID(x,nid,lastpos)
 X509_CRL *x;
 int nid;
-int oldpos;
+int lastpos;
 	{
-	return(X509v3_get_ext_by_NID(x->crl->extensions,nid,oldpos));
+	return(X509v3_get_ext_by_NID(x->crl->extensions,nid,lastpos));
 	}
 
-int X509_CRL_get_ext_by_OBJ(x,obj,oldpos)
+int X509_CRL_get_ext_by_OBJ(x,obj,lastpos)
 X509_CRL *x;
 ASN1_OBJECT *obj;
-int oldpos;
+int lastpos;
 	{
-	return(X509v3_get_ext_by_OBJ(x->crl->extensions,obj,oldpos));
+	return(X509v3_get_ext_by_OBJ(x->crl->extensions,obj,lastpos));
 	}
 
-int X509_CRL_get_ext_by_critical(x,crit,oldpos)
+int X509_CRL_get_ext_by_critical(x,crit,lastpos)
 X509_CRL *x;
 int crit;
-int oldpos;
+int lastpos;
 	{
-	return(X509v3_get_ext_by_critical(x->crl->extensions,crit,oldpos));
+	return(X509v3_get_ext_by_critical(x->crl->extensions,crit,lastpos));
 	}
 
 X509_EXTENSION *X509_CRL_get_ext(x,loc)
@@ -122,28 +122,28 @@ X509 *x;
 	return(X509v3_get_ext_count(x->cert_info->extensions));
 	}
 
-int X509_get_ext_by_NID(x,nid,oldpos)
+int X509_get_ext_by_NID(x,nid,lastpos)
 X509 *x;
 int nid;
-int oldpos;
+int lastpos;
 	{
-	return(X509v3_get_ext_by_NID(x->cert_info->extensions,nid,oldpos));
+	return(X509v3_get_ext_by_NID(x->cert_info->extensions,nid,lastpos));
 	}
 
-int X509_get_ext_by_OBJ(x,obj,oldpos)
+int X509_get_ext_by_OBJ(x,obj,lastpos)
 X509 *x;
 ASN1_OBJECT *obj;
-int oldpos;
+int lastpos;
 	{
-	return(X509v3_get_ext_by_OBJ(x->cert_info->extensions,obj,oldpos));
+	return(X509v3_get_ext_by_OBJ(x->cert_info->extensions,obj,lastpos));
 	}
 
-int X509_get_ext_by_critical(x,crit,oldpos)
+int X509_get_ext_by_critical(x,crit,lastpos)
 X509 *x;
 int crit;
-int oldpos;
+int lastpos;
 	{
-	return(X509v3_get_ext_by_critical(x->cert_info->extensions,crit,oldpos));
+	return(X509v3_get_ext_by_critical(x->cert_info->extensions,crit,lastpos));
 	}
 
 X509_EXTENSION *X509_get_ext(x,loc)
@@ -174,28 +174,28 @@ X509_REVOKED *x;
 	return(X509v3_get_ext_count(x->extensions));
 	}
 
-int X509_REVOKED_get_ext_by_NID(x,nid,oldpos)
+int X509_REVOKED_get_ext_by_NID(x,nid,lastpos)
 X509_REVOKED *x;
 int nid;
-int oldpos;
+int lastpos;
 	{
-	return(X509v3_get_ext_by_NID(x->extensions,nid,oldpos));
+	return(X509v3_get_ext_by_NID(x->extensions,nid,lastpos));
 	}
 
-int X509_REVOKED_get_ext_by_OBJ(x,obj,oldpos)
+int X509_REVOKED_get_ext_by_OBJ(x,obj,lastpos)
 X509_REVOKED *x;
 ASN1_OBJECT *obj;
-int oldpos;
+int lastpos;
 	{
-	return(X509v3_get_ext_by_OBJ(x->extensions,obj,oldpos));
+	return(X509v3_get_ext_by_OBJ(x->extensions,obj,lastpos));
 	}
 
-int X509_REVOKED_get_ext_by_critical(x,crit,oldpos)
+int X509_REVOKED_get_ext_by_critical(x,crit,lastpos)
 X509_REVOKED *x;
 int crit;
-int oldpos;
+int lastpos;
 	{
-	return(X509v3_get_ext_by_critical(x->extensions,crit,oldpos));
+	return(X509v3_get_ext_by_critical(x->extensions,crit,lastpos));
 	}
 
 X509_EXTENSION *X509_REVOKED_get_ext(x,loc)
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index 455ad5af45..2c7e10a46e 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509_lu.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -61,6 +61,9 @@
 #include "lhash.h"
 #include "x509.h"
 
+static STACK *x509_store_meth=NULL;
+static STACK *x509_store_ctx_meth=NULL;
+
 X509_LOOKUP *X509_LOOKUP_new(method)
 X509_LOOKUP_METHOD *method;
 	{
@@ -170,7 +173,7 @@ char *str;
 int len;
 X509_OBJECT *ret;
 	{
-	if ((ctx->method == NULL) || (ctx->method->get_by_alias))
+	if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
 		return(X509_LU_FAIL);
 	return(ctx->method->get_by_alias(ctx,str,len,ret));
 	}
@@ -226,7 +229,7 @@ X509_STORE *X509_STORE_new()
 	ret->get_cert_methods=sk_new_null();
 	ret->verify=NULL;
 	ret->verify_cb=NULL;
-	ret->app_data=NULL;
+	memset(&ret->ex_data,0,sizeof(CRYPTO_EX_DATA));
 	ret->references=1;
 	return(ret);
 	}
@@ -264,6 +267,7 @@ X509_STORE *vfy;
 		}
 	sk_free(sk);
 
+	CRYPTO_free_ex_data(x509_store_meth,(char *)vfy,&vfy->ex_data);
 	lh_doall(vfy->certs,cleanup);
 	lh_free(vfy->certs);
 	Free(vfy);
@@ -425,6 +429,7 @@ STACK *chain;
 	ctx->depth=10;
 	ctx->error=0;
 	ctx->current_cert=NULL;
+	memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA));
 	}
 
 void X509_STORE_CTX_cleanup(ctx)
@@ -435,5 +440,7 @@ X509_STORE_CTX *ctx;
 		sk_pop_free(ctx->chain,X509_free);
 		ctx->chain=NULL;
 		}
+	CRYPTO_free_ex_data(x509_store_ctx_meth,(char *)ctx,&(ctx->ex_data));
+	memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
 	}
 
diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
index 2b53af1e61..c0576fd6f6 100644
--- a/crypto/x509/x509_obj.c
+++ b/crypto/x509/x509_obj.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509_obj.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -76,6 +76,7 @@ int len;
 	BUF_MEM *b=NULL;
 	static char hex[17]="0123456789ABCDEF";
 	int gs_doit[4];
+	char tmp_buf[80];
 
 	if (a == NULL) return("NO X509_NAME");
 	if (buf == NULL)
@@ -92,12 +93,10 @@ int len;
 		{
 		ne=(X509_NAME_ENTRY *)sk_value(a->entries,i);
 		n=OBJ_obj2nid(ne->object);
-		if (n == NID_undef)
-			s="UNKNOWN";
-		else
+		if ((n == NID_undef) || ((s=OBJ_nid2sn(n)) == NULL))
 			{
-			s=OBJ_nid2sn(n);
-			if (s == NULL) s="UNKNOWN2";
+			i2t_ASN1_OBJECT(tmp_buf,sizeof(tmp_buf),ne->object);
+			s=tmp_buf;
 			}
 		l1=strlen(s);
 
diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c
index 7e79959c8a..6aec2427f7 100644
--- a/crypto/x509/x509_r2x.c
+++ b/crypto/x509/x509_r2x.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509_r2x.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
index c1f10c2428..5004365bad 100644
--- a/crypto/x509/x509_req.c
+++ b/crypto/x509/x509_req.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509_req.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -66,9 +66,10 @@
 #include "buffer.h"
 #include "pem.h"
 
-X509_REQ *X509_to_X509_REQ(x,pkey)
+X509_REQ *X509_to_X509_REQ(x,pkey,md)
 X509 *x;
 EVP_PKEY *pkey;
+EVP_MD *md;
 	{
 	X509_REQ *ret;
 	X509_REQ_INFO *ri;
@@ -94,9 +95,11 @@ EVP_PKEY *pkey;
 	i=X509_REQ_set_pubkey(ret,X509_get_pubkey(x));
 	if (!i) goto err;
 
-/* NEEDS FIXING EAY EAY EAY */
-	if (!X509_REQ_sign(ret,pkey,EVP_md5()))
-		goto err;
+	if (pkey != NULL)
+		{
+		if (!X509_REQ_sign(ret,pkey,md))
+			goto err;
+		}
 	return(ret);
 err:
 	X509_REQ_free(ret);
@@ -106,6 +109,8 @@ err:
 EVP_PKEY *X509_REQ_get_pubkey(req)
 X509_REQ *req;
 	{
+	if ((req == NULL) || (req->req_info == NULL))
+		return(NULL);
 	return(X509_PUBKEY_get(req->req_info->pubkey));
 	}
 
diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c
index f65ae91f53..5d0a3a0c0e 100644
--- a/crypto/x509/x509_set.c
+++ b/crypto/x509/x509_set.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509_set.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c
index d5fc5839a1..408d1c277c 100644
--- a/crypto/x509/x509_txt.c
+++ b/crypto/x509/x509_txt.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509_txt.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -71,11 +71,11 @@
 #include "pem.h"
 
 char *X509_verify_cert_error_string(n)
-int n;
+long n;
 	{
 	static char buf[100];
 
-	switch (n)
+	switch ((int)n)
 		{
 	case X509_V_OK:
 		return("ok");
@@ -105,9 +105,9 @@ int n;
 		return("format error in certificate's notBefore field");
 	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
 		return("format error in certificate's notAfter field");
-	case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FILED:
+	case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
 		return("format error in CRL's lastUpdate field");
-	case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FILED:
+	case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
 		return("format error in CRL's nextUpdate field");
 	case X509_V_ERR_OUT_OF_MEM:
 		return("out of memory");
@@ -121,8 +121,10 @@ int n;
 		return("unable to verify the first certificate");
 	case X509_V_ERR_CERT_CHAIN_TOO_LONG:
 		return("certificate chain too long");
+	case X509_V_ERR_APPLICATION_VERIFICATION:
+		return("application verification failure");
 	default:
-		sprintf(buf,"error number %d",n);
+		sprintf(buf,"error number %ld",n);
 		return(buf);
 		}
 	}
diff --git a/crypto/x509/x509_v3.c b/crypto/x509/x509_v3.c
index 388130b1d7..1c03602f0b 100644
--- a/crypto/x509/x509_v3.c
+++ b/crypto/x509/x509_v3.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509_v3.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -81,59 +81,59 @@ STACK *x;
 	return(sk_num(x));
 	}
 
-int X509v3_get_ext_by_NID(x,nid,oldpos)
+int X509v3_get_ext_by_NID(x,nid,lastpos)
 STACK *x;
 int nid;
-int oldpos;
+int lastpos;
 	{
 	ASN1_OBJECT *obj;
 
 	obj=OBJ_nid2obj(nid);
 	if (obj == NULL) return(-2);
-	return(X509v3_get_ext_by_OBJ(x,obj,oldpos));
+	return(X509v3_get_ext_by_OBJ(x,obj,lastpos));
 	}
 
-int X509v3_get_ext_by_OBJ(sk,obj,oldpos)
+int X509v3_get_ext_by_OBJ(sk,obj,lastpos)
 STACK *sk;
 ASN1_OBJECT *obj;
-int oldpos;
+int lastpos;
 	{
 	int n;
 	X509_EXTENSION *ex;
 
 	if (sk == NULL) return(-1);
-	oldpos++;
-	if (oldpos < 0)
-		oldpos=0;
+	lastpos++;
+	if (lastpos < 0)
+		lastpos=0;
 	n=sk_num(sk);
-	for ( ; oldpos < n; oldpos++)
+	for ( ; lastpos < n; lastpos++)
 		{
-		ex=(X509_EXTENSION *)sk_value(sk,oldpos);
+		ex=(X509_EXTENSION *)sk_value(sk,lastpos);
 		if (OBJ_cmp(ex->object,obj) == 0)
-			return(oldpos);
+			return(lastpos);
 		}
 	return(-1);
 	}
 
-int X509v3_get_ext_by_critical(sk,crit,oldpos)
+int X509v3_get_ext_by_critical(sk,crit,lastpos)
 STACK *sk;
 int crit;
-int oldpos;
+int lastpos;
 	{
 	int n;
 	X509_EXTENSION *ex;
 
 	if (sk == NULL) return(-1);
-	oldpos++;
-	if (oldpos < 0)
-		oldpos=0;
+	lastpos++;
+	if (lastpos < 0)
+		lastpos=0;
 	n=sk_num(sk);
-	for ( ; oldpos < n; oldpos++)
+	for ( ; lastpos < n; lastpos++)
 		{
-		ex=(X509_EXTENSION *)sk_value(sk,oldpos);
+		ex=(X509_EXTENSION *)sk_value(sk,lastpos);
 		if (	(ex->critical && crit) ||
 			(!ex->critical && !crit))
-			return(oldpos);
+			return(lastpos);
 		}
 	return(-1);
 	}
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index f6dba6f9ef..c1be91edba 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509_vfy.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -62,6 +62,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 
+#include "crypto.h"
 #include "cryptlib.h"
 #include "lhash.h"
 #include "buffer.h"
@@ -79,7 +80,13 @@ static int null_callback();
 static int internal_verify();
 #endif
 
-char *X509_version="X509 part of SSLeay 0.8.1b 29-Jun-1998";
+char *X509_version="X509 part of SSLeay 0.9.0b 29-Jun-1998";
+static STACK *x509_store_ctx_method=NULL;
+static int x509_store_ctx_num=0;
+#if 0
+static int x509_store_num=1;
+static STACK *x509_store_method=NULL;
+#endif
 
 static int null_callback(ok,e)
 int ok;
@@ -427,13 +434,13 @@ ASN1_UTCTIME *ctm;
 		offset=((str[1]-'0')*10+(str[2]-'0'))*60;
 		offset+=(str[3]-'0')*10+(str[4]-'0');
 		if (*str == '-')
-			offset-=offset;
+			offset=-offset;
 		}
 	atm.type=V_ASN1_UTCTIME;
 	atm.length=sizeof(buff2);
 	atm.data=(unsigned char *)buff2;
 
-	X509_gmtime_adj(&atm,offset);
+	X509_gmtime_adj(&atm,-offset);
 
 	i=(buff1[0]-'0')*10+(buff1[1]-'0');
 	if (i < 70) i+=100;
@@ -505,6 +512,8 @@ STACK *chain;
 EVP_PKEY *X509_get_pubkey(x)
 X509 *x;
 	{
+	if ((x == NULL) || (x->cert_info == NULL))
+		return(NULL);
 	return(X509_PUBKEY_get(x->cert_info->key));
 	}
 
@@ -582,4 +591,114 @@ X509 *x;
 	return(ret);	
 	}
 
+int X509_STORE_add_crl(ctx,x)
+X509_STORE *ctx;
+X509_CRL *x;
+	{
+	X509_OBJECT *obj,*r;
+	int ret=1;
+
+	if (x == NULL) return(0);
+	obj=(X509_OBJECT *)Malloc(sizeof(X509_OBJECT));
+	if (obj == NULL)
+		{
+		X509err(X509_F_X509_STORE_ADD_CRL,ERR_R_MALLOC_FAILURE);
+		return(0);
+		}
+	obj->type=X509_LU_CRL;
+	obj->data.crl=x;
+
+	CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+
+	X509_OBJECT_up_ref_count(obj);
+
+	r=(X509_OBJECT *)lh_insert(ctx->certs,(char *)obj);
+	if (r != NULL)
+		{ /* oops, put it back */
+		lh_delete(ctx->certs,(char *)obj);
+		X509_OBJECT_free_contents(obj);
+		Free(obj);
+		lh_insert(ctx->certs,(char *)r);
+		X509err(X509_F_X509_STORE_ADD_CRL,X509_R_CERT_ALREADY_IN_HASH_TABLE);
+		ret=0;
+		}
+
+	CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+
+	return(ret);	
+	}
+
+int X509_STORE_CTX_get_ex_new_index(argl,argp,new_func,dup_func,free_func)
+long argl;
+char *argp;
+int (*new_func)();
+int (*dup_func)();
+void (*free_func)();
+        {
+        x509_store_ctx_num++;
+        return(CRYPTO_get_ex_new_index(x509_store_ctx_num-1,
+		&x509_store_ctx_method,
+                argl,argp,new_func,dup_func,free_func));
+        }
+
+int X509_STORE_CTX_set_ex_data(ctx,idx,data)
+X509_STORE_CTX *ctx;
+int idx;
+char *data;
+	{
+	return(CRYPTO_set_ex_data(&ctx->ex_data,idx,data));
+	}
+
+char *X509_STORE_CTX_get_ex_data(ctx,idx)
+X509_STORE_CTX *ctx;
+int idx;
+	{
+	return(CRYPTO_get_ex_data(&ctx->ex_data,idx));
+	}
+
+int X509_STORE_CTX_get_error(ctx)
+X509_STORE_CTX *ctx;
+	{
+	return(ctx->error);
+	}
+
+void X509_STORE_CTX_set_error(ctx,err)
+X509_STORE_CTX *ctx;
+int err;
+	{
+	ctx->error=err;
+	}
+
+int X509_STORE_CTX_get_error_depth(ctx)
+X509_STORE_CTX *ctx;
+	{
+	return(ctx->error_depth);
+	}
+
+X509 *X509_STORE_CTX_get_current_cert(ctx)
+X509_STORE_CTX *ctx;
+	{
+	return(ctx->current_cert);
+	}
+
+STACK *X509_STORE_CTX_get_chain(ctx)
+X509_STORE_CTX *ctx;
+	{
+	return(ctx->chain);
+	}
+
+void X509_STORE_CTX_set_cert(ctx,x)
+X509_STORE_CTX *ctx;
+X509 *x;
+	{
+	ctx->cert=x;
+	}
+
+void X509_STORE_CTX_set_chain(ctx,sk)
+X509_STORE_CTX *ctx;
+STACK *sk;
+	{
+	ctx->untrusted=sk;
+	}
+
 
diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h
index b92e1ba432..dfc060f899 100644
--- a/crypto/x509/x509_vfy.h
+++ b/crypto/x509/x509_vfy.h
@@ -1,5 +1,5 @@
 /* crypto/x509/x509_vfy.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -63,6 +63,9 @@
 extern "C" {
 #endif
 
+#include "bio.h"
+#include "crypto.h"
+
 /* Outer object */
 typedef struct x509_hash_dir_st
 	{
@@ -149,12 +152,12 @@ typedef struct x509_store_st
 	int (*verify)();	/* called to verify a certificate */
 	int (*verify_cb)();	/* error callback */
 
-	char *app_data;
+	CRYPTO_EX_DATA ex_data;
 	int references;
 	int depth;		/* how deep to look */
 	}  X509_STORE;
 
-#define X509_STORE_set_depth(ctx,depth)	((ctx)->depth=(depth))
+#define X509_STORE_set_depth(ctx,d)       ((ctx)->depth=(d))
 
 #define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
 #define X509_STORE_set_verify_func(ctx,func)	((ctx)->verify=(func))
@@ -193,19 +196,13 @@ typedef struct x509_store_state_st
 	int error;
 	X509 *current_cert;
 
-	char *app_data;
+	CRYPTO_EX_DATA ex_data;
 	} X509_STORE_CTX;
 
-#define X509_STORE_CTX_set_app_data(ctx,data)	((ctx)->app_data=(data))
-#define X509_STORE_CTX_get_app_data(ctx)	((ctx)->app_data)
-#define X509_STORE_CTX_get_error(ctx)		((ctx)->error)
-#define X509_STORE_CTX_set_error(ctx,s)		((ctx)->error=(s))
-#define X509_STORE_CTX_get_error_depth(ctx)	((ctx)->error_depth)
-#define X509_STORE_CTX_get_current_cert(ctx)	((ctx)->current_cert)
-#define X509_STORE_CTX_get_chain(ctx)		((ctx)->chain)
-
-#define X509_STORE_CTX_set_cert(c,ch)	((c)->cert=(ch))
-#define X509_STORE_CTX_set_chain(c,ch)	((c)->untrusted=(ch))
+#define X509_STORE_CTX_set_app_data(ctx,data) \
+	X509_STORE_CTX_set_ex_data(ctx,0,data)
+#define X509_STORE_CTX_get_app_data(ctx) \
+	X509_STORE_CTX_get_ex_data(ctx,0)
 
 #define X509_L_FILE_LOAD	1
 #define X509_L_ADD_DIR		2
@@ -233,14 +230,18 @@ X509_LOOKUP_METHOD *X509_LOOKUP_dir();
 #define		X509_V_ERR_CRL_HAS_EXPIRED			12
 #define		X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD	13
 #define		X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD	14
-#define		X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FILED	15
-#define		X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FILED	16
+#define		X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD	15
+#define		X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD	16
 #define		X509_V_ERR_OUT_OF_MEM				17
 #define		X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT		18
 #define		X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN		19
 #define		X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY	20
 #define		X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE	21
 #define		X509_V_ERR_CERT_CHAIN_TOO_LONG			22
+#define		X509_V_ERR_CERT_REVOKED				23
+
+/* The application is not happy */
+#define		X509_V_ERR_APPLICATION_VERIFICATION		50
 
 #ifndef NOPROTO
 #ifdef HEADER_LHASH_H
@@ -261,12 +262,17 @@ X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
 X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
 
 int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
 
 int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name,
 	X509_OBJECT *ret);
 
 int X509_LOOKUP_ctrl(X509_LOOKUP *ctx,int cmd,char *argc,long argl,char **ret);
+
+#ifndef NO_STDIO
 int X509_load_cert_file(X509_LOOKUP *ctx, char *file, int type);
+int X509_load_crl_file(X509_LOOKUP *ctx, char *file, int type);
+#endif
 
 void X509v3_cleanup_extensions(void );
 int X509v3_add_extension(X509_EXTENSION_METHOD *x);
@@ -286,9 +292,23 @@ int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str,
 	int len, X509_OBJECT *ret);
 int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
 
+#ifndef NO_STDIO
 int	X509_STORE_load_locations (X509_STORE *ctx,
 		char *file, char *dir);
 int	X509_STORE_set_default_paths(X509_STORE *ctx);
+#endif
+
+int X509_STORE_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+	int (*dup_func)(), void (*free_func)());
+int	X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,char *data);
+char *	X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx);
+int	X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+void	X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
+int	X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+X509 *	X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+STACK *	X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
+void	X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
+void	X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK /* X509 */ *sk);
 
 #else
 
@@ -309,11 +329,16 @@ X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir();
 X509_LOOKUP_METHOD *X509_LOOKUP_file();
 
 int X509_STORE_add_cert();
+int X509_STORE_add_crl();
 
 int X509_STORE_get_by_subject();
 
 int X509_LOOKUP_ctrl();
+
+#ifndef NO_STDIO
 int X509_load_cert_file();
+int X509_load_crl_file();
+#endif
 
 void X509v3_cleanup_extensions();
 int X509v3_add_extension();
@@ -329,8 +354,20 @@ int X509_LOOKUP_by_fingerprint();
 int X509_LOOKUP_by_alias();
 int X509_LOOKUP_shutdown();
 
+#ifndef NO_STDIO
 int	X509_STORE_load_locations ();
 int	X509_STORE_set_default_paths();
+#endif
+
+int	X509_STORE_CTX_set_ex_data();
+char *	X509_STORE_CTX_get_ex_data();
+int	X509_STORE_CTX_get_error();
+void	X509_STORE_CTX_set_error();
+int	X509_STORE_CTX_get_error_depth();
+X509 *	X509_STORE_CTX_get_current_cert();
+STACK *	X509_STORE_CTX_get_chain();
+void	X509_STORE_CTX_set_cert();
+void	X509_STORE_CTX_set_chain();
 
 #endif
 
diff --git a/crypto/x509/x509name.c b/crypto/x509/x509name.c
index 8223ec069d..650e71b1b5 100644
--- a/crypto/x509/x509name.c
+++ b/crypto/x509/x509name.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509name.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -103,37 +103,38 @@ X509_NAME *name;
 	return(sk_num(name->entries));
 	}
 
-int X509_NAME_get_index_by_NID(name,nid,oldpos)
+int X509_NAME_get_index_by_NID(name,nid,lastpos)
 X509_NAME *name;
 int nid;
-int oldpos;
+int lastpos;
 	{
 	ASN1_OBJECT *obj;
 
 	obj=OBJ_nid2obj(nid);
 	if (obj == NULL) return(-2);
-	return(X509_NAME_get_index_by_OBJ(name,obj,oldpos));
+	return(X509_NAME_get_index_by_OBJ(name,obj,lastpos));
 	}
 
-int X509_NAME_get_index_by_OBJ(name,obj,oldpos)
+/* NOTE: you should be passsing -1, not 0 as lastpos */
+int X509_NAME_get_index_by_OBJ(name,obj,lastpos)
 X509_NAME *name;
 ASN1_OBJECT *obj;
-int oldpos;
+int lastpos;
 	{
 	int n;
 	X509_NAME_ENTRY *ne;
 	STACK *sk;
 
 	if (name == NULL) return(-1);
-	if (oldpos < 0)
-		oldpos= -1;
+	if (lastpos < 0)
+		lastpos= -1;
 	sk=name->entries;
 	n=sk_num(sk);
-	for (oldpos++; oldpos < n; oldpos++)
+	for (lastpos++; lastpos < n; lastpos++)
 		{
-		ne=(X509_NAME_ENTRY *)sk_value(sk,oldpos);
+		ne=(X509_NAME_ENTRY *)sk_value(sk,lastpos);
 		if (OBJ_cmp(ne->object,obj) == 0)
-			return(oldpos);
+			return(lastpos);
 		}
 	return(-1);
 	}
diff --git a/crypto/x509/x509pack.c b/crypto/x509/x509pack.c
index 949943fca5..846f125859 100644
--- a/crypto/x509/x509pack.c
+++ b/crypto/x509/x509pack.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509pack.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -141,7 +141,7 @@ ASN1_OCTET_STRING *os;
 			(ASN1_BIT_STRING **)ex,&p,os->length);
 		break;
 	case V_ASN1_OCTET_STRING:
-		ret=(ASN1_STRING *)d2i_ASN1_BIT_STRING(
+		ret=(ASN1_STRING *)d2i_ASN1_OCTET_STRING(
 			(ASN1_BIT_STRING **)ex,&p,os->length);
 		break;
 	case V_ASN1_IA5STRING:
diff --git a/crypto/x509/x509rset.c b/crypto/x509/x509rset.c
index 2ff456f2ee..323b25470a 100644
--- a/crypto/x509/x509rset.c
+++ b/crypto/x509/x509rset.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509rset.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/x509/x509type.c b/crypto/x509/x509type.c
index 05d6919d6a..42c23bcfca 100644
--- a/crypto/x509/x509type.c
+++ b/crypto/x509/x509type.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509type.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/crypto/x509/x509v3.doc b/crypto/x509/x509v3.doc
new file mode 100644
index 0000000000..1e760a9469
--- /dev/null
+++ b/crypto/x509/x509v3.doc
@@ -0,0 +1,24 @@
+The 'new' system.
+
+The X509_EXTENSION_METHOD includes extensions and attributes and/or names. 
+Basically everthing that can be added to an X509 with an OID identifying it.
+
+It operates via 2 methods per object id.
+int a2i_XXX(X509 *x,char *str,int len);
+int i2a_XXX(BIO *bp,X509 *x);
+
+The a2i_XXX function will add the object with a value converted from the
+string into the X509.  Len can be -1 in which case the length is calculated
+via strlen(str).   Applications can always use direct knowledge to load and
+unload the relevent objects themselves.
+
+i2a_XXX will print to the passed BIO, a text representation of the
+relevet object.  Use a memory BIO if you want it printed to a buffer :-).
+
+X509_add_by_NID(X509 *x,int nid,char *str,int len);
+X509_add_by_OBJ(X509 *x,ASN1_OBJECT *obj,char *str,int len);
+
+X509_print_by_name(BIO *bp,X509 *x);
+X509_print_by_NID(BIO *bp,X509 *x);
+X509_print_by_OBJ(BIO *bp,X509 *x);
+
diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
index 2f554f597b..b7dde23e9a 100644
--- a/crypto/x509/x_all.c
+++ b/crypto/x509/x_all.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x_all.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -148,7 +148,7 @@ X509_EXTENSION *ex;
 		(char *(*)())d2i_X509_EXTENSION,(char *)ex));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 X509 *d2i_X509_fp(fp,x509)
 FILE *fp;
 X509 *x509;
@@ -187,7 +187,7 @@ X509_CRL *crl;
 		(char *(*)())d2i_X509_CRL,(char *)crl));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 X509_CRL *d2i_X509_CRL_fp(fp,crl)
 FILE *fp;
 X509_CRL *crl;
@@ -228,7 +228,7 @@ PKCS7 *p7;
 		(char *(*)())d2i_PKCS7,(char *)p7));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 PKCS7 *d2i_PKCS7_fp(fp,p7)
 FILE *fp;
 PKCS7 *p7;
@@ -269,7 +269,7 @@ X509_REQ *req;
 		(char *(*)())d2i_X509_REQ,(char *)req));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 X509_REQ *d2i_X509_REQ_fp(fp,req)
 FILE *fp;
 X509_REQ *req;
@@ -318,7 +318,7 @@ RSA *rsa;
 		(char *(*)())d2i_RSAPrivateKey,(char *)rsa));
 	}
 
-#ifndef WIN16
+#ifndef NO_FP_API
 RSA *d2i_RSAPrivateKey_fp(fp,rsa)
 FILE *fp;
 RSA *rsa;
@@ -386,7 +386,7 @@ RSA *rsa;
 #endif
 
 #ifndef NO_DSA
-#ifndef WIN16
+#ifndef NO_FP_API
 DSA *d2i_DSAPrivateKey_fp(fp,dsa)
 FILE *fp;
 DSA *dsa;
diff --git a/crypto/x509v3/format b/crypto/x509v3/format
new file mode 100644
index 0000000000..3307978121
--- /dev/null
+++ b/crypto/x509v3/format
@@ -0,0 +1,92 @@
+AuthorityKeyIdentifier
+	{
+	keyIdentifier		[0] OCTET_STRING	OPTIONAL
+	authorityCertIssuer	[1] GeneralNames	OPTIONAL
+	authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL
+	}
+
+SubjectKeyIdentifier	OCTET_STRING
+
+KeyUsage
+	{
+	BIT_STRING
+		digitalSignature	0
+		nonRepudiation		1
+		keyEncipherment		2
+		dataEncipherment	3
+		keyAgreement		4
+		keyCertSign		5
+		cRLSign			6
+		encipherOnly		7
+		decipherOnly		8
+	}
+
+extKeyUsage
+	{
+	SEQUENCE of OBJECT_IDENTIFIER
+	}
+
+privateKeyUsagePeriod
+	{
+	notBefore	[0]	GeneralizedTime OPTIONAL
+	notAfter	[1]	GeneralizedTime OPTIONAL
+	}
+
+certificatePoliciesSyntax
+	SEQUENCE of PoliciesInformation
+
+PoliciesInformation	XXX
+policyMappings		XXX
+supportedAlgorithms	XXX
+
+subjectAltName
+	GeneralNames sequence of GeneralName
+
+GeneralName
+	{
+	otherName	[0] INSTANCE OF OTHER-NAME
+	rfc882Name	[1] IA5String
+	dNSName		[2] IA5String
+	x400Address	[3] ORAddress
+	directoryName	[4] Name
+	ediPartyName	[5] 
+				{
+				nameAssigner	[0] DirectoryString OPTIONAL
+				partyName	[1] DirectoryString
+				}
+	uniformResourceIdentifier [6] IA5String
+	iPAddress	[7] OCTET_STRING
+	registeredID	[8] OBJECT_IDENTIFIER
+	}
+
+issuerAltName
+	GeneralNames sequence of GeneralName
+
+subjectDirectoryAttribute SEQUENCE of Attribute
+
+basicConstraints
+	{
+	cA 			BOOLEAN default FALSE
+	pathLenConstraint	INTEGER OPTIONAL
+	}
+
+nameConstraints
+	{
+	permittedSubtrees [0] sequence of GeneralSubtree OPTIONAL
+	excludedSubtrees [1] sequence of GeneralSubtree OPTIONAL
+	}
+
+GeneralSubtree
+	{
+	base	GeneralName
+	minimum	[0] BaseDistance DEFAULT 0
+	maximum	[1] BaseDistance OPTIONAL
+	}
+
+PolicyConstraints
+	{
+	requiredExplicitPolicy	[0] SkipCerts OPTIONAL
+	inhibitPolicyMapping	[1] SkipCerts OPTIONAL
+	}
+SkipCerts == INTEGER
+
diff --git a/crypto/x509v3/header b/crypto/x509v3/header
new file mode 100644
index 0000000000..3d791ca3dd
--- /dev/null
+++ b/crypto/x509v3/header
@@ -0,0 +1,6 @@
+int		a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size)
+int		i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a)
+int		i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp)
+ASN1_INTEGER *	d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,long length)
+
+
diff --git a/crypto/x509v3/v3_ku.c b/crypto/x509v3/v3_ku.c
new file mode 100644
index 0000000000..87c7402f43
--- /dev/null
+++ b/crypto/x509v3/v3_ku.c
@@ -0,0 +1,318 @@
+/* crypto/x509v3/v3_ku.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "bio.h"
+#include "asn1.h"
+#include "objects.h"
+#include "x509.h"
+
+X509_EXTENSION_METHOD X509v3_key_usage_method=
+	{
+	NID_key_usage,
+	ku_clear,
+	ex_get_bool,
+	ex_set_bool,
+	NULL,
+	NULL,
+	NULL,
+	NULL,
+	ku_a2i,
+	ku_i2a,
+	};
+
+static void ku_clear(a)
+X509_EXTENSION *a;
+	{
+	}
+
+static int ku_expand(a)
+X509_EXTENSION *a;
+	{
+	ASN1_BIT_STRING *bs;
+
+	if (a->argp == NULL)
+		{
+		bs=X509v3_unpack_string(NULL,V_ASN1_BIT_STRING,value);
+		if (bs == NULL) return(0);
+		a->argp=(char *)bs;
+		a->ex_free=ASN1_STRING_free;
+		}
+	return(1);
+	}
+
+static int ku_get_bool(a,num)
+X509_EXTENSION *a;
+int num;
+	{
+	int ret;
+	ASN1_BIT_STRING *bs;
+
+	if ((a->argp == NULL) && !ku_expand(a))
+		return(-1);
+	bs=(ASN1_BIT_STRING *)a->argp;
+	ret=ASN1_BIT_STRING_get_bit(bs,num);
+	return(ret);
+	}
+
+static int ku_set_bool(a,num,value)
+X509_EXTENSION *a;
+int num;
+int value;
+	{
+	ASN1_BIT_STRING *a;
+
+	if ((a->argp == NULL) && !ku_expand(a))
+		return(0);
+	bs=(ASN1_BIT_STRING *)a->argp;
+	ret=ASN1_BIT_STRING_set_bit(bs,num,value);
+	}
+
+static int ku_a2i(bio,a,buf,len)
+BIO *bio;
+X509_EXTENSION *a;
+char *buf;
+int len;
+	{
+	get token
+	}
+
+static char ku_names[X509v3_N_KU_NUM]={
+	X509v3_S_KU_digitalSignature,
+	X509v3_S_KU_nonRepudiation,
+	X509v3_S_KU_keyEncipherment,
+	X509v3_S_KU_dataEncipherment,
+	X509v3_S_KU_keyAgreement,
+	X509v3_S_KU_keyCertSign,
+	X509v3_S_KU_cRLSign,
+	X509v3_S_KU_encipherOnly,
+	X509v3_S_KU_decipherOnly,
+	};
+
+static int ku_i2a(bio,a);
+BIO *bio;
+X509_EXTENSION *a;
+	{
+	int i,first=1;
+	char *c;
+
+	for (i=0; i<X509v3_N_KU_NUM; i++)
+		{
+		if (ku_get_bool(a,i) > 0)
+			{
+			BIO_printf(bio,"%s%s",((first)?"":" "),ku_names[i]);
+			first=0;
+			}
+		}
+	}
+
+/***********************/
+
+int X509v3_get_key_usage(x,ret)
+STACK *x;
+unsigned long *ret;
+	{
+	X509_EXTENSION *ext;
+	ASN1_STRING *st;
+	char *p;
+	int i;
+
+	i=X509_get_ext_by_NID(x,NID_key_usage,-1);
+	if (i < 0) return(X509v3_KU_UNDEF);
+	ext=X509_get_ext(x,i);
+	st=X509v3_unpack_string(NULL,V_ASN1_BIT_STRING,
+		X509_EXTENSION_get_data(X509_get_ext(x,i)));
+
+	p=ASN1_STRING_data(st);
+	if (ASN1_STRING_length(st) == 1)
+		i=p[0];
+	else if (ASN1_STRING_length(st) == 2)
+		i=p[0]|(p[1]<<8);
+	else
+		i=0;
+	return(i);
+	}
+
+static struct
+	{
+	char *name;
+	unsigned int value;
+	} key_usage_data[] ={
+	{"digitalSignature",	X509v3_KU_DIGITAL_SIGNATURE},
+	{"nonRepudiation",	X509v3_KU_NON_REPUDIATION},
+	{"keyEncipherment",	X509v3_KU_KEY_ENCIPHERMENT},
+	{"dataEncipherment",	X509v3_KU_DATA_ENCIPHERMENT},
+	{"keyAgreement",	X509v3_KU_KEY_AGREEMENT},
+	{"keyCertSign",		X509v3_KU_KEY_CERT_SIGN},
+	{"cRLSign",		X509v3_KU_CRL_SIGN},
+	{"encipherOnly",	X509v3_KU_ENCIPHER_ONLY},
+	{"decipherOnly",	X509v3_KU_DECIPHER_ONLY},
+	{NULL,0},
+	};
+
+#if 0
+static int a2i_key_usage(x,str,len)
+X509 *x;
+char *str;
+int len;
+	{
+	return(X509v3_set_key_usage(x,a2i_X509v3_key_usage(str)));
+	}
+
+static int i2a_key_usage(bp,x)
+BIO *bp;
+X509 *x;
+	{
+	return(i2a_X509v3_key_usage(bp,X509v3_get_key_usage(x)));
+	}
+#endif
+
+int i2a_X509v3_key_usage(bp,use)
+BIO *bp;
+unsigned int use;
+	{
+	int i=0,first=1;
+
+	for (;;)
+		{
+		if (use | key_usage_data[i].value)
+			{
+			BIO_printf(bp,"%s%s",((first)?"":" "),
+				key_usage_data[i].name);
+			first=0;
+			}
+		}
+	return(1);
+	}
+
+unsigned int a2i_X509v3_key_usage(p)
+char *p;
+	{
+	unsigned int ret=0;
+	char *q,*s;
+	int i,n;
+
+	q=p;
+	for (;;)
+		{
+		while ((*q != '\0') && isalnum(*q))
+			q++;
+		if (*q == '\0') break;
+		s=q++;
+		while (isalnum(*q))
+			q++;
+		n=q-s;
+		i=0;
+		for (;;)
+			{
+			if (strncmp(key_usage_data[i].name,s,n) == 0)
+				{
+				ret|=key_usage_data[i].value;
+				break;
+				}
+			i++;
+			if (key_usage_data[i].name == NULL)
+				return(X509v3_KU_UNDEF);
+			}
+		}
+	return(ret);
+	}
+
+int X509v3_set_key_usage(x,use)
+X509 *x;
+unsigned int use;
+	{
+	ASN1_OCTET_STRING *os;
+	X509_EXTENSION *ext;
+	int i;
+	unsigned char data[4];
+
+	i=X509_get_ext_by_NID(x,NID_key_usage,-1);
+	if (i < 0)
+		{
+		i=X509_get_ext_count(x)+1;
+		if ((ext=X509_EXTENSION_new()) == NULL) return(0);
+		if (!X509_add_ext(x,ext,i))
+			{
+			X509_EXTENSION_free(ext);
+			return(0);
+			}
+		}
+	else
+		ext=X509_get_ext(x,i);
+
+	/* fill in 'ext' */
+	os=X509_EXTENSION_get_data(ext);
+
+	i=0;
+	if (use > 0)
+		{
+		i=1;
+		data[0]=use&0xff;
+		}
+	if (use > 0xff)
+		{
+		i=2;
+		data[1]=(use>>8)&0xff;
+		}
+	return((X509v3_pack_string(&os,V_ASN1_BIT_STRING,data,i) == NULL)?0:1);
+	}
+
diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
new file mode 100644
index 0000000000..d7945bc9cd
--- /dev/null
+++ b/crypto/x509v3/x509v3.h
@@ -0,0 +1,87 @@
+/* crypto/x509v3/x509v3.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#define X509v3_N_KU_digitalSignature	0
+#define X509v3_N_KU_nonRepudiation	1
+#define X509v3_N_KU_keyEncipherment	2
+#define X509v3_N_KU_dataEncipherment	3
+#define X509v3_N_KU_keyAgreement	4
+#define X509v3_N_KU_keyCertSign		5
+#define X509v3_N_KU_cRLSign		6
+#define X509v3_N_KU_encipherOnly	7
+#define X509v3_N_KU_decipherOnly	8
+#define X509v3_N_KU_NUM			9
+#define X509v3_S_KU_digitalSignature	"digitalSignature"
+#define X509v3_S_KU_nonRepudiation	"nonRepudiation"
+#define X509v3_S_KU_keyEncipherment	"keyEncipherment"
+#define X509v3_S_KU_dataEncipherment	"dataEncipherment"
+#define X509v3_S_KU_keyAgreement	"keyAgreement"
+#define X509v3_S_KU_keyCertSign		"keyCertSign"
+#define X509v3_S_KU_cRLSign		"cRLSign"
+#define X509v3_S_KU_encipherOnly	"encipherOnly"
+#define X509v3_S_KU_decipherOnly	"decipherOnly"
+
+
+void X509_ex_clear(X509_EXTENSION *a);
+int X509_ex_get_bool(X509_EXTENSION *a,int num);
+int X509_ex_set_bool(X509_EXTENSION *a,int num,int value);
+int X509_ex_get_str(X509_EXTENSION *a,int index,char **p,int *len);
+int X509_ex_set_str(X509_EXTENSION *a,int oid,int index,char *p,int len);
+char *X509_ex_get_struct(X509_EXTENSION *a,int oid,int index,char **p);
+int X509_ex_set_struct(X509_EXTENSION *a,int index,char *p);
+int a2i_X509_EXTENSION(BIO *bp,X509_EXTENSION *a,char *buf,int len);
+int i2a_X509_EXTENSION(BIO *bp,X509_EXTENSION *a);
diff --git a/demos/b64.c b/demos/b64.c
index 5e3d20e321..42abc42d33 100644
--- a/demos/b64.c
+++ b/demos/b64.c
@@ -1,5 +1,5 @@
 /* demos/b64.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/demos/bio/saccept.c b/demos/bio/saccept.c
index 81bf353750..920eab397c 100644
--- a/demos/bio/saccept.c
+++ b/demos/bio/saccept.c
@@ -70,7 +70,7 @@ char *argv[];
 
 again:
 	/* The first call will setup the accept socket, and the second
-	 * will get a socket.  In this loop, the first actuall accept
+	 * will get a socket.  In this loop, the first actual accept
 	 * will occur in the BIO_read() function. */
 
 	if (BIO_do_accept(in) <= 0) goto err;
diff --git a/demos/prime/prime.c b/demos/prime/prime.c
index 25873731d3..e4a17765bb 100644
--- a/demos/prime/prime.c
+++ b/demos/prime/prime.c
@@ -1,5 +1,5 @@
 /* demos/prime/prime.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/demos/sign/sign.c b/demos/sign/sign.c
index 280cc633ac..5cbce3cdc5 100644
--- a/demos/sign/sign.c
+++ b/demos/sign/sign.c
@@ -1,5 +1,5 @@
 /* demos/sign/sign.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/dep/crypto.txt b/dep/crypto.txt
new file mode 100644
index 0000000000..9e5144fec6
--- /dev/null
+++ b/dep/crypto.txt
@@ -0,0 +1,1043 @@
+ASN1_BIT_STRING_asn1_meth
+ASN1_BIT_STRING_get_bit
+ASN1_BIT_STRING_set_bit
+ASN1_HEADER_free
+ASN1_HEADER_new
+ASN1_IA5STRING_asn1_meth
+ASN1_INTEGER_get
+ASN1_INTEGER_set
+ASN1_INTEGER_to_BN
+ASN1_OBJECT_create
+ASN1_OBJECT_free
+ASN1_OBJECT_new
+ASN1_PRINTABLE_type
+ASN1_STRING_cmp
+ASN1_STRING_dup
+ASN1_STRING_free
+ASN1_STRING_new
+ASN1_STRING_print
+ASN1_STRING_set
+ASN1_STRING_type_new
+ASN1_TYPE_free
+ASN1_TYPE_get
+ASN1_TYPE_new
+ASN1_TYPE_set
+ASN1_UNIVERSALSTRING_to_string
+ASN1_UTCTIME_check
+ASN1_UTCTIME_print
+ASN1_UTCTIME_set
+ASN1_check_infinite_end
+ASN1_d2i_bio
+ASN1_d2i_fp
+ASN1_digest
+ASN1_dup
+ASN1_get_object
+ASN1_i2d_bio
+ASN1_i2d_fp
+ASN1_object_size
+ASN1_parse
+ASN1_put_object
+ASN1_sign
+ASN1_verify
+BF_cbc_encrypt
+BF_cfb64_encrypt
+BF_decrypt
+BF_ecb_encrypt
+BF_encrypt
+BF_ofb64_encrypt
+BF_options
+BF_set_key
+BIO_ACCEPT_free
+BIO_ACCEPT_new
+BIO_CONNECT_free
+BIO_CONNECT_new
+BIO_accept
+BIO_copy_next_retry
+BIO_ctrl
+BIO_ctrl_int
+BIO_debug_callback
+BIO_dump
+BIO_dup_chain
+BIO_f_base64
+BIO_f_buffer
+BIO_f_cipher
+BIO_f_md
+BIO_f_nbio_test
+BIO_f_null
+BIO_f_proxy_server
+BIO_fd_non_fatal_error
+BIO_fd_should_retry
+BIO_find_type
+BIO_free
+BIO_free_all
+BIO_get_accept_socket
+BIO_get_ex_data
+BIO_get_ex_new_index
+BIO_get_filter_bio
+BIO_get_host_ip
+BIO_get_port
+BIO_get_retry_BIO
+BIO_get_retry_reason
+BIO_gethostbyname
+BIO_gets
+BIO_ghbn_ctrl
+BIO_new
+BIO_new_accept
+BIO_new_connect
+BIO_new_fd
+BIO_new_file
+BIO_new_fp
+BIO_new_socket
+BIO_pop
+BIO_printf
+BIO_ptr_ctrl
+BIO_push
+BIO_puts
+BIO_read
+BIO_s_accept
+BIO_s_connect
+BIO_s_fd
+BIO_s_file
+BIO_s_mem
+BIO_s_null
+BIO_s_proxy_client
+BIO_s_socket
+BIO_set
+BIO_set_cipher
+BIO_set_ex_data
+BIO_set_tcp_ndelay
+BIO_sock_cleanup
+BIO_sock_error
+BIO_sock_init
+BIO_sock_non_fatal_error
+BIO_sock_should_retry
+BIO_socket_ioctl
+BIO_write
+BN_BLINDING_convert
+BN_BLINDING_free
+BN_BLINDING_invert
+BN_BLINDING_new
+BN_BLINDING_update
+BN_CTX_free
+BN_CTX_new
+BN_MONT_CTX_free
+BN_MONT_CTX_new
+BN_MONT_CTX_set
+BN_add
+BN_add_word
+BN_bin2bn
+BN_bn2bin
+BN_bn2dec
+BN_bn2hex
+BN_bn2mpi
+BN_clear
+BN_clear_bit
+BN_clear_free
+BN_cmp
+BN_copy
+BN_dec2bn
+BN_div
+BN_div_word
+BN_dup
+BN_exp
+BN_free
+BN_from_montgomery
+BN_gcd
+BN_generate_prime
+BN_get_word
+BN_hex2bn
+BN_is_bit_set
+BN_is_prime
+BN_lshift
+BN_lshift1
+BN_mask_bits
+BN_mod
+BN_mod_exp
+BN_mod_exp_mont
+BN_mod_exp_recp
+BN_mod_exp_simple
+BN_mod_inverse
+BN_mod_mul
+BN_mod_mul_montgomery
+BN_mod_mul_reciprocal
+BN_mod_word
+BN_mpi2bn
+BN_mul
+BN_mul_word
+BN_new
+BN_num_bits
+BN_num_bits_word
+BN_options
+BN_print
+BN_print_fp
+BN_rand
+BN_reciprocal
+BN_rshift
+BN_rshift1
+BN_set_bit
+BN_set_word
+BN_sqr
+BN_sub
+BN_sub_word
+BN_to_ASN1_INTEGER
+BN_ucmp
+BN_value_one
+BUF_MEM_free
+BUF_MEM_grow
+BUF_MEM_new
+BUF_strdup
+CAST_cbc_encrypt
+CAST_cfb64_encrypt
+CAST_decrypt
+CAST_ecb_encrypt
+CAST_encrypt
+CAST_ofb64_encrypt
+CAST_set_key
+CONF_free
+CONF_get_number
+CONF_get_section
+CONF_get_string
+CONF_load
+CRYPTO_add_lock
+CRYPTO_dbg_free
+CRYPTO_dbg_malloc
+CRYPTO_dbg_realloc
+CRYPTO_dbg_remalloc
+CRYPTO_dup_ex_data
+CRYPTO_free
+CRYPTO_free_ex_data
+CRYPTO_get_add_lock_callback
+CRYPTO_get_ex_data
+CRYPTO_get_ex_new_index
+CRYPTO_get_id_callback
+CRYPTO_get_lock_name
+CRYPTO_get_locking_callback
+CRYPTO_get_mem_functions
+CRYPTO_get_new_lockid
+CRYPTO_lock
+CRYPTO_malloc
+CRYPTO_mem_ctrl
+CRYPTO_mem_leaks
+CRYPTO_mem_leaks_cb
+CRYPTO_mem_leaks_fp
+CRYPTO_new_ex_data
+CRYPTO_realloc
+CRYPTO_remalloc
+CRYPTO_set_add_lock_callback
+CRYPTO_set_ex_data
+CRYPTO_set_id_callback
+CRYPTO_set_locking_callback
+CRYPTO_set_mem_functions
+CRYPTO_thread_id
+DH_check
+DH_compute_key
+DH_free
+DH_generate_key
+DH_generate_parameters
+DH_new
+DH_size
+DHparams_print
+DHparams_print_fp
+DSA_free
+DSA_generate_key
+DSA_generate_parameters
+DSA_is_prime
+DSA_new
+DSA_print
+DSA_print_fp
+DSA_sign
+DSA_sign_setup
+DSA_size
+DSA_verify
+DSAparams_print
+DSAparams_print_fp
+ERR_clear_error
+ERR_error_string
+ERR_free_strings
+ERR_func_error_string
+ERR_get_err_state_table
+ERR_get_error
+ERR_get_error_line
+ERR_get_next_error_library
+ERR_get_state
+ERR_get_string_table
+ERR_lib_error_string
+ERR_load_ASN1_strings
+ERR_load_BIO_strings
+ERR_load_BN_strings
+ERR_load_BUF_strings
+ERR_load_CONF_strings
+ERR_load_CRYPTO_strings
+ERR_load_DH_strings
+ERR_load_DSA_strings
+ERR_load_ERR_strings
+ERR_load_EVP_strings
+ERR_load_OBJ_strings
+ERR_load_PEM_strings
+ERR_load_PKCS7_strings
+ERR_load_PROXY_strings
+ERR_load_RSA_strings
+ERR_load_X509_strings
+ERR_load_crypto_strings
+ERR_load_strings
+ERR_peek_error
+ERR_peek_error_line
+ERR_print_errors
+ERR_print_errors_fp
+ERR_put_error
+ERR_reason_error_string
+ERR_remove_state
+EVP_BytesToKey
+EVP_CIPHER_CTX_cleanup
+EVP_CIPHER_CTX_init
+EVP_CipherFinal
+EVP_CipherInit
+EVP_CipherUpdate
+EVP_DecodeBlock
+EVP_DecodeFinal
+EVP_DecodeInit
+EVP_DecodeUpdate
+EVP_DecryptFinal
+EVP_DecryptInit
+EVP_DecryptUpdate
+EVP_DigestFinal
+EVP_DigestInit
+EVP_DigestUpdate
+EVP_EncodeBlock
+EVP_EncodeFinal
+EVP_EncodeInit
+EVP_EncodeUpdate
+EVP_EncryptFinal
+EVP_EncryptInit
+EVP_EncryptUpdate
+EVP_OpenFinal
+EVP_OpenInit
+EVP_PKEY_assign
+EVP_PKEY_bits
+EVP_PKEY_cmp_parameters
+EVP_PKEY_copy_parameters
+EVP_PKEY_free
+EVP_PKEY_missing_parameters
+EVP_PKEY_new
+EVP_PKEY_save_parameters
+EVP_PKEY_size
+EVP_PKEY_type
+EVP_SealFinal
+EVP_SealInit
+EVP_SignFinal
+EVP_VerifyFinal
+EVP_add_alias
+EVP_add_cipher
+EVP_add_digest
+EVP_bf_cbc
+EVP_bf_cfb
+EVP_bf_ecb
+EVP_bf_ofb
+EVP_cast5_cbc
+EVP_cast5_cfb
+EVP_cast5_ecb
+EVP_cast5_ofb
+EVP_cleanup
+EVP_delete_alias
+EVP_des_cbc
+EVP_des_cfb
+EVP_des_ecb
+EVP_des_ede
+EVP_des_ede3
+EVP_des_ede3_cbc
+EVP_des_ede3_cfb
+EVP_des_ede3_ofb
+EVP_des_ede_cbc
+EVP_des_ede_cfb
+EVP_des_ede_ofb
+EVP_des_ofb
+EVP_desx_cbc
+EVP_dss
+EVP_dss1
+EVP_enc_null
+EVP_get_cipherbyname
+EVP_get_digestbyname
+EVP_get_pw_prompt
+EVP_idea_cbc
+EVP_idea_cfb
+EVP_idea_ecb
+EVP_idea_ofb
+EVP_md2
+EVP_md5
+EVP_md_null
+EVP_mdc2
+EVP_rc2_40_cbc
+EVP_rc2_cbc
+EVP_rc2_cfb
+EVP_rc2_ecb
+EVP_rc2_ofb
+EVP_rc4
+EVP_rc4_40
+EVP_read_pw_string
+EVP_set_pw_prompt
+EVP_sha
+EVP_sha1
+HMAC
+HMAC_Final
+HMAC_Init
+HMAC_Update
+HMAC_cleanup
+MD2
+MD2_Final
+MD2_Init
+MD2_Update
+MD2_options
+MD5
+MD5_Final
+MD5_Init
+MD5_Transform
+MD5_Update
+MDC2
+MDC2_Final
+MDC2_Init
+MDC2_Update
+NETSCAPE_SPKAC_free
+NETSCAPE_SPKAC_new
+NETSCAPE_SPKI_free
+NETSCAPE_SPKI_new
+NETSCAPE_SPKI_sign
+NETSCAPE_SPKI_verify
+OBJ_add_object
+OBJ_bsearch
+OBJ_cleanup
+OBJ_cmp
+OBJ_create
+OBJ_create_objects
+OBJ_dup
+OBJ_ln2nid
+OBJ_new_nid
+OBJ_nid2ln
+OBJ_nid2obj
+OBJ_nid2sn
+OBJ_obj2nid
+OBJ_sn2nid
+OBJ_txt2nid
+PEM_ASN1_read
+PEM_ASN1_read_bio
+PEM_ASN1_write
+PEM_ASN1_write_bio
+PEM_SealFinal
+PEM_SealInit
+PEM_SealUpdate
+PEM_SignFinal
+PEM_SignInit
+PEM_SignUpdate
+PEM_X509_INFO_read
+PEM_X509_INFO_read_bio
+PEM_X509_INFO_write_bio
+PEM_dek_info
+PEM_do_header
+PEM_get_EVP_CIPHER_INFO
+PEM_proc_type
+PEM_read
+PEM_read_DHparams
+PEM_read_DSAPrivateKey
+PEM_read_DSAparams
+PEM_read_PKCS7
+PEM_read_PrivateKey
+PEM_read_RSAPrivateKey
+PEM_read_RSAPublicKey
+PEM_read_X509
+PEM_read_X509_CRL
+PEM_read_X509_REQ
+PEM_read_bio
+PEM_read_bio_DHparams
+PEM_read_bio_DSAPrivateKey
+PEM_read_bio_DSAparams
+PEM_read_bio_PKCS7
+PEM_read_bio_PrivateKey
+PEM_read_bio_RSAPrivateKey
+PEM_read_bio_RSAPublicKey
+PEM_read_bio_X509
+PEM_read_bio_X509_CRL
+PEM_read_bio_X509_REQ
+PEM_write
+PEM_write_DHparams
+PEM_write_DSAPrivateKey
+PEM_write_DSAparams
+PEM_write_PKCS7
+PEM_write_PrivateKey
+PEM_write_RSAPrivateKey
+PEM_write_RSAPublicKey
+PEM_write_X509
+PEM_write_X509_CRL
+PEM_write_X509_REQ
+PEM_write_bio
+PEM_write_bio_DHparams
+PEM_write_bio_DSAPrivateKey
+PEM_write_bio_DSAparams
+PEM_write_bio_PKCS7
+PEM_write_bio_PrivateKey
+PEM_write_bio_RSAPrivateKey
+PEM_write_bio_RSAPublicKey
+PEM_write_bio_X509
+PEM_write_bio_X509_CRL
+PEM_write_bio_X509_REQ
+PKCS7_DIGEST_free
+PKCS7_DIGEST_new
+PKCS7_ENCRYPT_free
+PKCS7_ENCRYPT_new
+PKCS7_ENC_CONTENT_free
+PKCS7_ENC_CONTENT_new
+PKCS7_ENVELOPE_free
+PKCS7_ENVELOPE_new
+PKCS7_ISSUER_AND_SERIAL_digest
+PKCS7_ISSUER_AND_SERIAL_free
+PKCS7_ISSUER_AND_SERIAL_new
+PKCS7_RECIP_INFO_free
+PKCS7_RECIP_INFO_new
+PKCS7_SIGNED_free
+PKCS7_SIGNED_new
+PKCS7_SIGNER_INFO_free
+PKCS7_SIGNER_INFO_new
+PKCS7_SIGNER_INFO_set
+PKCS7_SIGN_ENVELOPE_free
+PKCS7_SIGN_ENVELOPE_new
+PKCS7_add_certificate
+PKCS7_add_crl
+PKCS7_add_signature
+PKCS7_add_signer
+PKCS7_cert_from_signer_info
+PKCS7_content_free
+PKCS7_content_new
+PKCS7_ctrl
+PKCS7_dataInit
+PKCS7_dataSign
+PKCS7_dataVerify
+PKCS7_dup
+PKCS7_free
+PKCS7_get_signer_info
+PKCS7_new
+PKCS7_set_content
+PKCS7_set_type
+PROXY_ENTRY_add_noproxy
+PROXY_ENTRY_clear_noproxy
+PROXY_ENTRY_free
+PROXY_ENTRY_get_noproxy
+PROXY_ENTRY_new
+PROXY_ENTRY_set_server
+PROXY_add_noproxy
+PROXY_add_server
+PROXY_check_by_host
+PROXY_check_url
+PROXY_clear_noproxy
+PROXY_free
+PROXY_get_noproxy
+PROXY_get_proxies
+PROXY_get_proxy_entry
+PROXY_load_conf
+PROXY_new
+PROXY_print
+RAND_bytes
+RAND_cleanup
+RAND_file_name
+RAND_load_file
+RAND_seed
+RAND_write_file
+RC2_cbc_encrypt
+RC2_cfb64_encrypt
+RC2_decrypt
+RC2_ecb_encrypt
+RC2_encrypt
+RC2_ofb64_encrypt
+RC2_set_key
+RC4
+RC4_options
+RC4_set_key
+RC5_32_cbc_encrypt
+RC5_32_cfb64_encrypt
+RC5_32_decrypt
+RC5_32_ecb_encrypt
+RC5_32_encrypt
+RC5_32_ofb64_encrypt
+RC5_32_set_key
+RIPEMD160
+RIPEMD160_Final
+RIPEMD160_Init
+RIPEMD160_Transform
+RIPEMD160_Update
+RSAPrivateKey_asn1_meth
+RSAPrivateKey_dup
+RSAPublicKey_dup
+RSA_PKCS1_SSLeay
+RSA_blinding_off
+RSA_blinding_on
+RSA_flags
+RSA_free
+RSA_generate_key
+RSA_get_ex_data
+RSA_get_ex_new_index
+RSA_new
+RSA_new_method
+RSA_padding_add_PKCS1_type_1
+RSA_padding_add_PKCS1_type_2
+RSA_padding_add_SSLv23
+RSA_padding_add_none
+RSA_padding_check_PKCS1_type_1
+RSA_padding_check_PKCS1_type_2
+RSA_padding_check_SSLv23
+RSA_padding_check_none
+RSA_print
+RSA_print_fp
+RSA_private_decrypt
+RSA_private_encrypt
+RSA_public_decrypt
+RSA_public_encrypt
+RSA_set_default_method
+RSA_set_ex_data
+RSA_sign
+RSA_sign_ASN1_OCTET_STRING
+RSA_size
+RSA_verify
+RSA_verify_ASN1_OCTET_STRING
+SHA
+SHA1
+SHA1_Final
+SHA1_Init
+SHA1_Transform
+SHA1_Update
+SHA_Final
+SHA_Init
+SHA_Transform
+SHA_Update
+SSLeay
+SSLeay_add_all_algorithms
+SSLeay_add_all_ciphers
+SSLeay_add_all_digests
+SSLeay_version
+TXT_DB_create_index
+TXT_DB_free
+TXT_DB_get_by_index
+TXT_DB_insert
+TXT_DB_read
+TXT_DB_write
+X509_ALGOR_free
+X509_ALGOR_new
+X509_ATTRIBUTE_free
+X509_ATTRIBUTE_new
+X509_CINF_free
+X509_CINF_new
+X509_CRL_INFO_free
+X509_CRL_INFO_new
+X509_CRL_add_ext
+X509_CRL_cmp
+X509_CRL_delete_ext
+X509_CRL_dup
+X509_CRL_free
+X509_CRL_get_ext
+X509_CRL_get_ext_by_NID
+X509_CRL_get_ext_by_OBJ
+X509_CRL_get_ext_by_critical
+X509_CRL_get_ext_count
+X509_CRL_new
+X509_CRL_sign
+X509_CRL_verify
+X509_EXTENSION_create_by_NID
+X509_EXTENSION_create_by_OBJ
+X509_EXTENSION_dup
+X509_EXTENSION_free
+X509_EXTENSION_get_critical
+X509_EXTENSION_get_data
+X509_EXTENSION_get_object
+X509_EXTENSION_new
+X509_EXTENSION_set_critical
+X509_EXTENSION_set_data
+X509_EXTENSION_set_object
+X509_INFO_free
+X509_INFO_new
+X509_LOOKUP_by_alias
+X509_LOOKUP_by_fingerprint
+X509_LOOKUP_by_issuer_serial
+X509_LOOKUP_by_subject
+X509_LOOKUP_ctrl
+X509_LOOKUP_file
+X509_LOOKUP_free
+X509_LOOKUP_hash_dir
+X509_LOOKUP_init
+X509_LOOKUP_new
+X509_LOOKUP_shutdown
+X509_NAME_ENTRY_create_by_NID
+X509_NAME_ENTRY_create_by_OBJ
+X509_NAME_ENTRY_dup
+X509_NAME_ENTRY_free
+X509_NAME_ENTRY_get_data
+X509_NAME_ENTRY_get_object
+X509_NAME_ENTRY_new
+X509_NAME_ENTRY_set_data
+X509_NAME_ENTRY_set_object
+X509_NAME_add_entry
+X509_NAME_cmp
+X509_NAME_delete_entry
+X509_NAME_digest
+X509_NAME_dup
+X509_NAME_entry_count
+X509_NAME_free
+X509_NAME_get_entry
+X509_NAME_get_index_by_NID
+X509_NAME_get_index_by_OBJ
+X509_NAME_get_text_by_NID
+X509_NAME_get_text_by_OBJ
+X509_NAME_hash
+X509_NAME_new
+X509_NAME_oneline
+X509_NAME_print
+X509_NAME_set
+X509_OBJECT_free_contents
+X509_OBJECT_retrive_by_subject
+X509_OBJECT_up_ref_count
+X509_PKEY_free
+X509_PKEY_new
+X509_PUBKEY_free
+X509_PUBKEY_get
+X509_PUBKEY_new
+X509_PUBKEY_set
+X509_REQ_INFO_free
+X509_REQ_INFO_new
+X509_REQ_dup
+X509_REQ_free
+X509_REQ_get_pubkey
+X509_REQ_new
+X509_REQ_print
+X509_REQ_print_fp
+X509_REQ_set_pubkey
+X509_REQ_set_subject_name
+X509_REQ_set_version
+X509_REQ_sign
+X509_REQ_to_X509
+X509_REQ_verify
+X509_REVOKED_add_ext
+X509_REVOKED_delete_ext
+X509_REVOKED_free
+X509_REVOKED_get_ext
+X509_REVOKED_get_ext_by_NID
+X509_REVOKED_get_ext_by_OBJ
+X509_REVOKED_get_ext_by_critical
+X509_REVOKED_get_ext_count
+X509_REVOKED_new
+X509_SIG_free
+X509_SIG_new
+X509_STORE_CTX_cleanup
+X509_STORE_CTX_get_chain
+X509_STORE_CTX_get_current_cert
+X509_STORE_CTX_get_error
+X509_STORE_CTX_get_error_depth
+X509_STORE_CTX_get_ex_data
+X509_STORE_CTX_get_ex_new_index
+X509_STORE_CTX_init
+X509_STORE_CTX_set_cert
+X509_STORE_CTX_set_chain
+X509_STORE_CTX_set_error
+X509_STORE_CTX_set_ex_data
+X509_STORE_add_cert
+X509_STORE_add_crl
+X509_STORE_add_lookup
+X509_STORE_free
+X509_STORE_get_by_subject
+X509_STORE_load_locations
+X509_STORE_new
+X509_STORE_set_default_paths
+X509_VAL_free
+X509_VAL_new
+X509_add_ext
+X509_asn1_meth
+X509_certificate_type
+X509_check_private_key
+X509_cmp_current_time
+X509_delete_ext
+X509_digest
+X509_dup
+X509_find_by_issuer_and_serial
+X509_find_by_subject
+X509_free
+X509_get_default_cert_area
+X509_get_default_cert_dir
+X509_get_default_cert_dir_env
+X509_get_default_cert_file
+X509_get_default_cert_file_env
+X509_get_default_private_dir
+X509_get_ext
+X509_get_ext_by_NID
+X509_get_ext_by_OBJ
+X509_get_ext_by_critical
+X509_get_ext_count
+X509_get_issuer_name
+X509_get_pubkey
+X509_get_pubkey_parameters
+X509_get_serialNumber
+X509_get_subject_name
+X509_gmtime_adj
+X509_issuer_and_serial_cmp
+X509_issuer_and_serial_hash
+X509_issuer_name_cmp
+X509_issuer_name_hash
+X509_load_cert_file
+X509_load_crl_file
+X509_new
+X509_print
+X509_print_fp
+X509_set_issuer_name
+X509_set_notAfter
+X509_set_notBefore
+X509_set_pubkey
+X509_set_serialNumber
+X509_set_subject_name
+X509_set_version
+X509_sign
+X509_subject_name_cmp
+X509_subject_name_hash
+X509_to_X509_REQ
+X509_verify
+X509_verify_cert
+X509_verify_cert_error_string
+X509v3_add_ext
+X509v3_add_extension
+X509v3_add_netscape_extensions
+X509v3_add_standard_extensions
+X509v3_cleanup_extensions
+X509v3_data_type_by_NID
+X509v3_data_type_by_OBJ
+X509v3_delete_ext
+X509v3_get_ext
+X509v3_get_ext_by_NID
+X509v3_get_ext_by_OBJ
+X509v3_get_ext_by_critical
+X509v3_get_ext_count
+X509v3_get_key_usage
+X509v3_pack_string
+X509v3_pack_type_by_NID
+X509v3_pack_type_by_OBJ
+X509v3_set_key_usage
+X509v3_unpack_string
+_des_crypt
+a2d_ASN1_OBJECT
+a2i_ASN1_INTEGER
+a2i_ASN1_STRING
+a2i_X509v3_key_usage
+asn1_Finish
+asn1_GetSequence
+bn_add_words
+bn_div64
+bn_expand2
+bn_mul_add_words
+bn_mul_words
+bn_qadd
+bn_qsub
+bn_sqr_words
+crypt
+d2i_ASN1_BIT_STRING
+d2i_ASN1_BOOLEAN
+d2i_ASN1_HEADER
+d2i_ASN1_IA5STRING
+d2i_ASN1_INTEGER
+d2i_ASN1_OBJECT
+d2i_ASN1_OCTET_STRING
+d2i_ASN1_PRINTABLE
+d2i_ASN1_PRINTABLESTRING
+d2i_ASN1_SET
+d2i_ASN1_T61STRING
+d2i_ASN1_TYPE
+d2i_ASN1_UTCTIME
+d2i_ASN1_bytes
+d2i_ASN1_type_bytes
+d2i_DHparams
+d2i_DSAPrivateKey
+d2i_DSAPrivateKey_bio
+d2i_DSAPrivateKey_fp
+d2i_DSAPublicKey
+d2i_DSAparams
+d2i_NETSCAPE_SPKAC
+d2i_NETSCAPE_SPKI
+d2i_Netscape_RSA
+d2i_Netscape_RSA_2
+d2i_PKCS7
+d2i_PKCS7_DIGEST
+d2i_PKCS7_ENCRYPT
+d2i_PKCS7_ENC_CONTENT
+d2i_PKCS7_ENVELOPE
+d2i_PKCS7_ISSUER_AND_SERIAL
+d2i_PKCS7_RECIP_INFO
+d2i_PKCS7_SIGNED
+d2i_PKCS7_SIGNER_INFO
+d2i_PKCS7_SIGN_ENVELOPE
+d2i_PKCS7_bio
+d2i_PKCS7_fp
+d2i_PrivateKey
+d2i_PublicKey
+d2i_RSAPrivateKey
+d2i_RSAPrivateKey_bio
+d2i_RSAPrivateKey_fp
+d2i_RSAPublicKey
+d2i_RSAPublicKey_bio
+d2i_RSAPublicKey_fp
+d2i_X509
+d2i_X509_ALGOR
+d2i_X509_ATTRIBUTE
+d2i_X509_CINF
+d2i_X509_CRL
+d2i_X509_CRL_INFO
+d2i_X509_CRL_bio
+d2i_X509_CRL_fp
+d2i_X509_EXTENSION
+d2i_X509_NAME
+d2i_X509_NAME_ENTRY
+d2i_X509_PKEY
+d2i_X509_PUBKEY
+d2i_X509_REQ
+d2i_X509_REQ_INFO
+d2i_X509_REQ_bio
+d2i_X509_REQ_fp
+d2i_X509_REVOKED
+d2i_X509_SIG
+d2i_X509_VAL
+d2i_X509_bio
+d2i_X509_fp
+des_cbc_cksum
+des_cbc_encrypt
+des_cblock_print_file
+des_cfb64_encrypt
+des_cfb_encrypt
+des_decrypt3
+des_ecb3_encrypt
+des_ecb_encrypt
+des_ede3_cbc_encrypt
+des_ede3_cfb64_encrypt
+des_ede3_ofb64_encrypt
+des_enc_read
+des_enc_write
+des_encrypt
+des_encrypt2
+des_encrypt3
+des_fcrypt
+des_is_weak_key
+des_key_sched
+des_ncbc_encrypt
+des_ofb64_encrypt
+des_ofb_encrypt
+des_options
+des_pcbc_encrypt
+des_quad_cksum
+des_random_key
+des_random_seed
+des_read_2passwords
+des_read_password
+des_read_pw
+des_read_pw_string
+des_set_key
+des_set_odd_parity
+des_string_to_2keys
+des_string_to_key
+des_xcbc_encrypt
+des_xwhite_in2out
+fcrypt_body
+i2a_ASN1_INTEGER
+i2a_ASN1_OBJECT
+i2a_ASN1_STRING
+i2a_X509v3_key_usage
+i2d_ASN1_BIT_STRING
+i2d_ASN1_BOOLEAN
+i2d_ASN1_HEADER
+i2d_ASN1_IA5STRING
+i2d_ASN1_INTEGER
+i2d_ASN1_OBJECT
+i2d_ASN1_OCTET_STRING
+i2d_ASN1_PRINTABLE
+i2d_ASN1_SET
+i2d_ASN1_TYPE
+i2d_ASN1_UTCTIME
+i2d_ASN1_bytes
+i2d_DHparams
+i2d_DSAPrivateKey
+i2d_DSAPrivateKey_bio
+i2d_DSAPrivateKey_fp
+i2d_DSAPublicKey
+i2d_DSAparams
+i2d_NETSCAPE_SPKAC
+i2d_NETSCAPE_SPKI
+i2d_Netscape_RSA
+i2d_PKCS7
+i2d_PKCS7_DIGEST
+i2d_PKCS7_ENCRYPT
+i2d_PKCS7_ENC_CONTENT
+i2d_PKCS7_ENVELOPE
+i2d_PKCS7_ISSUER_AND_SERIAL
+i2d_PKCS7_RECIP_INFO
+i2d_PKCS7_SIGNED
+i2d_PKCS7_SIGNER_INFO
+i2d_PKCS7_SIGN_ENVELOPE
+i2d_PKCS7_bio
+i2d_PKCS7_fp
+i2d_PrivateKey
+i2d_PublicKey
+i2d_RSAPrivateKey
+i2d_RSAPrivateKey_bio
+i2d_RSAPrivateKey_fp
+i2d_RSAPublicKey
+i2d_RSAPublicKey_bio
+i2d_RSAPublicKey_fp
+i2d_X509
+i2d_X509_ALGOR
+i2d_X509_ATTRIBUTE
+i2d_X509_CINF
+i2d_X509_CRL
+i2d_X509_CRL_INFO
+i2d_X509_CRL_bio
+i2d_X509_CRL_fp
+i2d_X509_EXTENSION
+i2d_X509_NAME
+i2d_X509_NAME_ENTRY
+i2d_X509_PKEY
+i2d_X509_PUBKEY
+i2d_X509_REQ
+i2d_X509_REQ_INFO
+i2d_X509_REQ_bio
+i2d_X509_REQ_fp
+i2d_X509_REVOKED
+i2d_X509_SIG
+i2d_X509_VAL
+i2d_X509_bio
+i2d_X509_fp
+i2t_ASN1_OBJECT
+idea_cbc_encrypt
+idea_cfb64_encrypt
+idea_ecb_encrypt
+idea_encrypt
+idea_ofb64_encrypt
+idea_options
+idea_set_decrypt_key
+idea_set_encrypt_key
+lh_delete
+lh_doall
+lh_doall_arg
+lh_free
+lh_insert
+lh_new
+lh_node_stats
+lh_node_stats_bio
+lh_node_usage_stats
+lh_node_usage_stats_bio
+lh_retrieve
+lh_stats
+lh_stats_bio
+lh_strhash
+ripemd160_block
+sha1_block
+sha_block
+sk_delete
+sk_delete_ptr
+sk_dup
+sk_find
+sk_free
+sk_insert
+sk_new
+sk_pop
+sk_pop_free
+sk_push
+sk_set_cmp_func
+sk_shift
+sk_unshift
+sk_zero
diff --git a/dep/files b/dep/files
new file mode 100644
index 0000000000..8c5550c37c
--- /dev/null
+++ b/dep/files
@@ -0,0 +1,574 @@
+./e_os.h
+
+./crypto/cryptall.h		CRYPTO
+./crypto/cryptlib.h		CRYPTO
+./crypto/crypto.c		CRYPTO
+./crypto/cversion.c		CRYPTO
+./crypto/date.h			CRYPTO
+./crypto/mem.c			CRYPTO
+./crypto/cpt_err.c		CRYPTO
+./crypto/ex_data.c		CRYPTO
+./crypto/crypto.h		CRYPTO
+./crypto/cryptlib.c		CRYPTO
+./crypto/tmdiff.c		CRYPTO
+
+./crypto/asn1/asn1.h		ASN1
+./crypto/asn1/asn1_mac.h	ASN1
+./crypto/asn1/asn1_err.c	ASN1
+./crypto/asn1/asn1_lib.c	ASN1
+./crypto/asn1/asn1_par.c	ASN1
+./crypto/asn1/a_bitstr.c	ASN1
+./crypto/asn1/a_bmp.c		ASN1
+./crypto/asn1/a_bool.c		ASN1
+./crypto/asn1/a_bytes.c		ASN1
+./crypto/asn1/a_d2i_fp.c	ASN1
+./crypto/asn1/a_digest.c	ASN1
+./crypto/asn1/a_dup.c		ASN1
+./crypto/asn1/a_hdr.c		ASN1
+./crypto/asn1/a_i2d_fp.c	ASN1
+./crypto/asn1/a_int.c		ASN1
+./crypto/asn1/a_meth.c		ASN1
+./crypto/asn1/a_object.c	ASN1
+./crypto/asn1/a_octet.c		ASN1
+./crypto/asn1/a_print.c		ASN1
+./crypto/asn1/a_set.c		ASN1
+./crypto/asn1/a_sign.c		ASN1
+./crypto/asn1/a_type.c		ASN1
+./crypto/asn1/a_utctm.c		ASN1
+./crypto/asn1/a_verify.c	ASN1
+./crypto/asn1/d2i_dhp.c		ASN1
+./crypto/asn1/d2i_dsap.c	ASN1
+./crypto/asn1/d2i_pr.c		ASN1
+./crypto/asn1/d2i_pu.c		ASN1
+./crypto/asn1/d2i_r_pr.c	ASN1
+./crypto/asn1/d2i_r_pu.c	ASN1
+./crypto/asn1/d2i_s_pr.c	ASN1
+./crypto/asn1/d2i_s_pu.c	ASN1
+./crypto/asn1/f_int.c		ASN1
+./crypto/asn1/f_string.c	ASN1
+./crypto/asn1/i2d_dhp.c		ASN1
+./crypto/asn1/i2d_dsap.c	ASN1
+./crypto/asn1/i2d_pr.c		ASN1
+./crypto/asn1/i2d_pu.c		ASN1
+./crypto/asn1/i2d_r_pr.c	ASN1
+./crypto/asn1/i2d_r_pu.c	ASN1
+./crypto/asn1/i2d_s_pr.c	ASN1
+./crypto/asn1/i2d_s_pu.c	ASN1
+./crypto/asn1/n_pkey.c		ASN1
+./crypto/asn1/p7_dgst.c		ASN1
+./crypto/asn1/p7_enc.c		ASN1
+./crypto/asn1/p7_enc_c.c	ASN1
+./crypto/asn1/p7_evp.c		ASN1
+./crypto/asn1/p7_i_s.c		ASN1
+./crypto/asn1/p7_lib.c		ASN1
+./crypto/asn1/p7_recip.c	ASN1
+./crypto/asn1/p7_signd.c	ASN1
+./crypto/asn1/p7_signi.c	ASN1
+./crypto/asn1/p7_s_e.c		ASN1
+./crypto/asn1/pk.c		ASN1
+./crypto/asn1/pkcs8.c		ASN1
+./crypto/asn1/t_pkey.c		ASN1
+./crypto/asn1/t_req.c		ASN1
+./crypto/asn1/t_x509.c		ASN1
+./crypto/asn1/x_algor.c		ASN1
+./crypto/asn1/x_attrib.c	ASN1
+./crypto/asn1/x_cinf.c		ASN1
+./crypto/asn1/x_crl.c		ASN1
+./crypto/asn1/x_exten.c		ASN1
+./crypto/asn1/x_info.c		ASN1
+./crypto/asn1/x_name.c		ASN1
+./crypto/asn1/x_pkey.c		ASN1
+./crypto/asn1/x_pubkey.c	ASN1
+./crypto/asn1/x_req.c		ASN1
+./crypto/asn1/x_sig.c		ASN1
+./crypto/asn1/x_spki.c		ASN1
+./crypto/asn1/x_val.c		ASN1
+./crypto/asn1/x_x509.c		ASN1
+
+./crypto/bf/blowfish.h		BF
+./crypto/bf/bf_pi.h		BF
+./crypto/bf/bf_locl.h		BF
+./crypto/bf/bfspeed.c		BF
+./crypto/bf/bftest.c		BF
+./crypto/bf/bf_cbc.c		BF
+./crypto/bf/bf_cfb64.c		BF
+./crypto/bf/bf_ecb.c		BF
+./crypto/bf/bf_enc.c		BF
+./crypto/bf/bf_ofb64.c		BF
+./crypto/bf/bf_opts.c		BF
+./crypto/bf/bf_skey.c		BF
+
+./crypto/bio/bio.h		BIO
+./crypto/bio/bf_buff.c		BIO
+./crypto/bio/bf_nbio.c		BIO
+./crypto/bio/bf_null.c		BIO
+./crypto/bio/bio_cb.c		BIO
+./crypto/bio/bio_err.c		BIO
+./crypto/bio/bio_lib.c		BIO
+./crypto/bio/bss_acpt.c		BIO
+./crypto/bio/bss_conn.c		BIO
+./crypto/bio/bss_fd.c		BIO
+./crypto/bio/bss_file.c		BIO
+./crypto/bio/bss_mem.c		BIO
+./crypto/bio/bss_null.c		BIO
+./crypto/bio/bss_rtcp.c		BIO
+./crypto/bio/bss_sock.c		BIO
+./crypto/bio/b_dump.c		BIO
+./crypto/bio/b_print.c		BIO
+./crypto/bio/b_sock.c		BIO
+
+./crypto/bn/bn.h		BN
+./crypto/bn/bn_lcl.h		BN
+./crypto/bn/bn_prime.h		BN
+./crypto/bn/bnspeed.c		BN
+./crypto/bn/bntest.c		BN
+./crypto/bn/bn_add.c		BN
+./crypto/bn/bn_bld.c		BN
+./crypto/bn/bn_blind.c		BN
+./crypto/bn/bn_div.c		BN
+./crypto/bn/bn_err.c		BN
+./crypto/bn/bn_exp.c		BN
+./crypto/bn/bn_gcd.c		BN
+./crypto/bn/bn_lib.c		BN
+./crypto/bn/bn_mod.c		BN
+./crypto/bn/bn_mont.c		BN
+./crypto/bn/bn_mul.c		BN
+./crypto/bn/bn_mulw.c		BN
+./crypto/bn/bn_prime.c		BN
+./crypto/bn/bn_print.c		BN
+./crypto/bn/bn_rand.c		BN
+./crypto/bn/bn_recp.c		BN
+./crypto/bn/bn_shift.c		BN
+./crypto/bn/bn_sqr.c		BN
+./crypto/bn/bn_sub.c		BN
+./crypto/bn/bn_word.c		BN
+./crypto/bn/bn_m.c		BN
+./crypto/bn/m.c			BN
+./crypto/bn/expspeed.c		BN
+./crypto/bn/bn_mpi.c		BN
+./crypto/bn/exptest.c		BN
+
+./crypto/buffer/buffer.c	BUFF
+./crypto/buffer/buffer.h	BUFF
+./crypto/buffer/buf_err.c	BUFF
+
+./crypto/cast/cast.h		CAST
+./crypto/cast/castopts.c	CAST
+./crypto/cast/casttest.c	CAST
+./crypto/cast/cast_lcl.h	CAST
+./crypto/cast/cast_s.h		CAST
+./crypto/cast/cast_spd.c	CAST
+./crypto/cast/c_cfb64.c		CAST
+./crypto/cast/c_ecb.c		CAST
+./crypto/cast/c_enc.c		CAST
+./crypto/cast/c_ofb64.c		CAST
+./crypto/cast/c_skey.c		CAST
+
+./crypto/conf/conf_lcl.h	CONF
+./crypto/conf/cnf_save.c	CONF
+./crypto/conf/conf.c		CONF
+./crypto/conf/conf.h		CONF
+./crypto/conf/conf_err.c	CONF
+
+./crypto/des/des.h		DES
+./crypto/des/des_locl.h		DES
+./crypto/des/spr.h		DES
+./crypto/des/podd.h		DES
+./crypto/des/sk.h		DES
+./crypto/des/cbc3_enc.c		DES
+./crypto/des/cbc_cksm.c		DES
+./crypto/des/cbc_enc.c		DES
+./crypto/des/cfb64ede.c		DES
+./crypto/des/cfb64enc.c		DES
+./crypto/des/cfb_enc.c		DES
+./crypto/des/des.c		DES
+./crypto/des/destest.c		DES
+./crypto/des/des_enc.c		DES
+./crypto/des/des_opts.c		DES
+./crypto/des/des_ver.h		DES
+./crypto/des/ecb3_enc.c		DES
+./crypto/des/ecb_enc.c		DES
+./crypto/des/ede_enc.c		DES
+./crypto/des/enc_read.c		DES
+./crypto/des/enc_writ.c		DES
+./crypto/des/fcrypt.c		DES
+./crypto/des/fcrypt_b.c		DES
+./crypto/des/ncbc_enc.c		DES
+./crypto/des/ofb64ede.c		DES
+./crypto/des/ofb64enc.c		DES
+./crypto/des/ofb_enc.c		DES
+./crypto/des/pcbc_enc.c		DES
+./crypto/des/qud_cksm.c		DES
+./crypto/des/rand_key.c		DES
+./crypto/des/read2pwd.c		DES
+./crypto/des/read_pwd.c		DES
+./crypto/des/rpc_des.h		DES
+./crypto/des/rpc_enc.c		DES
+./crypto/des/rpw.c		DES
+./crypto/des/set_key.c		DES
+./crypto/des/str2key.c		DES
+./crypto/des/supp.c		DES
+./crypto/des/xcbc_enc.c		DES
+
+./crypto/dh/dh.h		DH
+./crypto/dh/dh_check.c		DH
+./crypto/dh/dh_err.c		DH
+./crypto/dh/dh_gen.c		DH
+./crypto/dh/dh_key.c		DH
+./crypto/dh/dh_lib.c		DH
+./crypto/dh/p1024.c		DH
+./crypto/dh/p192.c		DH
+./crypto/dh/p512.c		DH
+./crypto/dh/dhtest.c		DH
+
+./crypto/dsa/dsa.h		DSA
+./crypto/dsa/dsagen.c		DSA
+./crypto/dsa/dsa_err.c		DSA
+./crypto/dsa/dsa_gen.c		DSA
+./crypto/dsa/dsa_key.c		DSA
+./crypto/dsa/dsa_lib.c		DSA
+./crypto/dsa/dsa_sign.c		DSA
+./crypto/dsa/dsa_vrf.c		DSA
+./crypto/dsa/dsatest.c		DSA
+
+./crypto/err/err.c		ERR
+./crypto/err/err.h		ERR
+./crypto/err/err_all.c		ERR
+./crypto/err/err_prn.c		ERR
+
+./crypto/evp/evp.h		EVP
+./crypto/evp/bio_b64.c		EVP
+./crypto/evp/bio_enc.c		EVP
+./crypto/evp/bio_md.c		EVP
+./crypto/evp/c_all.c		EVP
+./crypto/evp/digest.c		EVP
+./crypto/evp/encode.c		EVP
+./crypto/evp/evp_enc.c		EVP
+./crypto/evp/evp_err.c		EVP
+./crypto/evp/evp_key.c		EVP
+./crypto/evp/e_cbc_3d.c		EVP
+./crypto/evp/e_cbc_bf.c		EVP
+./crypto/evp/e_cbc_c.c		EVP
+./crypto/evp/e_cbc_d.c		EVP
+./crypto/evp/e_cbc_i.c		EVP
+./crypto/evp/e_cbc_r2.c		EVP
+./crypto/evp/e_cfb_3d.c		EVP
+./crypto/evp/e_cfb_bf.c		EVP
+./crypto/evp/e_cfb_c.c		EVP
+./crypto/evp/e_cfb_d.c		EVP
+./crypto/evp/e_cfb_i.c		EVP
+./crypto/evp/e_cfb_r2.c		EVP
+./crypto/evp/e_dsa.c		EVP
+./crypto/evp/e_ecb_3d.c		EVP
+./crypto/evp/e_ecb_bf.c		EVP
+./crypto/evp/e_ecb_c.c		EVP
+./crypto/evp/e_ecb_d.c		EVP
+./crypto/evp/e_ecb_i.c		EVP
+./crypto/evp/e_ecb_r2.c		EVP
+./crypto/evp/e_null.c		EVP
+./crypto/evp/e_ofb_3d.c		EVP
+./crypto/evp/e_ofb_bf.c		EVP
+./crypto/evp/e_ofb_c.c		EVP
+./crypto/evp/e_ofb_d.c		EVP
+./crypto/evp/e_ofb_i.c		EVP
+./crypto/evp/e_ofb_r2.c		EVP
+./crypto/evp/e_rc4.c		EVP
+./crypto/evp/e_xcbc_d.c		EVP
+./crypto/evp/m_dss.c		EVP
+./crypto/evp/m_dss1.c		EVP
+./crypto/evp/m_md2.c		EVP
+./crypto/evp/m_md5.c		EVP
+./crypto/evp/m_mdc2.c		EVP
+./crypto/evp/m_null.c		EVP
+./crypto/evp/m_sha.c		EVP
+./crypto/evp/m_sha1.c		EVP
+./crypto/evp/names.c		EVP
+./crypto/evp/p_lib.c		EVP
+./crypto/evp/p_open.c		EVP
+./crypto/evp/p_seal.c		EVP
+./crypto/evp/p_sign.c		EVP
+./crypto/evp/p_verify.c		EVP
+
+./crypto/hmac/hmac.c		HMAC
+./crypto/hmac/hmac.h		HMAC
+./crypto/hmac/hmactest.c	HMAC
+
+./crypto/idea/ideatest.c	IDEA
+./crypto/idea/idea_lcl.h	IDEA
+./crypto/idea/idea_spd.c	IDEA
+./crypto/idea/i_cbc.c		IDEA
+./crypto/idea/i_cfb64.c		IDEA
+./crypto/idea/i_ecb.c		IDEA
+./crypto/idea/i_ofb64.c		IDEA
+./crypto/idea/i_skey.c		IDEA
+./crypto/idea/idea.h		IDEA
+
+./crypto/lhash/lhash.c		LHASH
+./crypto/lhash/lhash.h		LHASH
+./crypto/lhash/lh_stats.c	LHASH
+./crypto/lhash/lh_test.c	LHASH
+
+./crypto/md2/md2.c		MD2
+./crypto/md2/md2test.c		MD2
+./crypto/md2/md2_dgst.c		MD2
+./crypto/md2/md2_one.c		MD2
+./crypto/md2/md2.h		MD2
+
+./crypto/md5/md5.c		MD5
+./crypto/md5/md5.h		MD5
+./crypto/md5/md5test.c		MD5
+./crypto/md5/md5_dgst.c		MD5
+./crypto/md5/md5_locl.h		MD5
+./crypto/md5/md5_one.c		MD5
+
+./crypto/mdc2/mdc2.h		MDC2
+./crypto/mdc2/mdc2dgst.c	MDC2
+./crypto/mdc2/mdc2test.c	MDC2
+./crypto/mdc2/mdc2_one.c	MDC2
+
+./crypto/objects/objects.h	OBJ
+./crypto/objects/obj_dat.c	OBJ
+./crypto/objects/obj_dat.h	OBJ
+./crypto/objects/obj_err.c	OBJ
+./crypto/objects/obj_lib.c	OBJ
+
+./crypto/pem/ctx_size.c		PEM
+./crypto/pem/pem.h		PEM
+./crypto/pem/pem_all.c		PEM
+./crypto/pem/pem_err.c		PEM
+./crypto/pem/pem_info.c		PEM
+./crypto/pem/pem_lib.c		PEM
+./crypto/pem/pem_seal.c		PEM
+./crypto/pem/pem_sign.c		PEM
+
+./crypto/pkcs7/pk7_dgst.c	PKCS7
+./crypto/pkcs7/pk7_doit.c	PKCS7
+./crypto/pkcs7/pk7_enc.c	PKCS7
+./crypto/pkcs7/pk7_lib.c	PKCS7
+./crypto/pkcs7/pkcs7.h		PKCS7
+./crypto/pkcs7/pkcs7err.c	PKCS7
+./crypto/pkcs7/sign.c		PKCS7
+
+./crypto/proxy/bf_proxy.c	PROXY
+./crypto/proxy/p2test.c		PROXY
+./crypto/proxy/p3test.c		PROXY
+./crypto/proxy/paccept.c	PROXY
+./crypto/proxy/proxy.c		PROXY
+./crypto/proxy/proxy.h		PROXY
+./crypto/proxy/ptest.c		PROXY
+./crypto/proxy/pxy_conf.c	PROXY
+./crypto/proxy/pxy_err.c	PROXY
+./crypto/proxy/pxy_txt.c	PROXY
+
+./crypto/rand/md_rand.c		RAND
+./crypto/rand/rand.h		RAND
+./crypto/rand/randfile.c	RAND
+./crypto/rand/randtest.c	RAND
+
+./crypto/rc2/rc2cfb64.c		RC2
+./crypto/rc2/rc2ofb64.c		RC2
+./crypto/rc2/rc2speed.c		RC2
+./crypto/rc2/rc2test.c		RC2
+./crypto/rc2/rc2_cbc.c		RC2
+./crypto/rc2/rc2_ecb.c		RC2
+./crypto/rc2/rc2_locl.h		RC2
+./crypto/rc2/rc2_skey.c		RC2
+./crypto/rc2/rc2.h		RC2
+
+./crypto/rc4/rc4.c		RC4
+./crypto/rc4/rc4speed.c		RC4
+./crypto/rc4/rc4test.c		RC4
+./crypto/rc4/rc4_enc.c		RC4
+./crypto/rc4/rc4_skey.c		RC4
+./crypto/rc4/rc4.h		RC4
+./crypto/rc4/rc4_locl.h		RC4
+
+./crypto/rsa/rsa.h		RSA
+./crypto/rsa/rsa_eay.c		RSA
+./crypto/rsa/rsa_err.c		RSA
+./crypto/rsa/rsa_gen.c		RSA
+./crypto/rsa/rsa_lib.c		RSA
+./crypto/rsa/rsa_saos.c		RSA
+./crypto/rsa/rsa_sign.c		RSA
+./crypto/rsa/rsa_ssl.c		RSA
+./crypto/rsa/rsa_pk1.c		RSA
+./crypto/rsa/rsa_none.c		RSA
+
+./crypto/sha/sha.h		SHA
+./crypto/sha/sha_locl.h		SHA
+./crypto/sha/sha.c		SHA0
+./crypto/sha/sha_dgst.c		SHA0
+./crypto/sha/sha_one.c		SHA0
+./crypto/sha/sha_sgst.c		SHA0
+./crypto/sha/shatest.c		SHA0
+./crypto/sha/sha1.c		SHA1
+./crypto/sha/sha1dgst.c		SHA1
+./crypto/sha/sha1_one.c		SHA1
+./crypto/sha/sha1test.c		SHA1
+
+./crypto/stack/stack.c		STACK
+./crypto/stack/stack.h		STACK
+
+./crypto/txt_db/txt_db.c	TXTDB
+./crypto/txt_db/txt_db.h	TXTDB
+
+./crypto/x509/by_dir.c		X509
+./crypto/x509/by_file.c		X509
+./crypto/x509/v3_net.c		X509
+./crypto/x509/v3_x509.c		X509
+./crypto/x509/x509.h		X509
+./crypto/x509/x509name.c	X509
+./crypto/x509/x509pack.c	X509
+./crypto/x509/x509rset.c	X509
+./crypto/x509/x509type.c	X509
+./crypto/x509/x509_cmp.c	X509
+./crypto/x509/x509_d2.c		X509
+./crypto/x509/x509_def.c	X509
+./crypto/x509/x509_err.c	X509
+./crypto/x509/x509_ext.c	X509
+./crypto/x509/x509_lu.c		X509
+./crypto/x509/x509_obj.c	X509
+./crypto/x509/x509_r2x.c	X509
+./crypto/x509/x509_req.c	X509
+./crypto/x509/x509_set.c	X509
+./crypto/x509/x509_txt.c	X509
+./crypto/x509/x509_v3.c		X509
+./crypto/x509/x509_vfy.c	X509
+./crypto/x509/x_all.c		X509
+./crypto/x509/x509_vfy.h	X509
+./crypto/x509v3/v3_ku.c		X509
+./crypto/x509v3/x509v3.h	X509
+
+./crypto/threads/mttest.c	THREADS
+./crypto/threads/th-lock.c	THREADS
+
+./crypto/ripemd/rmdtest.c	RMD160
+./crypto/ripemd/ripemd.h	RMD160
+./crypto/ripemd/rmdconst.h	RMD160
+./crypto/ripemd/rmd_locl.h	RMD160
+./crypto/ripemd/rmd_one.c	RMD160
+./crypto/ripemd/rmd160.c	RMD160
+./crypto/ripemd/rmd_dgst.c	RMD160
+
+./crypto/rc5/rc5_ecb.c		RC5
+./crypto/rc5/rc5cfb64.c		RC5
+./crypto/rc5/rc5ofb64.c		RC5
+./crypto/rc5/rc5speed.c		RC5
+./crypto/rc5/rc5test.c		RC5
+./crypto/rc5/rc5_enc.c		RC5
+./crypto/rc5/rc5.h		RC5
+./crypto/rc5/rc5_locl.h		RC5
+./crypto/rc5/rc5_skey.c		RC5
+
+./ssl/bio_ssl.c			SSL
+./ssl/pxy_ssl.c			SSL
+./ssl/s23_clnt.c		SSL
+./ssl/s23_lib.c			SSL
+./ssl/s23_meth.c		SSL
+./ssl/s23_pkt.c			SSL
+./ssl/s23_srvr.c		SSL
+./ssl/s2_clnt.c			SSL
+./ssl/s2_enc.c			SSL
+./ssl/s2_lib.c			SSL
+./ssl/s2_meth.c			SSL
+./ssl/s2_pkt.c			SSL
+./ssl/s2_srvr.c			SSL
+./ssl/s3_both.c			SSL
+./ssl/s3_clnt.c			SSL
+./ssl/s3_enc.c			SSL
+./ssl/s3_lib.c			SSL
+./ssl/s3_meth.c			SSL
+./ssl/s3_pkt.c			SSL
+./ssl/s3_srvr.c			SSL
+./ssl/ssl.c			SSL
+./ssl/ssl2.h			SSL
+./ssl/ssl23.h			SSL
+./ssl/ssl3.h			SSL
+./ssl/ssl_algs.c		SSL
+./ssl/ssl_asn1.c		SSL
+./ssl/ssl_cert.c		SSL
+./ssl/ssl_ciph.c		SSL
+./ssl/ssl_err.c			SSL
+./ssl/ssl_err2.c		SSL
+./ssl/ssl_lib.c			SSL
+./ssl/ssl_locl.h		SSL
+./ssl/ssl_rsa.c			SSL
+./ssl/ssl_sess.c		SSL
+./ssl/ssl_stat.c		SSL
+./ssl/ssl_task.c		SSL
+./ssl/ssl_txt.c			SSL
+./ssl/tls1.h			SSL
+./ssl/t1_lib.c			SSL
+./ssl/t1_enc.c			SSL
+./ssl/t1_meth.c			SSL
+./ssl/t1_srvr.c			SSL
+./ssl/t1_clnt.c			SSL
+./ssl/ssl.h			SSL
+./ssl/ssltest.c			SSL
+
+./rsaref/rsaref.c		RSAREF
+./rsaref/rsaref.h		RSAREF
+./rsaref/rsar_err.c		RSAREF
+
+./apps/apps.c			APPS
+./apps/apps.h			APPS
+./apps/asn1pars.c		APPS
+./apps/bf_perm.c		APPS
+./apps/bf_perm.h		APPS
+./apps/ca.c			APPS
+./apps/ciphers.c		APPS
+./apps/crl.c			APPS
+./apps/crl2p7.c			APPS
+./apps/dgst.c			APPS
+./apps/dh.c			APPS
+./apps/dsa.c			APPS
+./apps/dsaparam.c		APPS
+./apps/eay.c			APPS
+./apps/enc.c			APPS
+./apps/errstr.c			APPS
+./apps/speed.c			APPS
+./apps/gendh.c			APPS
+./apps/gendsa.c			APPS
+./apps/genrsa.c			APPS
+./apps/mybio_cb.c		APPS
+./apps/pem_mail.c		APPS
+./apps/pkcs7.c			APPS
+./apps/progs.h			APPS
+./apps/req.c			APPS
+./apps/rsa.c			APPS
+./apps/sess_id.c		APPS
+./apps/s_apps.h			APPS
+./apps/s_args.c			APPS
+./apps/s_cache.c		APPS
+./apps/s_cb.c			APPS
+./apps/s_client.c		APPS
+./apps/s_eio.c			APPS
+./apps/s_eio.h			APPS
+./apps/s_filter.c		APPS
+./apps/s_filter.h		APPS
+./apps/s_server.c		APPS
+./apps/s_socket.c		APPS
+./apps/s_state.c		APPS
+./apps/s_state.h		APPS
+./apps/s_time.c			APPS
+./apps/testdsa.h		APPS
+./apps/testrsa.h		APPS
+./apps/verify.c			APPS
+./apps/version.c		APPS
+./apps/x509.c			APPS
+./apps/ssleay.c			APPS
+./apps/sp.c			APPS
+
+./demos/b64.c			DEMO
+./demos/bio/saccept.c		DEMO
+./demos/bio/sconnect.c		DEMO
+./demos/maurice/example1.c	DEMO
+./demos/maurice/example2.c	DEMO
+./demos/maurice/example3.c	DEMO
+./demos/maurice/example4.c	DEMO
+./demos/maurice/loadkeys.c	DEMO
+./demos/maurice/loadkeys.h	DEMO
+./demos/prime/prime.c		DEMO
+./demos/selfsign.c		DEMO
+./demos/spkigen.c		DEMO
+
diff --git a/dep/gen.pl b/dep/gen.pl
new file mode 100644
index 0000000000..8ab6db5c53
--- /dev/null
+++ b/dep/gen.pl
@@ -0,0 +1,113 @@
+#!/usr/local/bin/perl
+
+require 'getopts.pl';
+
+$files="files";
+%have=();
+%missing=();
+%name=();
+%func=();
+
+&Getopts('Ff:');
+
+&load_file("files");
+foreach $file (@ARGV)
+	{ &do_nm($file); }
+
+if (defined($opt_f))
+	{
+	%a=();
+	$r=&list_files($opt_f,"",*a);
+	if ($opt_F)
+		{
+		foreach (sort split(/\n/,$r))
+			{ print "$_\n"; }
+		}
+	else
+		{ print $r; }
+	}
+else
+	{
+	for (sort keys %have)
+		{
+		print "$_:$have{$_}\n";
+		}
+	}
+
+sub list_files
+	{
+	local($f,$o,*done)=@_;
+	local($a,$_,$ff,$ret);
+
+	return if $f =~ /^\s*$/;
+
+	$done{$f}=1;
+	$ret.=$f."\n" if $opt_F;
+	foreach (split(/ /,$have{$f}))
+		{
+		$ret.="$o$f:$_\n" unless $opt_F;
+		}
+
+	foreach (split(/ /,$missing{$f}))
+		{
+		$ff=$func{$_};
+		next if defined($done{$ff});
+		$ret.=&list_files($ff,$o."	");
+		}
+	$ret;
+	}
+
+sub do_nm
+	{
+	local($file)=@_;
+	local($fname)="";
+
+	open(IN,"nm $file|") || die "unable to run 'nm $file|':$!\n";
+	while (<IN>)
+		{
+		chop;
+		next if /^\s*$/;
+		if (/^(.*)\.o:\s*$/)
+			{
+			$fname="$1.c";
+			next;
+			}
+		($type,$name)=/^.{8} (.) (.+)/;
+#		print "$fname $type $name\n";
+
+		if ($type eq "T")
+			{
+			$have{$fname}.="$name ";
+			$func{$name}=$fname;
+			}
+		elsif ($type eq "U")
+			{
+			$missing{$fname}.="$name ";
+			}
+		}
+	close(IN);
+	}
+
+sub load_file
+	{
+	local($file)=@_;
+
+	open(IN,"<$files") || die "unable to open $files:$!\n";
+
+	while (<IN>)
+		{
+		chop;
+		next if /^\s*$/;
+		($n)=/\/([^\/\s]+)\s+/;
+		($fn)=/^(\S+)\s/;
+#		print "$n - $fn\n";
+		if (defined($name{$n}))
+			{ print "$n already exists\n"; }
+		else
+			{ $name{$n}=$fn; }
+		}
+	close(IN);
+	@name=%name;
+	}
+
+
diff --git a/dep/ssl.txt b/dep/ssl.txt
new file mode 100644
index 0000000000..7cd125a0d1
--- /dev/null
+++ b/dep/ssl.txt
@@ -0,0 +1,156 @@
+BIO_f_ssl
+BIO_new_buffer_ssl_connect
+BIO_new_ssl
+BIO_new_ssl_connect
+BIO_proxy_ssl_copy_session_id
+BIO_ssl_copy_session_id
+BIO_ssl_shutdown
+ERR_load_SSL_strings
+SSL_CIPHER_description
+SSL_CIPHER_get_bits
+SSL_CIPHER_get_name
+SSL_CIPHER_get_version
+SSL_CTX_add_client_CA
+SSL_CTX_add_session
+SSL_CTX_check_private_key
+SSL_CTX_ctrl
+SSL_CTX_flush_sessions
+SSL_CTX_free
+SSL_CTX_get_client_CA_list
+SSL_CTX_get_ex_data
+SSL_CTX_get_ex_new_index
+SSL_CTX_get_quiet_shutdown
+SSL_CTX_get_verify_callback
+SSL_CTX_get_verify_mode
+SSL_CTX_load_verify_locations
+SSL_CTX_new
+SSL_CTX_remove_session
+SSL_CTX_set_cert_verify_cb
+SSL_CTX_set_cipher_list
+SSL_CTX_set_client_CA_list
+SSL_CTX_set_default_passwd_cb
+SSL_CTX_set_default_verify_paths
+SSL_CTX_set_ex_data
+SSL_CTX_set_quiet_shutdown
+SSL_CTX_set_ssl_version
+SSL_CTX_set_verify
+SSL_CTX_use_PrivateKey
+SSL_CTX_use_PrivateKey_ASN1
+SSL_CTX_use_PrivateKey_file
+SSL_CTX_use_RSAPrivateKey
+SSL_CTX_use_RSAPrivateKey_ASN1
+SSL_CTX_use_RSAPrivateKey_file
+SSL_CTX_use_certificate
+SSL_CTX_use_certificate_ASN1
+SSL_CTX_use_certificate_file
+SSL_SESSION_cmp
+SSL_SESSION_free
+SSL_SESSION_get_ex_data
+SSL_SESSION_get_ex_new_index
+SSL_SESSION_get_time
+SSL_SESSION_get_timeout
+SSL_SESSION_hash
+SSL_SESSION_new
+SSL_SESSION_print
+SSL_SESSION_print_fp
+SSL_SESSION_set_ex_data
+SSL_SESSION_set_time
+SSL_SESSION_set_timeout
+SSL_accept
+SSL_add_client_CA
+SSL_alert_desc_string
+SSL_alert_desc_string_long
+SSL_alert_type_string
+SSL_alert_type_string_long
+SSL_check_private_key
+SSL_clear
+SSL_connect
+SSL_copy_session_id
+SSL_ctrl
+SSL_do_handshake
+SSL_dup
+SSL_dup_CA_list
+SSL_free
+SSL_get_SSL_CTX
+SSL_get_certificate
+SSL_get_cipher_list
+SSL_get_ciphers
+SSL_get_client_CA_list
+SSL_get_current_cipher
+SSL_get_default_timeout
+SSL_get_error
+SSL_get_ex_data
+SSL_get_ex_new_index
+SSL_get_fd
+SSL_get_info_callback
+SSL_get_peer_cert_chain
+SSL_get_peer_certificate
+SSL_get_privatekey
+SSL_get_quiet_shutdown
+SSL_get_rbio
+SSL_get_read_ahead
+SSL_get_session
+SSL_get_shared_ciphers
+SSL_get_shutdown
+SSL_get_ssl_method
+SSL_get_verify_callback
+SSL_get_verify_mode
+SSL_get_verify_result
+SSL_get_version
+SSL_get_wbio
+SSL_load_client_CA_file
+SSL_load_error_strings
+SSL_new
+SSL_peek
+SSL_pending
+SSL_read
+SSL_renegotiate
+SSL_rstate_string
+SSL_rstate_string_long
+SSL_set_accept_state
+SSL_set_bio
+SSL_set_cipher_list
+SSL_set_client_CA_list
+SSL_set_connect_state
+SSL_set_ex_data
+SSL_set_fd
+SSL_set_info_callback
+SSL_set_quiet_shutdown
+SSL_set_read_ahead
+SSL_set_rfd
+SSL_set_session
+SSL_set_shutdown
+SSL_set_ssl_method
+SSL_set_verify
+SSL_set_verify_result
+SSL_set_wfd
+SSL_shutdown
+SSL_state
+SSL_state_string
+SSL_state_string_long
+SSL_use_PrivateKey
+SSL_use_PrivateKey_ASN1
+SSL_use_PrivateKey_file
+SSL_use_RSAPrivateKey
+SSL_use_RSAPrivateKey_ASN1
+SSL_use_RSAPrivateKey_file
+SSL_use_certificate
+SSL_use_certificate_ASN1
+SSL_use_certificate_file
+SSL_version
+SSL_write
+SSLeay_add_ssl_algorithms
+SSLv23_client_method
+SSLv23_method
+SSLv23_server_method
+SSLv2_client_method
+SSLv2_method
+SSLv2_server_method
+SSLv3_client_method
+SSLv3_method
+SSLv3_server_method
+TLSv1_client_method
+TLSv1_method
+TLSv1_server_method
+d2i_SSL_SESSION
+i2d_SSL_SESSION
diff --git a/doc/blowfish.doc b/doc/blowfish.doc
index 3a7291f371..8a7f425b32 100644
--- a/doc/blowfish.doc
+++ b/doc/blowfish.doc
@@ -54,20 +54,17 @@ unsigned char *key;
 	72 bytes.  As a warning, blowfish has a very very slow set_key
 	function, it actually runs BF_encrypt 521 times.
 	
-void BF_encrypt(
-unsigned long *data,
-BF_KEY *key,
-int encrypt);
-	This is the Blowfish encryption function that gets called by just about
-	every other Blowfish routine in the library.  You should not use this
-	function except to implement 'modes' of Blowfish.
+void BF_encrypt(unsigned long *data, BF_KEY *key);
+void BF_decrypt(unsigned long *data, BF_KEY *key);
+	These are the Blowfish encryption function that gets called by just
+	about every other Blowfish routine in the library.  You should not
+	use this function except to implement 'modes' of Blowfish.
 	I say this because the
 	functions that call this routine do the conversion from 'char *' to
 	long, and this needs to be done to make sure 'non-aligned' memory
 	access do not occur.
 	Data is a pointer to 2 unsigned long's and key is the
-	BF_KEY to use.  Encryption or decryption is indicated by 'encrypt'.
-	which can have the values BF_ENCRYPT or BF_DECRYPT.
+	BF_KEY to use. 
 
 void BF_ecb_encrypt(
 unsigned char *in,
diff --git a/doc/bn.doc b/doc/bn.doc
index 2358c20f45..47be23b6ea 100644
--- a/doc/bn.doc
+++ b/doc/bn.doc
@@ -246,8 +246,8 @@ int BN_is_bit_set(BIGNUM *a, int n);
 	This function return 1 if bit 'n' is set in 'a' else 0.
 
 int BN_set_bit(BIGNUM *a, int n);
-	This function sets bit 'n' to 1 in 'a'.  Return 0 if less than
-	'n' bits in 'a', else 1.  This is a&= ~(1<<n);
+	This function sets bit 'n' to 1 in 'a'. 
+	This is a&= ~(1<<n);
 
 int BN_clear_bit(BIGNUM *a, int n);
 	This function sets bit 'n' to zero in 'a'.  Return 0 if less
@@ -334,7 +334,8 @@ int BN_gcd(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_CTX *ctx);
 	'r' has the greatest common divisor of 'a' and 'b'.  'ctx' is
 	used for temporary variables and 0 is returned on error.
 
-int BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(),BN_CTX *ctx);
+int BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(),BN_CTX *ctx,
+	char *cb_arg);
 	This function is used to check if a BIGNUM ('p') is prime.
 	It performs this test by using the Miller-Rabin randomised
 	primality test.  This is a probalistic test that requires a
@@ -342,7 +343,7 @@ int BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(),BN_CTX *ctx);
 	degree of probability.  Since this can take quite some time, a
 	callback function can be passed and it will be called each
 	time 'p' passes a round of the prime testing.  'callback' will
-	be called as follows, callback(1,n) where n is the number of
+	be called as follows, callback(1,n,cb_arg) where n is the number of
 	the round, just passed.  As per usual 'ctx' contains temporary
 	variables used.  If ctx is NULL, it does not matter, a local version
 	will be malloced.  This parameter is present to save some mallocing
@@ -357,6 +358,7 @@ int strong,
 BIGNUM *a,
 BIGNUM *rems,
 void (*callback)());
+char *cb_arg
 	This function is used to generate prime numbers.  It returns a
 	new BIGNUM that has a high probability of being a prime.
 	'bits' is the number of bits that
@@ -373,7 +375,7 @@ void (*callback)());
 	can take quite some time, if callback is not NULL, it is called
 	in the following situations.
 	We have a suspected prime (from a quick sieve),
-	callback(0,sus_prime++).  Each item to be passed to BN_is_prime().
-	callback(1,round++).  Each successful 'round' in BN_is_prime().
-	callback(2,round). For each successful BN_is_prime() test.
+	callback(0,sus_prime++,cb_arg). Each item to be passed to BN_is_prime().
+	callback(1,round++,cb_arg).  Each successful 'round' in BN_is_prime().
+	callback(2,round,cb_arg). For each successful BN_is_prime() test.
 
diff --git a/doc/des.doc b/doc/des.doc
index 1e30158129..5879d968f3 100644
--- a/doc/des.doc
+++ b/doc/des.doc
@@ -186,7 +186,7 @@ des_key_schedule ks2,
 des_key_schedule ks3, 
 des_cblock *ivec,
 int enc);
-	This function implements inner triple CBC DES encryption with 3
+	This function implements outer triple CBC DES encryption with 3
 	keys.  What this means is that each 'DES' operation
 	inside the cbc mode is really an C=E(ks3,D(ks2,E(ks1,M))).
 	Again, this is cbc mode so an ivec is requires.
diff --git a/doc/rsa.doc b/doc/rsa.doc
index f899a39bb8..f260452bc6 100644
--- a/doc/rsa.doc
+++ b/doc/rsa.doc
@@ -113,6 +113,7 @@ RSA *RSA_generate_key(
 int bits;
 unsigned long e;
 void (*callback)();
+char *cb_arg;
 	This routine is used to generate RSA private keys.  It takes
 	quite a period of time to run and should only be used to
 	generate initial private keys that should then be stored
@@ -126,8 +127,9 @@ void (*callback)();
 	The callback function (if not NULL) is called in the following
 	situations.
 	when we have generated a suspected prime number to test,
-	callback(0,num1++).  When it passes a prime number test,
-	callback(1,num2++).  When it is rejected as one of
+	callback(0,num1++,cb_arg).  When it passes a prime number test,
+	callback(1,num2++,cb_arg).  When it is rejected as one of
 	the 2 primes required due to gcd(prime,e value) != 0,
-	callback(2,num3++).  When finally accepted as one of the 2 primes,
-	callback(3,num4++).
+	callback(2,num3++,cb_arg).  When finally accepted as one
+	of the 2 primes, callback(3,num4++,cb_arg).
+
diff --git a/e_os.h b/e_os.h
index 2f2280591f..3d142ec2ba 100644
--- a/e_os.h
+++ b/e_os.h
@@ -1,5 +1,5 @@
 /* e_os.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -63,8 +63,16 @@
 extern "C" {
 #endif
 
+/* Used to checking reference counts, most while doing perl5 stuff :-) */
+#ifdef REF_PRINT
+#undef REF_PRINT
+#define REF_PRINT(a,b)	fprintf(stderr,"%08X:%4d:%s\n",(int)b,b->references,a)
+#endif
+
 #ifndef DEVRANDOM
-#undef DEVRANDOM  /* set this to your 'random' device if you have one */
+/* set this to your 'random' device if you have one.
+ * My default, we will try to read this file */
+#define DEVRANDOM "/dev/urandom"
 #endif
 
 #if defined(NOCONST)
@@ -91,7 +99,25 @@ extern "C" {
 #  endif
 #endif
 
+#ifdef WIN32
+#define get_last_sys_error()	GetLastError()
+#define clear_sys_error()	SetLastError(0)
+#else
+#define get_last_sys_error()	errno
+#define clear_sys_error()	errno=0
+#endif
+
+#ifdef WINDOWS
+#define get_last_socket_error()	WSAGetLastError()
+#define clear_socket_error()	WSASetLastError(0)
+#else
+#define get_last_socket_error()	errno
+#define clear_socket_error()	errno=0
+#define ioctlsocket(a,b,c)	ioctl(a,b,c)
+#endif
+
 #ifdef WIN16
+#  define NO_FP_API
 #  define MS_CALLBACK	_far _loadds
 #  define MS_FAR	_far
 #else
@@ -99,6 +125,10 @@ extern "C" {
 #  define MS_FAR
 #endif
 
+#ifdef NO_STDIO
+#  define NO_FP_API
+#endif
+
 #if defined(WINDOWS) || defined(MSDOS)
 
 #ifndef S_IFDIR
@@ -121,9 +151,8 @@ extern "C" {
 #  include <io.h>
 #  include <fcntl.h>
 
-#if defined(WIN16) && (!defined(MONOLITH) || defined(SSLEAY)) && defined(_WINEXITNOPERSIST)
-#  define EXIT(n)		{ if (n == 0) _wsetexit(_WINEXITNOPERSIST); \
-				return(n); }
+#if defined(WIN16) && !defined(MONOLITH) && defined(SSLEAY) && defined(_WINEXITNOPERSIST)
+#  define EXIT(n) { if (n == 0) _wsetexit(_WINEXITNOPERSIST); return(n); }
 #else
 #  define EXIT(n)		return(n);
 #endif
@@ -138,7 +167,7 @@ extern "C" {
 #  define R_OK	4
 #endif
 #  define SSLEAY_CONF	"ssleay.cnf"
-#  define NUL_DEV		"nul"
+#  define NUL_DEV	"nul"
 #  define RFILE		".rnd"
 
 #else /* The non-microsoft world world */
@@ -191,6 +220,9 @@ extern HINSTANCE _hInstance;
 #      include <netdb.h>
 #      include <sys/types.h>
 #      include <sys/socket.h>
+#      ifdef FILIO_H
+#        include <sys/filio.h> /* Added for FIONBIO under unixware */
+#      endif
 #      include <sys/param.h>
 #      include <sys/time.h> /* Needed under linux for FD_XXX */
 #      include <netinet/in.h>
@@ -234,12 +266,14 @@ extern HINSTANCE _hInstance;
 #ifndef NOPROTO
 #define P_CC_CC	const void *,const void *
 #define P_I_I		int,int 
+#define P_I_I_P		int,int,char *
 #define P_I_I_P_I	int,int,char *,int
 #define P_IP_I_I_P_I	int *,int,int,char *,int
 #define P_V		void 
 #else
 #define P_CC_CC
 #define P_I_I
+#define P_I_I_P
 #define P_IP_I_I_P_I
 #define P_I_I_P_I
 #define P_V
diff --git a/makefile.one b/makefile.one
index afb3127abd..b0931e0d6f 100644
--- a/makefile.one
+++ b/makefile.one
@@ -18,6 +18,7 @@ CC=cc
 CFLAG=-O -DTERMIO
 APP_CFLAG=
 LIB_CFLAG=
+SHLIB_CFLAG=
 APP_EX_OBJ=
 SHLIB_EX_OBJ=
 # add extra libraries to this define, for solaris -lsocket -lnsl would
@@ -38,11 +39,25 @@ DES_CRYPT_OBJ=
 DES_CRYPT_SRC=
 BF_ENC_OBJ=
 BF_ENC_SRC=
+CAST_ENC_OBJ=
+CAST_ENC_SRC=
+RC4_ENC_OBJ=
+RC4_ENC_SRC=
+RC5_ENC_OBJ=
+RC5_ENC_SRC=
+MD5_ASM_OBJ=
+MD5_ASM_SRC=
+SHA1_ASM_OBJ=
+SHA1_ASM_SRC=
+RMD160_ASM_OBJ=
+RMD160_ASM_SRC=
 
 # The output directory for everything intersting
 OUT_D=out
 # The output directory for all the temporary muck
 TMP_D=tmp
+# The output directory for the header files
+INC_D=outinc
 
 CP=/bin/cp
 RM=/bin/rm -f
@@ -64,11 +79,9 @@ RSAGLUE=RSAglue
 # BIN_D  - Binary output directory
 # TEST_D - Binary test file output directory
 # LIB_D  - library output directory
-# INC_D  - include directory
 BIN_D=$(OUT_D)
 TEST_D=$(OUT_D)
 LIB_D=$(OUT_D)
-INC_D=$(OUT_D)
 
 # INCL_D - local library directory
 # OBJ_D  - temp object file directory
@@ -78,8 +91,10 @@ INCL_D=$(TMP_D)
 O_SSL=     $(LIB_D)/lib$(SSL).a
 O_CRYPTO=  $(LIB_D)/lib$(CRYPTO).a
 O_RSAGLUE= $(LIB_D)/lib$(RSAGLUE).a
-L_SSL=     $(LIB_D)/lib$(SSL).a
-L_CRYPTO=  $(LIB_D)/lib$(CRYPTO).a
+SO_SSL=    lib$(SSL)
+SO_CRYPTO= lib$(CRYPTO)
+L_SSL=     $(LIB_D)/$(SSL).a
+L_CRYPTO=  $(LIB_D)/$(CRYPTO).a
 
 L_LIBS= $(L_SSL) $(L_CRYPTO)
 #L_LIBS= $(O_SSL) $(O_RSAGLUE) -lrsaref $(O_CRYPTO)
@@ -88,137 +103,152 @@ L_LIBS= $(L_SSL) $(L_CRYPTO)
 # Don't touch anything below this point
 ######################################################
 
-INC=-DFLAT_INC -I$(INC_D) -I$(INCL_D)
+INC=-I$(INC_D) -I$(INCL_D)
 APP_CFLAGS=$(INC) $(CFLAG) $(APP_CFLAG)
 LIB_CFLAGS=$(INC) $(CFLAG) $(LIB_CFLAG)
+SHLIB_CFLAGS=$(INC) $(CFLAG) $(LIB_CFLAG) $(SHLIB_CFLAG)
 LIBS_DEP=$(O_CRYPTO) $(O_RSAGLUE) $(O_SSL)
 
 #############################################
-HEADER=$(INCL_D)/e_os.h \
-	$(INCL_D)/cryptlib.h $(INCL_D)/date.h $(INCL_D)/md5_locl.h \
-	$(INCL_D)/sha_locl.h $(INCL_D)/des_locl.h $(INCL_D)/rpc_des.h \
-	$(INCL_D)/podd.h $(INCL_D)/sk.h $(INCL_D)/spr.h \
-	$(INCL_D)/des_ver.h $(INCL_D)/rc2_locl.h $(INCL_D)/idea_lcl.h \
-	$(INCL_D)/bf_pi.h $(INCL_D)/bf_locl.h $(INCL_D)/bn_lcl.h \
-	$(INCL_D)/bn_prime.h $(INCL_D)/obj_dat.h $(INCL_D)/conf_lcl.h \
-	$(INCL_D)/ssl_locl.h $(INCL_D)/rsaref.h $(INCL_D)/apps.h \
-	$(INCL_D)/progs.h $(INCL_D)/s_apps.h $(INCL_D)/testdsa.h \
-	$(INCL_D)/testrsa.h
-
-EXHEADER=$(INC_D)/crypto.h \
-	$(INC_D)/cryptall.h $(INC_D)/md2.h $(INC_D)/md5.h \
-	$(INC_D)/sha.h $(INC_D)/mdc2.h $(INC_D)/des.h \
-	$(INC_D)/rc4.h $(INC_D)/rc2.h $(INC_D)/idea.h \
-	$(INC_D)/blowfish.h $(INC_D)/bn.h $(INC_D)/rsa.h \
-	$(INC_D)/dsa.h $(INC_D)/dh.h $(INC_D)/buffer.h \
-	$(INC_D)/bio.h $(INC_D)/stack.h $(INC_D)/lhash.h \
+HEADER=$(INCL_D)/cryptlib.h \
+	$(INCL_D)/date.h $(INCL_D)/md5_locl.h $(INCL_D)/sha_locl.h \
+	$(INCL_D)/rmd_locl.h $(INCL_D)/rmdconst.h $(INCL_D)/des_locl.h \
+	$(INCL_D)/rpc_des.h $(INCL_D)/podd.h $(INCL_D)/sk.h \
+	$(INCL_D)/spr.h $(INCL_D)/des_ver.h $(INCL_D)/rc2_locl.h \
+	$(INCL_D)/rc4_locl.h $(INCL_D)/rc5_locl.h $(INCL_D)/idea_lcl.h \
+	$(INCL_D)/bf_pi.h $(INCL_D)/bf_locl.h $(INCL_D)/cast_s.h \
+	$(INCL_D)/cast_lcl.h $(INCL_D)/bn_lcl.h $(INCL_D)/bn_prime.h \
+	$(INCL_D)/obj_dat.h $(INCL_D)/conf_lcl.h $(INCL_D)/ssl_locl.h \
+	$(INCL_D)/rsaref.h $(INCL_D)/apps.h $(INCL_D)/progs.h \
+	$(INCL_D)/s_apps.h $(INCL_D)/testdsa.h $(INCL_D)/testrsa.h
+
+EXHEADER=$(INC_D)/e_os.h \
+	$(INC_D)/crypto.h $(INC_D)/cryptall.h $(INC_D)/md2.h \
+	$(INC_D)/md5.h $(INC_D)/sha.h $(INC_D)/mdc2.h \
+	$(INC_D)/hmac.h $(INC_D)/ripemd.h $(INC_D)/des.h \
+	$(INC_D)/rc2.h $(INC_D)/rc4.h $(INC_D)/rc5.h \
+	$(INC_D)/idea.h $(INC_D)/blowfish.h $(INC_D)/cast.h \
+	$(INC_D)/bn.h $(INC_D)/rsa.h $(INC_D)/dsa.h \
+	$(INC_D)/dh.h $(INC_D)/buffer.h $(INC_D)/bio.h \
+	$(INC_D)/bss_file.c $(INC_D)/stack.h $(INC_D)/lhash.h \
 	$(INC_D)/rand.h $(INC_D)/err.h $(INC_D)/objects.h \
 	$(INC_D)/evp.h $(INC_D)/pem.h $(INC_D)/asn1.h \
 	$(INC_D)/asn1_mac.h $(INC_D)/x509.h $(INC_D)/x509_vfy.h \
 	$(INC_D)/conf.h $(INC_D)/txt_db.h $(INC_D)/pkcs7.h \
 	$(INC_D)/ssl.h $(INC_D)/ssl2.h $(INC_D)/ssl3.h \
-	$(INC_D)/ssl23.h
+	$(INC_D)/ssl23.h $(INC_D)/tls1.h
 
 T_OBJ=$(OBJ_D)/md2test.o \
 	$(OBJ_D)/md5test.o $(OBJ_D)/shatest.o $(OBJ_D)/sha1test.o \
-	$(OBJ_D)/mdc2test.o $(OBJ_D)/destest.o $(OBJ_D)/rc4test.o \
-	$(OBJ_D)/rc2test.o $(OBJ_D)/ideatest.o $(OBJ_D)/bftest.o \
-	$(OBJ_D)/bntest.o $(OBJ_D)/exptest.o $(OBJ_D)/dsatest.o \
-	$(OBJ_D)/dhtest.o $(OBJ_D)/randtest.o $(OBJ_D)/ssltest.o
+	$(OBJ_D)/mdc2test.o $(OBJ_D)/hmactest.o $(OBJ_D)/rmdtest.o \
+	$(OBJ_D)/destest.o $(OBJ_D)/rc2test.o $(OBJ_D)/rc4test.o \
+	$(OBJ_D)/rc5test.o $(OBJ_D)/ideatest.o $(OBJ_D)/bftest.o \
+	$(OBJ_D)/casttest.o $(OBJ_D)/bntest.o $(OBJ_D)/exptest.o \
+	$(OBJ_D)/dsatest.o $(OBJ_D)/dhtest.o $(OBJ_D)/randtest.o \
+	$(OBJ_D)/ssltest.o
 
 E_OBJ=$(OBJ_D)/verify.o \
 	$(OBJ_D)/asn1pars.o $(OBJ_D)/req.o $(OBJ_D)/dgst.o \
 	$(OBJ_D)/dh.o $(OBJ_D)/enc.o $(OBJ_D)/gendh.o \
-	$(OBJ_D)/errstr.o $(OBJ_D)/ca.o $(OBJ_D)/gendsa.o \
-	$(OBJ_D)/pkcs7.o $(OBJ_D)/crl2p7.o $(OBJ_D)/crl.o \
-	$(OBJ_D)/rsa.o $(OBJ_D)/dsa.o $(OBJ_D)/dsaparam.o \
-	$(OBJ_D)/x509.o $(OBJ_D)/genrsa.o $(OBJ_D)/s_server.o \
-	$(OBJ_D)/s_client.o $(OBJ_D)/speed.o $(OBJ_D)/s_time.o \
-	$(OBJ_D)/apps.o $(OBJ_D)/s_cb.o $(OBJ_D)/s_socket.o \
-	$(OBJ_D)/version.o $(OBJ_D)/sess_id.o $(OBJ_D)/ciphers.o \
-	$(OBJ_D)/ssleay.o
+	$(OBJ_D)/errstr.o $(OBJ_D)/ca.o $(OBJ_D)/pkcs7.o \
+	$(OBJ_D)/crl2p7.o $(OBJ_D)/crl.o $(OBJ_D)/rsa.o \
+	$(OBJ_D)/dsa.o $(OBJ_D)/dsaparam.o $(OBJ_D)/x509.o \
+	$(OBJ_D)/genrsa.o $(OBJ_D)/s_server.o $(OBJ_D)/s_client.o \
+	$(OBJ_D)/speed.o $(OBJ_D)/s_time.o $(OBJ_D)/apps.o \
+	$(OBJ_D)/s_cb.o $(OBJ_D)/s_socket.o $(OBJ_D)/version.o \
+	$(OBJ_D)/sess_id.o $(OBJ_D)/ciphers.o $(OBJ_D)/ssleay.o
 
 CRYPTOOBJ=$(OBJ_D)/cryptlib.o \
-	$(OBJ_D)/mem.o $(OBJ_D)/cversion.o $(OBJ_D)/md2_dgst.o \
-	$(OBJ_D)/md5_dgst.o $(OBJ_D)/md2_one.o $(OBJ_D)/md5_one.o \
-	$(OBJ_D)/sha_dgst.o $(OBJ_D)/sha1dgst.o $(OBJ_D)/sha_one.o \
-	$(OBJ_D)/sha1_one.o $(OBJ_D)/mdc2dgst.o $(OBJ_D)/mdc2_one.o \
-	$(OBJ_D)/set_key.o $(OBJ_D)/ecb_enc.o $(OBJ_D)/ede_enc.o \
-	$(OBJ_D)/cbc_enc.o $(OBJ_D)/cbc3_enc.o $(OBJ_D)/ecb3_enc.o \
+	$(OBJ_D)/mem.o $(OBJ_D)/cversion.o $(OBJ_D)/ex_data.o \
+	$(OBJ_D)/cpt_err.o $(OBJ_D)/md2_dgst.o $(OBJ_D)/md2_one.o \
+	$(OBJ_D)/md5_dgst.o $(OBJ_D)/md5_one.o $(OBJ_D)/sha_dgst.o \
+	$(OBJ_D)/sha1dgst.o $(OBJ_D)/sha_one.o $(OBJ_D)/sha1_one.o \
+	$(OBJ_D)/mdc2dgst.o $(OBJ_D)/mdc2_one.o $(OBJ_D)/hmac.o \
+	$(OBJ_D)/rmd_dgst.o $(OBJ_D)/rmd_one.o $(OBJ_D)/set_key.o \
+	$(OBJ_D)/ecb_enc.o $(OBJ_D)/cbc_enc.o $(OBJ_D)/ecb3_enc.o \
 	$(OBJ_D)/cfb64enc.o $(OBJ_D)/cfb64ede.o $(OBJ_D)/cfb_enc.o \
 	$(OBJ_D)/ofb64ede.o $(OBJ_D)/enc_read.o $(OBJ_D)/enc_writ.o \
-	$(OBJ_D)/ncbc_enc.o $(OBJ_D)/ofb64enc.o $(OBJ_D)/ofb_enc.o \
-	$(OBJ_D)/str2key.o $(OBJ_D)/pcbc_enc.o $(OBJ_D)/qud_cksm.o \
-	$(OBJ_D)/rand_key.o $(OBJ_D)/des_enc.o $(OBJ_D)/fcrypt_b.o \
-	$(OBJ_D)/read2pwd.o $(OBJ_D)/fcrypt.o $(OBJ_D)/xcbc_enc.o \
-	$(OBJ_D)/read_pwd.o $(OBJ_D)/rpc_enc.o $(OBJ_D)/cbc_cksm.o \
-	$(OBJ_D)/supp.o $(OBJ_D)/rc4_enc.o $(OBJ_D)/rc2_ecb.o \
-	$(OBJ_D)/rc2_skey.o $(OBJ_D)/rc2_cbc.o $(OBJ_D)/rc2cfb64.o \
-	$(OBJ_D)/rc2ofb64.o $(OBJ_D)/i_cbc.o $(OBJ_D)/i_cfb64.o \
-	$(OBJ_D)/i_ofb64.o $(OBJ_D)/i_ecb.o $(OBJ_D)/i_skey.o \
-	$(OBJ_D)/bf_skey.o $(OBJ_D)/bf_ecb.o $(OBJ_D)/bf_enc.o \
-	$(OBJ_D)/bf_cbc.o $(OBJ_D)/bf_cfb64.o $(OBJ_D)/bf_ofb64.o \
+	$(OBJ_D)/ofb64enc.o $(OBJ_D)/ofb_enc.o $(OBJ_D)/str2key.o \
+	$(OBJ_D)/pcbc_enc.o $(OBJ_D)/qud_cksm.o $(OBJ_D)/rand_key.o \
+	$(OBJ_D)/des_enc.o $(OBJ_D)/fcrypt_b.o $(OBJ_D)/read2pwd.o \
+	$(OBJ_D)/fcrypt.o $(OBJ_D)/xcbc_enc.o $(OBJ_D)/read_pwd.o \
+	$(OBJ_D)/rpc_enc.o $(OBJ_D)/cbc_cksm.o $(OBJ_D)/supp.o \
+	$(OBJ_D)/rc2_ecb.o $(OBJ_D)/rc2_skey.o $(OBJ_D)/rc2_cbc.o \
+	$(OBJ_D)/rc2cfb64.o $(OBJ_D)/rc2ofb64.o $(OBJ_D)/rc4_skey.o \
+	$(OBJ_D)/rc4_enc.o $(OBJ_D)/rc5_skey.o $(OBJ_D)/rc5_ecb.o \
+	$(OBJ_D)/rc5_enc.o $(OBJ_D)/rc5cfb64.o $(OBJ_D)/rc5ofb64.o \
+	$(OBJ_D)/i_cbc.o $(OBJ_D)/i_cfb64.o $(OBJ_D)/i_ofb64.o \
+	$(OBJ_D)/i_ecb.o $(OBJ_D)/i_skey.o $(OBJ_D)/bf_skey.o \
+	$(OBJ_D)/bf_ecb.o $(OBJ_D)/bf_enc.o $(OBJ_D)/bf_cfb64.o \
+	$(OBJ_D)/bf_ofb64.o $(OBJ_D)/c_skey.o $(OBJ_D)/c_ecb.o \
+	$(OBJ_D)/c_enc.o $(OBJ_D)/c_cfb64.o $(OBJ_D)/c_ofb64.o \
 	$(OBJ_D)/bn_add.o $(OBJ_D)/bn_div.o $(OBJ_D)/bn_exp.o \
 	$(OBJ_D)/bn_lib.o $(OBJ_D)/bn_mod.o $(OBJ_D)/bn_mul.o \
 	$(OBJ_D)/bn_print.o $(OBJ_D)/bn_rand.o $(OBJ_D)/bn_shift.o \
-	$(OBJ_D)/bn_sub.o $(OBJ_D)/bn_word.o $(OBJ_D)/bn_gcd.o \
-	$(OBJ_D)/bn_prime.o $(OBJ_D)/bn_err.o $(OBJ_D)/bn_sqr.o \
-	$(OBJ_D)/bn_mulw.o $(OBJ_D)/bn_recp.o $(OBJ_D)/bn_mont.o \
-	$(OBJ_D)/rsa_enc.o $(OBJ_D)/rsa_gen.o $(OBJ_D)/rsa_lib.o \
-	$(OBJ_D)/rsa_sign.o $(OBJ_D)/rsa_saos.o $(OBJ_D)/rsa_err.o \
-	$(OBJ_D)/dsa_gen.o $(OBJ_D)/dsa_key.o $(OBJ_D)/dsa_lib.o \
-	$(OBJ_D)/dsa_vrf.o $(OBJ_D)/dsa_sign.o $(OBJ_D)/dsa_err.o \
-	$(OBJ_D)/dh_gen.o $(OBJ_D)/dh_key.o $(OBJ_D)/dh_lib.o \
-	$(OBJ_D)/dh_check.o $(OBJ_D)/dh_err.o $(OBJ_D)/buffer.o \
-	$(OBJ_D)/buf_err.o $(OBJ_D)/bio_lib.o $(OBJ_D)/bio_cb.o \
-	$(OBJ_D)/bio_err.o $(OBJ_D)/bss_mem.o $(OBJ_D)/bss_null.o \
-	$(OBJ_D)/bss_fd.o $(OBJ_D)/bss_file.o $(OBJ_D)/bss_sock.o \
-	$(OBJ_D)/bss_conn.o $(OBJ_D)/bf_null.o $(OBJ_D)/bf_buff.o \
-	$(OBJ_D)/b_print.o $(OBJ_D)/b_dump.o $(OBJ_D)/b_sock.o \
-	$(OBJ_D)/bss_acpt.o $(OBJ_D)/bf_nbio.o $(OBJ_D)/stack.o \
-	$(OBJ_D)/lhash.o $(OBJ_D)/lh_stats.o $(OBJ_D)/md_rand.o \
-	$(OBJ_D)/randfile.o $(OBJ_D)/err.o $(OBJ_D)/err_all.o \
-	$(OBJ_D)/err_prn.o $(OBJ_D)/obj_dat.o $(OBJ_D)/obj_lib.o \
-	$(OBJ_D)/obj_err.o $(OBJ_D)/encode.o $(OBJ_D)/digest.o \
-	$(OBJ_D)/evp_enc.o $(OBJ_D)/evp_key.o $(OBJ_D)/e_ecb_d.o \
-	$(OBJ_D)/e_cbc_d.o $(OBJ_D)/e_cfb_d.o $(OBJ_D)/e_ofb_d.o \
-	$(OBJ_D)/e_ecb_i.o $(OBJ_D)/e_cbc_i.o $(OBJ_D)/e_cfb_i.o \
-	$(OBJ_D)/e_ofb_i.o $(OBJ_D)/e_ecb_3d.o $(OBJ_D)/e_cbc_3d.o \
-	$(OBJ_D)/e_rc4.o $(OBJ_D)/names.o $(OBJ_D)/e_cfb_3d.o \
-	$(OBJ_D)/e_ofb_3d.o $(OBJ_D)/e_xcbc_d.o $(OBJ_D)/e_ecb_r2.o \
-	$(OBJ_D)/e_cbc_r2.o $(OBJ_D)/e_cfb_r2.o $(OBJ_D)/e_ofb_r2.o \
-	$(OBJ_D)/e_ecb_bf.o $(OBJ_D)/e_cbc_bf.o $(OBJ_D)/e_cfb_bf.o \
-	$(OBJ_D)/e_ofb_bf.o $(OBJ_D)/m_null.o $(OBJ_D)/m_md2.o \
-	$(OBJ_D)/m_md5.o $(OBJ_D)/m_sha.o $(OBJ_D)/m_sha1.o \
-	$(OBJ_D)/m_dss.o $(OBJ_D)/m_dss1.o $(OBJ_D)/m_mdc2.o \
-	$(OBJ_D)/p_open.o $(OBJ_D)/p_seal.o $(OBJ_D)/p_sign.o \
-	$(OBJ_D)/p_verify.o $(OBJ_D)/p_lib.o $(OBJ_D)/bio_md.o \
-	$(OBJ_D)/bio_b64.o $(OBJ_D)/bio_enc.o $(OBJ_D)/evp_err.o \
-	$(OBJ_D)/e_null.o $(OBJ_D)/c_all.o $(OBJ_D)/pem_sign.o \
-	$(OBJ_D)/pem_seal.o $(OBJ_D)/pem_info.o $(OBJ_D)/pem_lib.o \
-	$(OBJ_D)/pem_all.o $(OBJ_D)/pem_err.o $(OBJ_D)/a_object.o \
-	$(OBJ_D)/a_bitstr.o $(OBJ_D)/a_utctm.o $(OBJ_D)/a_int.o \
-	$(OBJ_D)/a_octet.o $(OBJ_D)/a_print.o $(OBJ_D)/a_type.o \
-	$(OBJ_D)/a_set.o $(OBJ_D)/a_dup.o $(OBJ_D)/a_d2i_fp.o \
-	$(OBJ_D)/a_i2d_fp.o $(OBJ_D)/a_sign.o $(OBJ_D)/a_digest.o \
-	$(OBJ_D)/a_verify.o $(OBJ_D)/x_algor.o $(OBJ_D)/x_val.o \
-	$(OBJ_D)/x_pubkey.o $(OBJ_D)/x_sig.o $(OBJ_D)/x_req.o \
-	$(OBJ_D)/x_attrib.o $(OBJ_D)/x_name.o $(OBJ_D)/x_cinf.o \
-	$(OBJ_D)/x_x509.o $(OBJ_D)/x_crl.o $(OBJ_D)/x_info.o \
-	$(OBJ_D)/x_spki.o $(OBJ_D)/d2i_r_pr.o $(OBJ_D)/i2d_r_pr.o \
-	$(OBJ_D)/d2i_r_pu.o $(OBJ_D)/i2d_r_pu.o $(OBJ_D)/d2i_s_pr.o \
-	$(OBJ_D)/i2d_s_pr.o $(OBJ_D)/d2i_s_pu.o $(OBJ_D)/i2d_s_pu.o \
-	$(OBJ_D)/d2i_pu.o $(OBJ_D)/d2i_pr.o $(OBJ_D)/i2d_pu.o \
-	$(OBJ_D)/i2d_pr.o $(OBJ_D)/t_req.o $(OBJ_D)/t_x509.o \
-	$(OBJ_D)/t_pkey.o $(OBJ_D)/p7_i_s.o $(OBJ_D)/p7_signi.o \
-	$(OBJ_D)/p7_signd.o $(OBJ_D)/p7_recip.o $(OBJ_D)/p7_enc_c.o \
-	$(OBJ_D)/p7_evp.o $(OBJ_D)/p7_dgst.o $(OBJ_D)/p7_s_e.o \
-	$(OBJ_D)/p7_enc.o $(OBJ_D)/p7_lib.o $(OBJ_D)/f_int.o \
-	$(OBJ_D)/f_string.o $(OBJ_D)/i2d_dhp.o $(OBJ_D)/i2d_dsap.o \
-	$(OBJ_D)/d2i_dhp.o $(OBJ_D)/d2i_dsap.o $(OBJ_D)/n_pkey.o \
-	$(OBJ_D)/a_hdr.o $(OBJ_D)/x_pkey.o $(OBJ_D)/a_bool.o \
-	$(OBJ_D)/x_exten.o $(OBJ_D)/asn1_par.o $(OBJ_D)/asn1_lib.o \
-	$(OBJ_D)/asn1_err.o $(OBJ_D)/a_meth.o $(OBJ_D)/a_bytes.o \
+	$(OBJ_D)/bn_sub.o $(OBJ_D)/bn_word.o $(OBJ_D)/bn_blind.o \
+	$(OBJ_D)/bn_gcd.o $(OBJ_D)/bn_prime.o $(OBJ_D)/bn_err.o \
+	$(OBJ_D)/bn_sqr.o $(OBJ_D)/bn_mulw.o $(OBJ_D)/bn_recp.o \
+	$(OBJ_D)/bn_mont.o $(OBJ_D)/bn_mpi.o $(OBJ_D)/rsa_eay.o \
+	$(OBJ_D)/rsa_gen.o $(OBJ_D)/rsa_lib.o $(OBJ_D)/rsa_sign.o \
+	$(OBJ_D)/rsa_saos.o $(OBJ_D)/rsa_err.o $(OBJ_D)/rsa_pk1.o \
+	$(OBJ_D)/rsa_ssl.o $(OBJ_D)/rsa_none.o $(OBJ_D)/dsa_gen.o \
+	$(OBJ_D)/dsa_key.o $(OBJ_D)/dsa_lib.o $(OBJ_D)/dsa_vrf.o \
+	$(OBJ_D)/dsa_sign.o $(OBJ_D)/dsa_err.o $(OBJ_D)/dh_gen.o \
+	$(OBJ_D)/dh_key.o $(OBJ_D)/dh_lib.o $(OBJ_D)/dh_check.o \
+	$(OBJ_D)/dh_err.o $(OBJ_D)/buffer.o $(OBJ_D)/buf_err.o \
+	$(OBJ_D)/bio_lib.o $(OBJ_D)/bio_cb.o $(OBJ_D)/bio_err.o \
+	$(OBJ_D)/bss_mem.o $(OBJ_D)/bss_null.o $(OBJ_D)/bss_fd.o \
+	$(OBJ_D)/bss_file.o $(OBJ_D)/bss_sock.o $(OBJ_D)/bss_conn.o \
+	$(OBJ_D)/bf_null.o $(OBJ_D)/bf_buff.o $(OBJ_D)/b_print.o \
+	$(OBJ_D)/b_dump.o $(OBJ_D)/b_sock.o $(OBJ_D)/bss_acpt.o \
+	$(OBJ_D)/bf_nbio.o $(OBJ_D)/stack.o $(OBJ_D)/lhash.o \
+	$(OBJ_D)/lh_stats.o $(OBJ_D)/md_rand.o $(OBJ_D)/randfile.o \
+	$(OBJ_D)/err.o $(OBJ_D)/err_all.o $(OBJ_D)/err_prn.o \
+	$(OBJ_D)/obj_dat.o $(OBJ_D)/obj_lib.o $(OBJ_D)/obj_err.o \
+	$(OBJ_D)/encode.o $(OBJ_D)/digest.o $(OBJ_D)/evp_enc.o \
+	$(OBJ_D)/evp_key.o $(OBJ_D)/e_ecb_d.o $(OBJ_D)/e_cbc_d.o \
+	$(OBJ_D)/e_cfb_d.o $(OBJ_D)/e_ofb_d.o $(OBJ_D)/e_ecb_i.o \
+	$(OBJ_D)/e_cbc_i.o $(OBJ_D)/e_cfb_i.o $(OBJ_D)/e_ofb_i.o \
+	$(OBJ_D)/e_ecb_3d.o $(OBJ_D)/e_cbc_3d.o $(OBJ_D)/e_rc4.o \
+	$(OBJ_D)/names.o $(OBJ_D)/e_cfb_3d.o $(OBJ_D)/e_ofb_3d.o \
+	$(OBJ_D)/e_xcbc_d.o $(OBJ_D)/e_ecb_r2.o $(OBJ_D)/e_cbc_r2.o \
+	$(OBJ_D)/e_cfb_r2.o $(OBJ_D)/e_ofb_r2.o $(OBJ_D)/e_ecb_bf.o \
+	$(OBJ_D)/e_cbc_bf.o $(OBJ_D)/e_cfb_bf.o $(OBJ_D)/e_ofb_bf.o \
+	$(OBJ_D)/e_ecb_c.o $(OBJ_D)/e_cbc_c.o $(OBJ_D)/e_cfb_c.o \
+	$(OBJ_D)/e_ofb_c.o $(OBJ_D)/e_ecb_r5.o $(OBJ_D)/e_cbc_r5.o \
+	$(OBJ_D)/e_cfb_r5.o $(OBJ_D)/e_ofb_r5.o $(OBJ_D)/m_null.o \
+	$(OBJ_D)/m_md2.o $(OBJ_D)/m_md5.o $(OBJ_D)/m_sha.o \
+	$(OBJ_D)/m_sha1.o $(OBJ_D)/m_dss.o $(OBJ_D)/m_dss1.o \
+	$(OBJ_D)/m_mdc2.o $(OBJ_D)/m_ripemd.o $(OBJ_D)/p_open.o \
+	$(OBJ_D)/p_seal.o $(OBJ_D)/p_sign.o $(OBJ_D)/p_verify.o \
+	$(OBJ_D)/p_lib.o $(OBJ_D)/p_enc.o $(OBJ_D)/p_dec.o \
+	$(OBJ_D)/bio_md.o $(OBJ_D)/bio_b64.o $(OBJ_D)/bio_enc.o \
+	$(OBJ_D)/evp_err.o $(OBJ_D)/e_null.o $(OBJ_D)/c_all.o \
+	$(OBJ_D)/evp_lib.o $(OBJ_D)/pem_sign.o $(OBJ_D)/pem_seal.o \
+	$(OBJ_D)/pem_info.o $(OBJ_D)/pem_lib.o $(OBJ_D)/pem_all.o \
+	$(OBJ_D)/pem_err.o $(OBJ_D)/a_object.o $(OBJ_D)/a_bitstr.o \
+	$(OBJ_D)/a_utctm.o $(OBJ_D)/a_int.o $(OBJ_D)/a_octet.o \
+	$(OBJ_D)/a_print.o $(OBJ_D)/a_type.o $(OBJ_D)/a_set.o \
+	$(OBJ_D)/a_dup.o $(OBJ_D)/a_d2i_fp.o $(OBJ_D)/a_i2d_fp.o \
+	$(OBJ_D)/a_sign.o $(OBJ_D)/a_digest.o $(OBJ_D)/a_verify.o \
+	$(OBJ_D)/x_algor.o $(OBJ_D)/x_val.o $(OBJ_D)/x_pubkey.o \
+	$(OBJ_D)/x_sig.o $(OBJ_D)/x_req.o $(OBJ_D)/x_attrib.o \
+	$(OBJ_D)/x_name.o $(OBJ_D)/x_cinf.o $(OBJ_D)/x_x509.o \
+	$(OBJ_D)/x_crl.o $(OBJ_D)/x_info.o $(OBJ_D)/x_spki.o \
+	$(OBJ_D)/d2i_r_pr.o $(OBJ_D)/i2d_r_pr.o $(OBJ_D)/d2i_r_pu.o \
+	$(OBJ_D)/i2d_r_pu.o $(OBJ_D)/d2i_s_pr.o $(OBJ_D)/i2d_s_pr.o \
+	$(OBJ_D)/d2i_s_pu.o $(OBJ_D)/i2d_s_pu.o $(OBJ_D)/d2i_pu.o \
+	$(OBJ_D)/d2i_pr.o $(OBJ_D)/i2d_pu.o $(OBJ_D)/i2d_pr.o \
+	$(OBJ_D)/t_req.o $(OBJ_D)/t_x509.o $(OBJ_D)/t_pkey.o \
+	$(OBJ_D)/p7_i_s.o $(OBJ_D)/p7_signi.o $(OBJ_D)/p7_signd.o \
+	$(OBJ_D)/p7_recip.o $(OBJ_D)/p7_enc_c.o $(OBJ_D)/p7_evp.o \
+	$(OBJ_D)/p7_dgst.o $(OBJ_D)/p7_s_e.o $(OBJ_D)/p7_enc.o \
+	$(OBJ_D)/p7_lib.o $(OBJ_D)/f_int.o $(OBJ_D)/f_string.o \
+	$(OBJ_D)/i2d_dhp.o $(OBJ_D)/i2d_dsap.o $(OBJ_D)/d2i_dhp.o \
+	$(OBJ_D)/d2i_dsap.o $(OBJ_D)/n_pkey.o $(OBJ_D)/a_hdr.o \
+	$(OBJ_D)/x_pkey.o $(OBJ_D)/a_bool.o $(OBJ_D)/x_exten.o \
+	$(OBJ_D)/asn1_par.o $(OBJ_D)/asn1_lib.o $(OBJ_D)/asn1_err.o \
+	$(OBJ_D)/a_meth.o $(OBJ_D)/a_bytes.o $(OBJ_D)/evp_asn1.o \
 	$(OBJ_D)/x509_def.o $(OBJ_D)/x509_d2.o $(OBJ_D)/x509_r2x.o \
 	$(OBJ_D)/x509_cmp.o $(OBJ_D)/x509_obj.o $(OBJ_D)/x509_req.o \
 	$(OBJ_D)/x509_vfy.o $(OBJ_D)/x509_set.o $(OBJ_D)/x509rset.o \
@@ -232,38 +262,51 @@ CRYPTOOBJ=$(OBJ_D)/cryptlib.o \
 
 SSLOBJ=$(OBJ_D)/s2_meth.o \
 	$(OBJ_D)/s2_srvr.o $(OBJ_D)/s2_clnt.o $(OBJ_D)/s2_lib.o \
-	$(OBJ_D)/s2_pkt.o $(OBJ_D)/s2_enc.o $(OBJ_D)/s3_meth.o \
+	$(OBJ_D)/s2_enc.o $(OBJ_D)/s2_pkt.o $(OBJ_D)/s3_meth.o \
 	$(OBJ_D)/s3_srvr.o $(OBJ_D)/s3_clnt.o $(OBJ_D)/s3_lib.o \
-	$(OBJ_D)/s3_pkt.o $(OBJ_D)/s3_enc.o $(OBJ_D)/s3_both.o \
+	$(OBJ_D)/s3_enc.o $(OBJ_D)/s3_pkt.o $(OBJ_D)/s3_both.o \
 	$(OBJ_D)/s23_meth.o $(OBJ_D)/s23_srvr.o $(OBJ_D)/s23_clnt.o \
-	$(OBJ_D)/s23_lib.o $(OBJ_D)/s23_pkt.o $(OBJ_D)/ssl_lib.o \
-	$(OBJ_D)/ssl_err2.o $(OBJ_D)/ssl_cert.o $(OBJ_D)/ssl_sess.o \
-	$(OBJ_D)/ssl_ciph.o $(OBJ_D)/ssl_stat.o $(OBJ_D)/ssl_rsa.o \
-	$(OBJ_D)/ssl_asn1.o $(OBJ_D)/ssl_txt.o $(OBJ_D)/ssl_algs.o \
-	$(OBJ_D)/bio_ssl.o $(OBJ_D)/ssl_err.o
+	$(OBJ_D)/s23_lib.o $(OBJ_D)/s23_pkt.o $(OBJ_D)/t1_meth.o \
+	$(OBJ_D)/t1_srvr.o $(OBJ_D)/t1_clnt.o $(OBJ_D)/t1_lib.o \
+	$(OBJ_D)/t1_enc.o $(OBJ_D)/ssl_lib.o $(OBJ_D)/ssl_err2.o \
+	$(OBJ_D)/ssl_cert.o $(OBJ_D)/ssl_sess.o $(OBJ_D)/ssl_ciph.o \
+	$(OBJ_D)/ssl_stat.o $(OBJ_D)/ssl_rsa.o $(OBJ_D)/ssl_asn1.o \
+	$(OBJ_D)/ssl_txt.o $(OBJ_D)/ssl_algs.o $(OBJ_D)/bio_ssl.o \
+	$(OBJ_D)/ssl_err.o
 
 RSAGLUEOBJ=$(OBJ_D)/rsaref.o \
 	$(OBJ_D)/rsar_err.o
 
 T_EXE=$(TEST_D)/md2test \
 	$(TEST_D)/md5test $(TEST_D)/shatest $(TEST_D)/sha1test \
-	$(TEST_D)/mdc2test $(TEST_D)/destest $(TEST_D)/rc4test \
-	$(TEST_D)/rc2test $(TEST_D)/ideatest $(TEST_D)/bftest \
-	$(TEST_D)/bntest $(TEST_D)/exptest $(TEST_D)/dsatest \
-	$(TEST_D)/dhtest $(TEST_D)/randtest $(TEST_D)/ssltest
+	$(TEST_D)/mdc2test $(TEST_D)/hmactest $(TEST_D)/rmdtest \
+	$(TEST_D)/destest $(TEST_D)/rc2test $(TEST_D)/rc4test \
+	$(TEST_D)/rc5test $(TEST_D)/ideatest $(TEST_D)/bftest \
+	$(TEST_D)/casttest $(TEST_D)/bntest $(TEST_D)/exptest \
+	$(TEST_D)/dsatest $(TEST_D)/dhtest $(TEST_D)/randtest \
+	$(TEST_D)/ssltest
 
 ###################################################################
-all: banner $(OUT_D) $(TMP_D) headers lib exe
+all: banner $(TMP_D) $(BIN_D) $(TEST_D) $(LIB_D) $(INC_D) headers lib exe
 
 banner:
 
 
-$(OUT_D):
-	$(MKDIR) $(OUT_D)
-
 $(TMP_D):
 	$(MKDIR) $(TMP_D)
 
+$(BIN_D):
+	$(MKDIR) $(BIN_D)
+
+$(TEST_D):
+	$(MKDIR) $(TEST_D)
+
+$(LIB_D):
+	$(MKDIR) $(LIB_D)
+
+$(INC_D):
+	$(MKDIR) $(INC_D)
+
 headers: $(HEADER) $(EXHEADER)
 
 lib: $(LIBS_DEP)
@@ -275,10 +318,10 @@ install:
 	$(MKDIR) $(INSTALLTOP)/bin
 	$(MKDIR) $(INSTALLTOP)/include
 	$(MKDIR) $(INSTALLTOP)/lib
-	$(CP) $(INC_D)/*.h $(INSTALLTOP)/include
+	$(CP) $(INC_D)/*.[ch] $(INSTALLTOP)/include
 	$(CP) $(BIN_D)/$(E_EXE) $(INSTALLTOP)/bin
-	$(CP) $(LIB_D)/$(O_SSL) $(INSTALLTOP)/lib
-	$(CP) $(LIB_D)/$(O_CRYPTO) $(INSTALLTOP)/lib
+	$(CP) $(O_SSL) $(INSTALLTOP)/lib
+	$(CP) $(O_CRYPTO) $(INSTALLTOP)/lib
 
 clean:
 	$(RM) $(TMP_D)/*.*
@@ -287,21 +330,24 @@ vclean:
 	$(RM) $(TMP_D)/*.*
 	$(RM) $(OUT_D)/*.*
 
-$(INCL_D)/e_os.h: $(SRC_D)/./e_os.h
-	$(CP) $(SRC_D)/./e_os.h $(INCL_D)/e_os.h
-
 $(INCL_D)/cryptlib.h: $(SRC_D)/crypto/cryptlib.h
 	$(CP) $(SRC_D)/crypto/cryptlib.h $(INCL_D)/cryptlib.h
 
 $(INCL_D)/date.h: $(SRC_D)/crypto/date.h
 	$(CP) $(SRC_D)/crypto/date.h $(INCL_D)/date.h
 
-$(INCL_D)/md5_locl.h: $(SRC_D)/crypto/md/md5_locl.h
-	$(CP) $(SRC_D)/crypto/md/md5_locl.h $(INCL_D)/md5_locl.h
+$(INCL_D)/md5_locl.h: $(SRC_D)/crypto/md5/md5_locl.h
+	$(CP) $(SRC_D)/crypto/md5/md5_locl.h $(INCL_D)/md5_locl.h
 
 $(INCL_D)/sha_locl.h: $(SRC_D)/crypto/sha/sha_locl.h
 	$(CP) $(SRC_D)/crypto/sha/sha_locl.h $(INCL_D)/sha_locl.h
 
+$(INCL_D)/rmd_locl.h: $(SRC_D)/crypto/ripemd/rmd_locl.h
+	$(CP) $(SRC_D)/crypto/ripemd/rmd_locl.h $(INCL_D)/rmd_locl.h
+
+$(INCL_D)/rmdconst.h: $(SRC_D)/crypto/ripemd/rmdconst.h
+	$(CP) $(SRC_D)/crypto/ripemd/rmdconst.h $(INCL_D)/rmdconst.h
+
 $(INCL_D)/des_locl.h: $(SRC_D)/crypto/des/des_locl.h
 	$(CP) $(SRC_D)/crypto/des/des_locl.h $(INCL_D)/des_locl.h
 
@@ -323,6 +369,12 @@ $(INCL_D)/des_ver.h: $(SRC_D)/crypto/des/des_ver.h
 $(INCL_D)/rc2_locl.h: $(SRC_D)/crypto/rc2/rc2_locl.h
 	$(CP) $(SRC_D)/crypto/rc2/rc2_locl.h $(INCL_D)/rc2_locl.h
 
+$(INCL_D)/rc4_locl.h: $(SRC_D)/crypto/rc4/rc4_locl.h
+	$(CP) $(SRC_D)/crypto/rc4/rc4_locl.h $(INCL_D)/rc4_locl.h
+
+$(INCL_D)/rc5_locl.h: $(SRC_D)/crypto/rc5/rc5_locl.h
+	$(CP) $(SRC_D)/crypto/rc5/rc5_locl.h $(INCL_D)/rc5_locl.h
+
 $(INCL_D)/idea_lcl.h: $(SRC_D)/crypto/idea/idea_lcl.h
 	$(CP) $(SRC_D)/crypto/idea/idea_lcl.h $(INCL_D)/idea_lcl.h
 
@@ -332,6 +384,12 @@ $(INCL_D)/bf_pi.h: $(SRC_D)/crypto/bf/bf_pi.h
 $(INCL_D)/bf_locl.h: $(SRC_D)/crypto/bf/bf_locl.h
 	$(CP) $(SRC_D)/crypto/bf/bf_locl.h $(INCL_D)/bf_locl.h
 
+$(INCL_D)/cast_s.h: $(SRC_D)/crypto/cast/cast_s.h
+	$(CP) $(SRC_D)/crypto/cast/cast_s.h $(INCL_D)/cast_s.h
+
+$(INCL_D)/cast_lcl.h: $(SRC_D)/crypto/cast/cast_lcl.h
+	$(CP) $(SRC_D)/crypto/cast/cast_lcl.h $(INCL_D)/cast_lcl.h
+
 $(INCL_D)/bn_lcl.h: $(SRC_D)/crypto/bn/bn_lcl.h
 	$(CP) $(SRC_D)/crypto/bn/bn_lcl.h $(INCL_D)/bn_lcl.h
 
@@ -365,17 +423,20 @@ $(INCL_D)/testdsa.h: $(SRC_D)/apps/testdsa.h
 $(INCL_D)/testrsa.h: $(SRC_D)/apps/testrsa.h
 	$(CP) $(SRC_D)/apps/testrsa.h $(INCL_D)/testrsa.h
 
+$(INC_D)/e_os.h: $(SRC_D)/./e_os.h
+	$(CP) $(SRC_D)/./e_os.h $(INC_D)/e_os.h
+
 $(INC_D)/crypto.h: $(SRC_D)/crypto/crypto.h
 	$(CP) $(SRC_D)/crypto/crypto.h $(INC_D)/crypto.h
 
 $(INC_D)/cryptall.h: $(SRC_D)/crypto/cryptall.h
 	$(CP) $(SRC_D)/crypto/cryptall.h $(INC_D)/cryptall.h
 
-$(INC_D)/md2.h: $(SRC_D)/crypto/md/md2.h
-	$(CP) $(SRC_D)/crypto/md/md2.h $(INC_D)/md2.h
+$(INC_D)/md2.h: $(SRC_D)/crypto/md2/md2.h
+	$(CP) $(SRC_D)/crypto/md2/md2.h $(INC_D)/md2.h
 
-$(INC_D)/md5.h: $(SRC_D)/crypto/md/md5.h
-	$(CP) $(SRC_D)/crypto/md/md5.h $(INC_D)/md5.h
+$(INC_D)/md5.h: $(SRC_D)/crypto/md5/md5.h
+	$(CP) $(SRC_D)/crypto/md5/md5.h $(INC_D)/md5.h
 
 $(INC_D)/sha.h: $(SRC_D)/crypto/sha/sha.h
 	$(CP) $(SRC_D)/crypto/sha/sha.h $(INC_D)/sha.h
@@ -383,14 +444,23 @@ $(INC_D)/sha.h: $(SRC_D)/crypto/sha/sha.h
 $(INC_D)/mdc2.h: $(SRC_D)/crypto/mdc2/mdc2.h
 	$(CP) $(SRC_D)/crypto/mdc2/mdc2.h $(INC_D)/mdc2.h
 
+$(INC_D)/hmac.h: $(SRC_D)/crypto/hmac/hmac.h
+	$(CP) $(SRC_D)/crypto/hmac/hmac.h $(INC_D)/hmac.h
+
+$(INC_D)/ripemd.h: $(SRC_D)/crypto/ripemd/ripemd.h
+	$(CP) $(SRC_D)/crypto/ripemd/ripemd.h $(INC_D)/ripemd.h
+
 $(INC_D)/des.h: $(SRC_D)/crypto/des/des.h
 	$(CP) $(SRC_D)/crypto/des/des.h $(INC_D)/des.h
 
+$(INC_D)/rc2.h: $(SRC_D)/crypto/rc2/rc2.h
+	$(CP) $(SRC_D)/crypto/rc2/rc2.h $(INC_D)/rc2.h
+
 $(INC_D)/rc4.h: $(SRC_D)/crypto/rc4/rc4.h
 	$(CP) $(SRC_D)/crypto/rc4/rc4.h $(INC_D)/rc4.h
 
-$(INC_D)/rc2.h: $(SRC_D)/crypto/rc2/rc2.h
-	$(CP) $(SRC_D)/crypto/rc2/rc2.h $(INC_D)/rc2.h
+$(INC_D)/rc5.h: $(SRC_D)/crypto/rc5/rc5.h
+	$(CP) $(SRC_D)/crypto/rc5/rc5.h $(INC_D)/rc5.h
 
 $(INC_D)/idea.h: $(SRC_D)/crypto/idea/idea.h
 	$(CP) $(SRC_D)/crypto/idea/idea.h $(INC_D)/idea.h
@@ -398,6 +468,9 @@ $(INC_D)/idea.h: $(SRC_D)/crypto/idea/idea.h
 $(INC_D)/blowfish.h: $(SRC_D)/crypto/bf/blowfish.h
 	$(CP) $(SRC_D)/crypto/bf/blowfish.h $(INC_D)/blowfish.h
 
+$(INC_D)/cast.h: $(SRC_D)/crypto/cast/cast.h
+	$(CP) $(SRC_D)/crypto/cast/cast.h $(INC_D)/cast.h
+
 $(INC_D)/bn.h: $(SRC_D)/crypto/bn/bn.h
 	$(CP) $(SRC_D)/crypto/bn/bn.h $(INC_D)/bn.h
 
@@ -416,6 +489,9 @@ $(INC_D)/buffer.h: $(SRC_D)/crypto/buffer/buffer.h
 $(INC_D)/bio.h: $(SRC_D)/crypto/bio/bio.h
 	$(CP) $(SRC_D)/crypto/bio/bio.h $(INC_D)/bio.h
 
+$(INC_D)/bss_file.c: $(SRC_D)/crypto/bio/bss_file.c
+	$(CP) $(SRC_D)/crypto/bio/bss_file.c $(INC_D)/bss_file.c
+
 $(INC_D)/stack.h: $(SRC_D)/crypto/stack/stack.h
 	$(CP) $(SRC_D)/crypto/stack/stack.h $(INC_D)/stack.h
 
@@ -470,11 +546,14 @@ $(INC_D)/ssl3.h: $(SRC_D)/ssl/ssl3.h
 $(INC_D)/ssl23.h: $(SRC_D)/ssl/ssl23.h
 	$(CP) $(SRC_D)/ssl/ssl23.h $(INC_D)/ssl23.h
 
-$(OBJ_D)/md2test.o: $(SRC_D)/crypto/md/md2test.c
-	$(CC) -o $(OBJ_D)/md2test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/md/md2test.c
+$(INC_D)/tls1.h: $(SRC_D)/ssl/tls1.h
+	$(CP) $(SRC_D)/ssl/tls1.h $(INC_D)/tls1.h
+
+$(OBJ_D)/md2test.o: $(SRC_D)/crypto/md2/md2test.c
+	$(CC) -o $(OBJ_D)/md2test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/md2/md2test.c
 
-$(OBJ_D)/md5test.o: $(SRC_D)/crypto/md/md5test.c
-	$(CC) -o $(OBJ_D)/md5test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/md/md5test.c
+$(OBJ_D)/md5test.o: $(SRC_D)/crypto/md5/md5test.c
+	$(CC) -o $(OBJ_D)/md5test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/md5/md5test.c
 
 $(OBJ_D)/shatest.o: $(SRC_D)/crypto/sha/shatest.c
 	$(CC) -o $(OBJ_D)/shatest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/sha/shatest.c
@@ -485,14 +564,23 @@ $(OBJ_D)/sha1test.o: $(SRC_D)/crypto/sha/sha1test.c
 $(OBJ_D)/mdc2test.o: $(SRC_D)/crypto/mdc2/mdc2test.c
 	$(CC) -o $(OBJ_D)/mdc2test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/mdc2/mdc2test.c
 
+$(OBJ_D)/hmactest.o: $(SRC_D)/crypto/hmac/hmactest.c
+	$(CC) -o $(OBJ_D)/hmactest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/hmac/hmactest.c
+
+$(OBJ_D)/rmdtest.o: $(SRC_D)/crypto/ripemd/rmdtest.c
+	$(CC) -o $(OBJ_D)/rmdtest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/ripemd/rmdtest.c
+
 $(OBJ_D)/destest.o: $(SRC_D)/crypto/des/destest.c
 	$(CC) -o $(OBJ_D)/destest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/des/destest.c
 
+$(OBJ_D)/rc2test.o: $(SRC_D)/crypto/rc2/rc2test.c
+	$(CC) -o $(OBJ_D)/rc2test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2test.c
+
 $(OBJ_D)/rc4test.o: $(SRC_D)/crypto/rc4/rc4test.c
 	$(CC) -o $(OBJ_D)/rc4test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/rc4/rc4test.c
 
-$(OBJ_D)/rc2test.o: $(SRC_D)/crypto/rc2/rc2test.c
-	$(CC) -o $(OBJ_D)/rc2test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2test.c
+$(OBJ_D)/rc5test.o: $(SRC_D)/crypto/rc5/rc5test.c
+	$(CC) -o $(OBJ_D)/rc5test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/rc5/rc5test.c
 
 $(OBJ_D)/ideatest.o: $(SRC_D)/crypto/idea/ideatest.c
 	$(CC) -o $(OBJ_D)/ideatest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/idea/ideatest.c
@@ -500,6 +588,9 @@ $(OBJ_D)/ideatest.o: $(SRC_D)/crypto/idea/ideatest.c
 $(OBJ_D)/bftest.o: $(SRC_D)/crypto/bf/bftest.c
 	$(CC) -o $(OBJ_D)/bftest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/bf/bftest.c
 
+$(OBJ_D)/casttest.o: $(SRC_D)/crypto/cast/casttest.c
+	$(CC) -o $(OBJ_D)/casttest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/cast/casttest.c
+
 $(OBJ_D)/bntest.o: $(SRC_D)/crypto/bn/bntest.c
 	$(CC) -o $(OBJ_D)/bntest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/bn/bntest.c
 
@@ -545,9 +636,6 @@ $(OBJ_D)/errstr.o: $(SRC_D)/apps/errstr.c
 $(OBJ_D)/ca.o: $(SRC_D)/apps/ca.c
 	$(CC) -o $(OBJ_D)/ca.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/ca.c
 
-$(OBJ_D)/gendsa.o: $(SRC_D)/apps/gendsa.c
-	$(CC) -o $(OBJ_D)/gendsa.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/gendsa.c
-
 $(OBJ_D)/pkcs7.o: $(SRC_D)/apps/pkcs7.c
 	$(CC) -o $(OBJ_D)/pkcs7.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/pkcs7.c
 
@@ -606,907 +694,1012 @@ $(OBJ_D)/ssleay.o: $(SRC_D)/apps/ssleay.c
 	$(CC) -o $(OBJ_D)/ssleay.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/ssleay.c
 
 $(OBJ_D)/cryptlib.o: $(SRC_D)/crypto/cryptlib.c
-	$(CC) -o $(OBJ_D)/cryptlib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/cryptlib.c
+	$(CC) -o $(OBJ_D)/cryptlib.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/cryptlib.c
 
 $(OBJ_D)/mem.o: $(SRC_D)/crypto/mem.c
-	$(CC) -o $(OBJ_D)/mem.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/mem.c
+	$(CC) -o $(OBJ_D)/mem.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/mem.c
 
 $(OBJ_D)/cversion.o: $(SRC_D)/crypto/cversion.c
-	$(CC) -o $(OBJ_D)/cversion.o $(LIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -c $(SRC_D)/crypto/cversion.c
+	$(CC) -o $(OBJ_D)/cversion.o  $(LIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -c $(SRC_D)/crypto/cversion.c
+
+$(OBJ_D)/ex_data.o: $(SRC_D)/crypto/ex_data.c
+	$(CC) -o $(OBJ_D)/ex_data.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/ex_data.c
 
-$(OBJ_D)/md2_dgst.o: $(SRC_D)/crypto/md/md2_dgst.c
-	$(CC) -o $(OBJ_D)/md2_dgst.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/md/md2_dgst.c
+$(OBJ_D)/cpt_err.o: $(SRC_D)/crypto/cpt_err.c
+	$(CC) -o $(OBJ_D)/cpt_err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/cpt_err.c
 
-$(OBJ_D)/md5_dgst.o: $(SRC_D)/crypto/md/md5_dgst.c
-	$(CC) -o $(OBJ_D)/md5_dgst.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/md/md5_dgst.c
+$(OBJ_D)/md2_dgst.o: $(SRC_D)/crypto/md2/md2_dgst.c
+	$(CC) -o $(OBJ_D)/md2_dgst.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/md2/md2_dgst.c
 
-$(OBJ_D)/md2_one.o: $(SRC_D)/crypto/md/md2_one.c
-	$(CC) -o $(OBJ_D)/md2_one.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/md/md2_one.c
+$(OBJ_D)/md2_one.o: $(SRC_D)/crypto/md2/md2_one.c
+	$(CC) -o $(OBJ_D)/md2_one.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/md2/md2_one.c
 
-$(OBJ_D)/md5_one.o: $(SRC_D)/crypto/md/md5_one.c
-	$(CC) -o $(OBJ_D)/md5_one.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/md/md5_one.c
+$(OBJ_D)/md5_dgst.o: $(SRC_D)/crypto/md5/md5_dgst.c
+	$(CC) -o $(OBJ_D)/md5_dgst.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/md5/md5_dgst.c
+
+$(OBJ_D)/md5_one.o: $(SRC_D)/crypto/md5/md5_one.c
+	$(CC) -o $(OBJ_D)/md5_one.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/md5/md5_one.c
 
 $(OBJ_D)/sha_dgst.o: $(SRC_D)/crypto/sha/sha_dgst.c
-	$(CC) -o $(OBJ_D)/sha_dgst.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/sha/sha_dgst.c
+	$(CC) -o $(OBJ_D)/sha_dgst.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/sha/sha_dgst.c
 
 $(OBJ_D)/sha1dgst.o: $(SRC_D)/crypto/sha/sha1dgst.c
-	$(CC) -o $(OBJ_D)/sha1dgst.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/sha/sha1dgst.c
+	$(CC) -o $(OBJ_D)/sha1dgst.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/sha/sha1dgst.c
 
 $(OBJ_D)/sha_one.o: $(SRC_D)/crypto/sha/sha_one.c
-	$(CC) -o $(OBJ_D)/sha_one.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/sha/sha_one.c
+	$(CC) -o $(OBJ_D)/sha_one.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/sha/sha_one.c
 
 $(OBJ_D)/sha1_one.o: $(SRC_D)/crypto/sha/sha1_one.c
-	$(CC) -o $(OBJ_D)/sha1_one.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/sha/sha1_one.c
+	$(CC) -o $(OBJ_D)/sha1_one.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/sha/sha1_one.c
 
 $(OBJ_D)/mdc2dgst.o: $(SRC_D)/crypto/mdc2/mdc2dgst.c
-	$(CC) -o $(OBJ_D)/mdc2dgst.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/mdc2/mdc2dgst.c
+	$(CC) -o $(OBJ_D)/mdc2dgst.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/mdc2/mdc2dgst.c
 
 $(OBJ_D)/mdc2_one.o: $(SRC_D)/crypto/mdc2/mdc2_one.c
-	$(CC) -o $(OBJ_D)/mdc2_one.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/mdc2/mdc2_one.c
+	$(CC) -o $(OBJ_D)/mdc2_one.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/mdc2/mdc2_one.c
+
+$(OBJ_D)/hmac.o: $(SRC_D)/crypto/hmac/hmac.c
+	$(CC) -o $(OBJ_D)/hmac.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/hmac/hmac.c
+
+$(OBJ_D)/rmd_dgst.o: $(SRC_D)/crypto/ripemd/rmd_dgst.c
+	$(CC) -o $(OBJ_D)/rmd_dgst.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/ripemd/rmd_dgst.c
+
+$(OBJ_D)/rmd_one.o: $(SRC_D)/crypto/ripemd/rmd_one.c
+	$(CC) -o $(OBJ_D)/rmd_one.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/ripemd/rmd_one.c
 
 $(OBJ_D)/set_key.o: $(SRC_D)/crypto/des/set_key.c
-	$(CC) -o $(OBJ_D)/set_key.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/set_key.c
+	$(CC) -o $(OBJ_D)/set_key.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/set_key.c
 
 $(OBJ_D)/ecb_enc.o: $(SRC_D)/crypto/des/ecb_enc.c
-	$(CC) -o $(OBJ_D)/ecb_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ecb_enc.c
-
-$(OBJ_D)/ede_enc.o: $(SRC_D)/crypto/des/ede_enc.c
-	$(CC) -o $(OBJ_D)/ede_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ede_enc.c
+	$(CC) -o $(OBJ_D)/ecb_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ecb_enc.c
 
 $(OBJ_D)/cbc_enc.o: $(SRC_D)/crypto/des/cbc_enc.c
-	$(CC) -o $(OBJ_D)/cbc_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cbc_enc.c
-
-$(OBJ_D)/cbc3_enc.o: $(SRC_D)/crypto/des/cbc3_enc.c
-	$(CC) -o $(OBJ_D)/cbc3_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cbc3_enc.c
+	$(CC) -o $(OBJ_D)/cbc_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cbc_enc.c
 
 $(OBJ_D)/ecb3_enc.o: $(SRC_D)/crypto/des/ecb3_enc.c
-	$(CC) -o $(OBJ_D)/ecb3_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ecb3_enc.c
+	$(CC) -o $(OBJ_D)/ecb3_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ecb3_enc.c
 
 $(OBJ_D)/cfb64enc.o: $(SRC_D)/crypto/des/cfb64enc.c
-	$(CC) -o $(OBJ_D)/cfb64enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cfb64enc.c
+	$(CC) -o $(OBJ_D)/cfb64enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cfb64enc.c
 
 $(OBJ_D)/cfb64ede.o: $(SRC_D)/crypto/des/cfb64ede.c
-	$(CC) -o $(OBJ_D)/cfb64ede.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cfb64ede.c
+	$(CC) -o $(OBJ_D)/cfb64ede.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cfb64ede.c
 
 $(OBJ_D)/cfb_enc.o: $(SRC_D)/crypto/des/cfb_enc.c
-	$(CC) -o $(OBJ_D)/cfb_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cfb_enc.c
+	$(CC) -o $(OBJ_D)/cfb_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cfb_enc.c
 
 $(OBJ_D)/ofb64ede.o: $(SRC_D)/crypto/des/ofb64ede.c
-	$(CC) -o $(OBJ_D)/ofb64ede.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ofb64ede.c
+	$(CC) -o $(OBJ_D)/ofb64ede.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ofb64ede.c
 
 $(OBJ_D)/enc_read.o: $(SRC_D)/crypto/des/enc_read.c
-	$(CC) -o $(OBJ_D)/enc_read.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/enc_read.c
+	$(CC) -o $(OBJ_D)/enc_read.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/enc_read.c
 
 $(OBJ_D)/enc_writ.o: $(SRC_D)/crypto/des/enc_writ.c
-	$(CC) -o $(OBJ_D)/enc_writ.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/enc_writ.c
-
-$(OBJ_D)/ncbc_enc.o: $(SRC_D)/crypto/des/ncbc_enc.c
-	$(CC) -o $(OBJ_D)/ncbc_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ncbc_enc.c
+	$(CC) -o $(OBJ_D)/enc_writ.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/enc_writ.c
 
 $(OBJ_D)/ofb64enc.o: $(SRC_D)/crypto/des/ofb64enc.c
-	$(CC) -o $(OBJ_D)/ofb64enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ofb64enc.c
+	$(CC) -o $(OBJ_D)/ofb64enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ofb64enc.c
 
 $(OBJ_D)/ofb_enc.o: $(SRC_D)/crypto/des/ofb_enc.c
-	$(CC) -o $(OBJ_D)/ofb_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ofb_enc.c
+	$(CC) -o $(OBJ_D)/ofb_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ofb_enc.c
 
 $(OBJ_D)/str2key.o: $(SRC_D)/crypto/des/str2key.c
-	$(CC) -o $(OBJ_D)/str2key.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/str2key.c
+	$(CC) -o $(OBJ_D)/str2key.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/str2key.c
 
 $(OBJ_D)/pcbc_enc.o: $(SRC_D)/crypto/des/pcbc_enc.c
-	$(CC) -o $(OBJ_D)/pcbc_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/pcbc_enc.c
+	$(CC) -o $(OBJ_D)/pcbc_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/pcbc_enc.c
 
 $(OBJ_D)/qud_cksm.o: $(SRC_D)/crypto/des/qud_cksm.c
-	$(CC) -o $(OBJ_D)/qud_cksm.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/qud_cksm.c
+	$(CC) -o $(OBJ_D)/qud_cksm.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/qud_cksm.c
 
 $(OBJ_D)/rand_key.o: $(SRC_D)/crypto/des/rand_key.c
-	$(CC) -o $(OBJ_D)/rand_key.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/rand_key.c
+	$(CC) -o $(OBJ_D)/rand_key.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/rand_key.c
 
 $(OBJ_D)/des_enc.o: $(SRC_D)/crypto/des/des_enc.c
-	$(CC) -o $(OBJ_D)/des_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/des_enc.c
+	$(CC) -o $(OBJ_D)/des_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/des_enc.c
 
 $(OBJ_D)/fcrypt_b.o: $(SRC_D)/crypto/des/fcrypt_b.c
-	$(CC) -o $(OBJ_D)/fcrypt_b.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/fcrypt_b.c
+	$(CC) -o $(OBJ_D)/fcrypt_b.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/fcrypt_b.c
 
 $(OBJ_D)/read2pwd.o: $(SRC_D)/crypto/des/read2pwd.c
-	$(CC) -o $(OBJ_D)/read2pwd.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/read2pwd.c
+	$(CC) -o $(OBJ_D)/read2pwd.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/read2pwd.c
 
 $(OBJ_D)/fcrypt.o: $(SRC_D)/crypto/des/fcrypt.c
-	$(CC) -o $(OBJ_D)/fcrypt.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/fcrypt.c
+	$(CC) -o $(OBJ_D)/fcrypt.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/fcrypt.c
 
 $(OBJ_D)/xcbc_enc.o: $(SRC_D)/crypto/des/xcbc_enc.c
-	$(CC) -o $(OBJ_D)/xcbc_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/xcbc_enc.c
+	$(CC) -o $(OBJ_D)/xcbc_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/xcbc_enc.c
 
 $(OBJ_D)/read_pwd.o: $(SRC_D)/crypto/des/read_pwd.c
-	$(CC) -o $(OBJ_D)/read_pwd.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/read_pwd.c
+	$(CC) -o $(OBJ_D)/read_pwd.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/read_pwd.c
 
 $(OBJ_D)/rpc_enc.o: $(SRC_D)/crypto/des/rpc_enc.c
-	$(CC) -o $(OBJ_D)/rpc_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/rpc_enc.c
+	$(CC) -o $(OBJ_D)/rpc_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/rpc_enc.c
 
 $(OBJ_D)/cbc_cksm.o: $(SRC_D)/crypto/des/cbc_cksm.c
-	$(CC) -o $(OBJ_D)/cbc_cksm.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cbc_cksm.c
+	$(CC) -o $(OBJ_D)/cbc_cksm.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cbc_cksm.c
 
 $(OBJ_D)/supp.o: $(SRC_D)/crypto/des/supp.c
-	$(CC) -o $(OBJ_D)/supp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/supp.c
-
-$(OBJ_D)/rc4_enc.o: $(SRC_D)/crypto/rc4/rc4_enc.c
-	$(CC) -o $(OBJ_D)/rc4_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc4/rc4_enc.c
+	$(CC) -o $(OBJ_D)/supp.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/supp.c
 
 $(OBJ_D)/rc2_ecb.o: $(SRC_D)/crypto/rc2/rc2_ecb.c
-	$(CC) -o $(OBJ_D)/rc2_ecb.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2_ecb.c
+	$(CC) -o $(OBJ_D)/rc2_ecb.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2_ecb.c
 
 $(OBJ_D)/rc2_skey.o: $(SRC_D)/crypto/rc2/rc2_skey.c
-	$(CC) -o $(OBJ_D)/rc2_skey.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2_skey.c
+	$(CC) -o $(OBJ_D)/rc2_skey.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2_skey.c
 
 $(OBJ_D)/rc2_cbc.o: $(SRC_D)/crypto/rc2/rc2_cbc.c
-	$(CC) -o $(OBJ_D)/rc2_cbc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2_cbc.c
+	$(CC) -o $(OBJ_D)/rc2_cbc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2_cbc.c
 
 $(OBJ_D)/rc2cfb64.o: $(SRC_D)/crypto/rc2/rc2cfb64.c
-	$(CC) -o $(OBJ_D)/rc2cfb64.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2cfb64.c
+	$(CC) -o $(OBJ_D)/rc2cfb64.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2cfb64.c
 
 $(OBJ_D)/rc2ofb64.o: $(SRC_D)/crypto/rc2/rc2ofb64.c
-	$(CC) -o $(OBJ_D)/rc2ofb64.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2ofb64.c
+	$(CC) -o $(OBJ_D)/rc2ofb64.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2ofb64.c
+
+$(OBJ_D)/rc4_skey.o: $(SRC_D)/crypto/rc4/rc4_skey.c
+	$(CC) -o $(OBJ_D)/rc4_skey.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc4/rc4_skey.c
+
+$(OBJ_D)/rc4_enc.o: $(SRC_D)/crypto/rc4/rc4_enc.c
+	$(CC) -o $(OBJ_D)/rc4_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc4/rc4_enc.c
+
+$(OBJ_D)/rc5_skey.o: $(SRC_D)/crypto/rc5/rc5_skey.c
+	$(CC) -o $(OBJ_D)/rc5_skey.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc5/rc5_skey.c
+
+$(OBJ_D)/rc5_ecb.o: $(SRC_D)/crypto/rc5/rc5_ecb.c
+	$(CC) -o $(OBJ_D)/rc5_ecb.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc5/rc5_ecb.c
+
+$(OBJ_D)/rc5_enc.o: $(SRC_D)/crypto/rc5/rc5_enc.c
+	$(CC) -o $(OBJ_D)/rc5_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc5/rc5_enc.c
+
+$(OBJ_D)/rc5cfb64.o: $(SRC_D)/crypto/rc5/rc5cfb64.c
+	$(CC) -o $(OBJ_D)/rc5cfb64.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc5/rc5cfb64.c
+
+$(OBJ_D)/rc5ofb64.o: $(SRC_D)/crypto/rc5/rc5ofb64.c
+	$(CC) -o $(OBJ_D)/rc5ofb64.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc5/rc5ofb64.c
 
 $(OBJ_D)/i_cbc.o: $(SRC_D)/crypto/idea/i_cbc.c
-	$(CC) -o $(OBJ_D)/i_cbc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_cbc.c
+	$(CC) -o $(OBJ_D)/i_cbc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_cbc.c
 
 $(OBJ_D)/i_cfb64.o: $(SRC_D)/crypto/idea/i_cfb64.c
-	$(CC) -o $(OBJ_D)/i_cfb64.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_cfb64.c
+	$(CC) -o $(OBJ_D)/i_cfb64.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_cfb64.c
 
 $(OBJ_D)/i_ofb64.o: $(SRC_D)/crypto/idea/i_ofb64.c
-	$(CC) -o $(OBJ_D)/i_ofb64.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_ofb64.c
+	$(CC) -o $(OBJ_D)/i_ofb64.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_ofb64.c
 
 $(OBJ_D)/i_ecb.o: $(SRC_D)/crypto/idea/i_ecb.c
-	$(CC) -o $(OBJ_D)/i_ecb.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_ecb.c
+	$(CC) -o $(OBJ_D)/i_ecb.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_ecb.c
 
 $(OBJ_D)/i_skey.o: $(SRC_D)/crypto/idea/i_skey.c
-	$(CC) -o $(OBJ_D)/i_skey.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_skey.c
+	$(CC) -o $(OBJ_D)/i_skey.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_skey.c
 
 $(OBJ_D)/bf_skey.o: $(SRC_D)/crypto/bf/bf_skey.c
-	$(CC) -o $(OBJ_D)/bf_skey.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_skey.c
+	$(CC) -o $(OBJ_D)/bf_skey.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_skey.c
 
 $(OBJ_D)/bf_ecb.o: $(SRC_D)/crypto/bf/bf_ecb.c
-	$(CC) -o $(OBJ_D)/bf_ecb.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_ecb.c
+	$(CC) -o $(OBJ_D)/bf_ecb.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_ecb.c
 
 $(OBJ_D)/bf_enc.o: $(SRC_D)/crypto/bf/bf_enc.c
-	$(CC) -o $(OBJ_D)/bf_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_enc.c
-
-$(OBJ_D)/bf_cbc.o: $(SRC_D)/crypto/bf/bf_cbc.c
-	$(CC) -o $(OBJ_D)/bf_cbc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_cbc.c
+	$(CC) -o $(OBJ_D)/bf_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_enc.c
 
 $(OBJ_D)/bf_cfb64.o: $(SRC_D)/crypto/bf/bf_cfb64.c
-	$(CC) -o $(OBJ_D)/bf_cfb64.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_cfb64.c
+	$(CC) -o $(OBJ_D)/bf_cfb64.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_cfb64.c
 
 $(OBJ_D)/bf_ofb64.o: $(SRC_D)/crypto/bf/bf_ofb64.c
-	$(CC) -o $(OBJ_D)/bf_ofb64.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_ofb64.c
+	$(CC) -o $(OBJ_D)/bf_ofb64.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_ofb64.c
+
+$(OBJ_D)/c_skey.o: $(SRC_D)/crypto/cast/c_skey.c
+	$(CC) -o $(OBJ_D)/c_skey.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/cast/c_skey.c
+
+$(OBJ_D)/c_ecb.o: $(SRC_D)/crypto/cast/c_ecb.c
+	$(CC) -o $(OBJ_D)/c_ecb.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/cast/c_ecb.c
+
+$(OBJ_D)/c_enc.o: $(SRC_D)/crypto/cast/c_enc.c
+	$(CC) -o $(OBJ_D)/c_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/cast/c_enc.c
+
+$(OBJ_D)/c_cfb64.o: $(SRC_D)/crypto/cast/c_cfb64.c
+	$(CC) -o $(OBJ_D)/c_cfb64.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/cast/c_cfb64.c
+
+$(OBJ_D)/c_ofb64.o: $(SRC_D)/crypto/cast/c_ofb64.c
+	$(CC) -o $(OBJ_D)/c_ofb64.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/cast/c_ofb64.c
 
 $(OBJ_D)/bn_add.o: $(SRC_D)/crypto/bn/bn_add.c
-	$(CC) -o $(OBJ_D)/bn_add.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_add.c
+	$(CC) -o $(OBJ_D)/bn_add.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_add.c
 
 $(OBJ_D)/bn_div.o: $(SRC_D)/crypto/bn/bn_div.c
-	$(CC) -o $(OBJ_D)/bn_div.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_div.c
+	$(CC) -o $(OBJ_D)/bn_div.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_div.c
 
 $(OBJ_D)/bn_exp.o: $(SRC_D)/crypto/bn/bn_exp.c
-	$(CC) -o $(OBJ_D)/bn_exp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_exp.c
+	$(CC) -o $(OBJ_D)/bn_exp.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_exp.c
 
 $(OBJ_D)/bn_lib.o: $(SRC_D)/crypto/bn/bn_lib.c
-	$(CC) -o $(OBJ_D)/bn_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_lib.c
+	$(CC) -o $(OBJ_D)/bn_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_lib.c
 
 $(OBJ_D)/bn_mod.o: $(SRC_D)/crypto/bn/bn_mod.c
-	$(CC) -o $(OBJ_D)/bn_mod.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mod.c
+	$(CC) -o $(OBJ_D)/bn_mod.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mod.c
 
 $(OBJ_D)/bn_mul.o: $(SRC_D)/crypto/bn/bn_mul.c
-	$(CC) -o $(OBJ_D)/bn_mul.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mul.c
+	$(CC) -o $(OBJ_D)/bn_mul.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mul.c
 
 $(OBJ_D)/bn_print.o: $(SRC_D)/crypto/bn/bn_print.c
-	$(CC) -o $(OBJ_D)/bn_print.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_print.c
+	$(CC) -o $(OBJ_D)/bn_print.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_print.c
 
 $(OBJ_D)/bn_rand.o: $(SRC_D)/crypto/bn/bn_rand.c
-	$(CC) -o $(OBJ_D)/bn_rand.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_rand.c
+	$(CC) -o $(OBJ_D)/bn_rand.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_rand.c
 
 $(OBJ_D)/bn_shift.o: $(SRC_D)/crypto/bn/bn_shift.c
-	$(CC) -o $(OBJ_D)/bn_shift.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_shift.c
+	$(CC) -o $(OBJ_D)/bn_shift.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_shift.c
 
 $(OBJ_D)/bn_sub.o: $(SRC_D)/crypto/bn/bn_sub.c
-	$(CC) -o $(OBJ_D)/bn_sub.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_sub.c
+	$(CC) -o $(OBJ_D)/bn_sub.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_sub.c
 
 $(OBJ_D)/bn_word.o: $(SRC_D)/crypto/bn/bn_word.c
-	$(CC) -o $(OBJ_D)/bn_word.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_word.c
+	$(CC) -o $(OBJ_D)/bn_word.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_word.c
+
+$(OBJ_D)/bn_blind.o: $(SRC_D)/crypto/bn/bn_blind.c
+	$(CC) -o $(OBJ_D)/bn_blind.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_blind.c
 
 $(OBJ_D)/bn_gcd.o: $(SRC_D)/crypto/bn/bn_gcd.c
-	$(CC) -o $(OBJ_D)/bn_gcd.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_gcd.c
+	$(CC) -o $(OBJ_D)/bn_gcd.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_gcd.c
 
 $(OBJ_D)/bn_prime.o: $(SRC_D)/crypto/bn/bn_prime.c
-	$(CC) -o $(OBJ_D)/bn_prime.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_prime.c
+	$(CC) -o $(OBJ_D)/bn_prime.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_prime.c
 
 $(OBJ_D)/bn_err.o: $(SRC_D)/crypto/bn/bn_err.c
-	$(CC) -o $(OBJ_D)/bn_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_err.c
+	$(CC) -o $(OBJ_D)/bn_err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_err.c
 
 $(OBJ_D)/bn_sqr.o: $(SRC_D)/crypto/bn/bn_sqr.c
-	$(CC) -o $(OBJ_D)/bn_sqr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_sqr.c
+	$(CC) -o $(OBJ_D)/bn_sqr.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_sqr.c
 
 $(OBJ_D)/bn_mulw.o: $(SRC_D)/crypto/bn/bn_mulw.c
-	$(CC) -o $(OBJ_D)/bn_mulw.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mulw.c
+	$(CC) -o $(OBJ_D)/bn_mulw.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mulw.c
 
 $(OBJ_D)/bn_recp.o: $(SRC_D)/crypto/bn/bn_recp.c
-	$(CC) -o $(OBJ_D)/bn_recp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_recp.c
+	$(CC) -o $(OBJ_D)/bn_recp.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_recp.c
 
 $(OBJ_D)/bn_mont.o: $(SRC_D)/crypto/bn/bn_mont.c
-	$(CC) -o $(OBJ_D)/bn_mont.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mont.c
+	$(CC) -o $(OBJ_D)/bn_mont.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mont.c
 
-$(OBJ_D)/rsa_enc.o: $(SRC_D)/crypto/rsa/rsa_enc.c
-	$(CC) -o $(OBJ_D)/rsa_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_enc.c
+$(OBJ_D)/bn_mpi.o: $(SRC_D)/crypto/bn/bn_mpi.c
+	$(CC) -o $(OBJ_D)/bn_mpi.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mpi.c
+
+$(OBJ_D)/rsa_eay.o: $(SRC_D)/crypto/rsa/rsa_eay.c
+	$(CC) -o $(OBJ_D)/rsa_eay.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_eay.c
 
 $(OBJ_D)/rsa_gen.o: $(SRC_D)/crypto/rsa/rsa_gen.c
-	$(CC) -o $(OBJ_D)/rsa_gen.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_gen.c
+	$(CC) -o $(OBJ_D)/rsa_gen.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_gen.c
 
 $(OBJ_D)/rsa_lib.o: $(SRC_D)/crypto/rsa/rsa_lib.c
-	$(CC) -o $(OBJ_D)/rsa_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_lib.c
+	$(CC) -o $(OBJ_D)/rsa_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_lib.c
 
 $(OBJ_D)/rsa_sign.o: $(SRC_D)/crypto/rsa/rsa_sign.c
-	$(CC) -o $(OBJ_D)/rsa_sign.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_sign.c
+	$(CC) -o $(OBJ_D)/rsa_sign.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_sign.c
 
 $(OBJ_D)/rsa_saos.o: $(SRC_D)/crypto/rsa/rsa_saos.c
-	$(CC) -o $(OBJ_D)/rsa_saos.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_saos.c
+	$(CC) -o $(OBJ_D)/rsa_saos.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_saos.c
 
 $(OBJ_D)/rsa_err.o: $(SRC_D)/crypto/rsa/rsa_err.c
-	$(CC) -o $(OBJ_D)/rsa_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_err.c
+	$(CC) -o $(OBJ_D)/rsa_err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_err.c
+
+$(OBJ_D)/rsa_pk1.o: $(SRC_D)/crypto/rsa/rsa_pk1.c
+	$(CC) -o $(OBJ_D)/rsa_pk1.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_pk1.c
+
+$(OBJ_D)/rsa_ssl.o: $(SRC_D)/crypto/rsa/rsa_ssl.c
+	$(CC) -o $(OBJ_D)/rsa_ssl.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_ssl.c
+
+$(OBJ_D)/rsa_none.o: $(SRC_D)/crypto/rsa/rsa_none.c
+	$(CC) -o $(OBJ_D)/rsa_none.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_none.c
 
 $(OBJ_D)/dsa_gen.o: $(SRC_D)/crypto/dsa/dsa_gen.c
-	$(CC) -o $(OBJ_D)/dsa_gen.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_gen.c
+	$(CC) -o $(OBJ_D)/dsa_gen.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_gen.c
 
 $(OBJ_D)/dsa_key.o: $(SRC_D)/crypto/dsa/dsa_key.c
-	$(CC) -o $(OBJ_D)/dsa_key.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_key.c
+	$(CC) -o $(OBJ_D)/dsa_key.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_key.c
 
 $(OBJ_D)/dsa_lib.o: $(SRC_D)/crypto/dsa/dsa_lib.c
-	$(CC) -o $(OBJ_D)/dsa_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_lib.c
+	$(CC) -o $(OBJ_D)/dsa_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_lib.c
 
 $(OBJ_D)/dsa_vrf.o: $(SRC_D)/crypto/dsa/dsa_vrf.c
-	$(CC) -o $(OBJ_D)/dsa_vrf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_vrf.c
+	$(CC) -o $(OBJ_D)/dsa_vrf.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_vrf.c
 
 $(OBJ_D)/dsa_sign.o: $(SRC_D)/crypto/dsa/dsa_sign.c
-	$(CC) -o $(OBJ_D)/dsa_sign.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_sign.c
+	$(CC) -o $(OBJ_D)/dsa_sign.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_sign.c
 
 $(OBJ_D)/dsa_err.o: $(SRC_D)/crypto/dsa/dsa_err.c
-	$(CC) -o $(OBJ_D)/dsa_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_err.c
+	$(CC) -o $(OBJ_D)/dsa_err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_err.c
 
 $(OBJ_D)/dh_gen.o: $(SRC_D)/crypto/dh/dh_gen.c
-	$(CC) -o $(OBJ_D)/dh_gen.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_gen.c
+	$(CC) -o $(OBJ_D)/dh_gen.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_gen.c
 
 $(OBJ_D)/dh_key.o: $(SRC_D)/crypto/dh/dh_key.c
-	$(CC) -o $(OBJ_D)/dh_key.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_key.c
+	$(CC) -o $(OBJ_D)/dh_key.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_key.c
 
 $(OBJ_D)/dh_lib.o: $(SRC_D)/crypto/dh/dh_lib.c
-	$(CC) -o $(OBJ_D)/dh_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_lib.c
+	$(CC) -o $(OBJ_D)/dh_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_lib.c
 
 $(OBJ_D)/dh_check.o: $(SRC_D)/crypto/dh/dh_check.c
-	$(CC) -o $(OBJ_D)/dh_check.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_check.c
+	$(CC) -o $(OBJ_D)/dh_check.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_check.c
 
 $(OBJ_D)/dh_err.o: $(SRC_D)/crypto/dh/dh_err.c
-	$(CC) -o $(OBJ_D)/dh_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_err.c
+	$(CC) -o $(OBJ_D)/dh_err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_err.c
 
 $(OBJ_D)/buffer.o: $(SRC_D)/crypto/buffer/buffer.c
-	$(CC) -o $(OBJ_D)/buffer.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/buffer/buffer.c
+	$(CC) -o $(OBJ_D)/buffer.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/buffer/buffer.c
 
 $(OBJ_D)/buf_err.o: $(SRC_D)/crypto/buffer/buf_err.c
-	$(CC) -o $(OBJ_D)/buf_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/buffer/buf_err.c
+	$(CC) -o $(OBJ_D)/buf_err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/buffer/buf_err.c
 
 $(OBJ_D)/bio_lib.o: $(SRC_D)/crypto/bio/bio_lib.c
-	$(CC) -o $(OBJ_D)/bio_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bio_lib.c
+	$(CC) -o $(OBJ_D)/bio_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bio_lib.c
 
 $(OBJ_D)/bio_cb.o: $(SRC_D)/crypto/bio/bio_cb.c
-	$(CC) -o $(OBJ_D)/bio_cb.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bio_cb.c
+	$(CC) -o $(OBJ_D)/bio_cb.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bio_cb.c
 
 $(OBJ_D)/bio_err.o: $(SRC_D)/crypto/bio/bio_err.c
-	$(CC) -o $(OBJ_D)/bio_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bio_err.c
+	$(CC) -o $(OBJ_D)/bio_err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bio_err.c
 
 $(OBJ_D)/bss_mem.o: $(SRC_D)/crypto/bio/bss_mem.c
-	$(CC) -o $(OBJ_D)/bss_mem.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_mem.c
+	$(CC) -o $(OBJ_D)/bss_mem.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_mem.c
 
 $(OBJ_D)/bss_null.o: $(SRC_D)/crypto/bio/bss_null.c
-	$(CC) -o $(OBJ_D)/bss_null.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_null.c
+	$(CC) -o $(OBJ_D)/bss_null.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_null.c
 
 $(OBJ_D)/bss_fd.o: $(SRC_D)/crypto/bio/bss_fd.c
-	$(CC) -o $(OBJ_D)/bss_fd.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_fd.c
+	$(CC) -o $(OBJ_D)/bss_fd.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_fd.c
 
 $(OBJ_D)/bss_file.o: $(SRC_D)/crypto/bio/bss_file.c
-	$(CC) -o $(OBJ_D)/bss_file.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_file.c
+	$(CC) -o $(OBJ_D)/bss_file.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_file.c
 
 $(OBJ_D)/bss_sock.o: $(SRC_D)/crypto/bio/bss_sock.c
-	$(CC) -o $(OBJ_D)/bss_sock.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_sock.c
+	$(CC) -o $(OBJ_D)/bss_sock.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_sock.c
 
 $(OBJ_D)/bss_conn.o: $(SRC_D)/crypto/bio/bss_conn.c
-	$(CC) -o $(OBJ_D)/bss_conn.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_conn.c
+	$(CC) -o $(OBJ_D)/bss_conn.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_conn.c
 
 $(OBJ_D)/bf_null.o: $(SRC_D)/crypto/bio/bf_null.c
-	$(CC) -o $(OBJ_D)/bf_null.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bf_null.c
+	$(CC) -o $(OBJ_D)/bf_null.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bf_null.c
 
 $(OBJ_D)/bf_buff.o: $(SRC_D)/crypto/bio/bf_buff.c
-	$(CC) -o $(OBJ_D)/bf_buff.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bf_buff.c
+	$(CC) -o $(OBJ_D)/bf_buff.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bf_buff.c
 
 $(OBJ_D)/b_print.o: $(SRC_D)/crypto/bio/b_print.c
-	$(CC) -o $(OBJ_D)/b_print.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/b_print.c
+	$(CC) -o $(OBJ_D)/b_print.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/b_print.c
 
 $(OBJ_D)/b_dump.o: $(SRC_D)/crypto/bio/b_dump.c
-	$(CC) -o $(OBJ_D)/b_dump.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/b_dump.c
+	$(CC) -o $(OBJ_D)/b_dump.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/b_dump.c
 
 $(OBJ_D)/b_sock.o: $(SRC_D)/crypto/bio/b_sock.c
-	$(CC) -o $(OBJ_D)/b_sock.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/b_sock.c
+	$(CC) -o $(OBJ_D)/b_sock.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/b_sock.c
 
 $(OBJ_D)/bss_acpt.o: $(SRC_D)/crypto/bio/bss_acpt.c
-	$(CC) -o $(OBJ_D)/bss_acpt.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_acpt.c
+	$(CC) -o $(OBJ_D)/bss_acpt.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_acpt.c
 
 $(OBJ_D)/bf_nbio.o: $(SRC_D)/crypto/bio/bf_nbio.c
-	$(CC) -o $(OBJ_D)/bf_nbio.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bf_nbio.c
+	$(CC) -o $(OBJ_D)/bf_nbio.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bf_nbio.c
 
 $(OBJ_D)/stack.o: $(SRC_D)/crypto/stack/stack.c
-	$(CC) -o $(OBJ_D)/stack.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/stack/stack.c
+	$(CC) -o $(OBJ_D)/stack.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/stack/stack.c
 
 $(OBJ_D)/lhash.o: $(SRC_D)/crypto/lhash/lhash.c
-	$(CC) -o $(OBJ_D)/lhash.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/lhash/lhash.c
+	$(CC) -o $(OBJ_D)/lhash.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/lhash/lhash.c
 
 $(OBJ_D)/lh_stats.o: $(SRC_D)/crypto/lhash/lh_stats.c
-	$(CC) -o $(OBJ_D)/lh_stats.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/lhash/lh_stats.c
+	$(CC) -o $(OBJ_D)/lh_stats.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/lhash/lh_stats.c
 
 $(OBJ_D)/md_rand.o: $(SRC_D)/crypto/rand/md_rand.c
-	$(CC) -o $(OBJ_D)/md_rand.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rand/md_rand.c
+	$(CC) -o $(OBJ_D)/md_rand.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rand/md_rand.c
 
 $(OBJ_D)/randfile.o: $(SRC_D)/crypto/rand/randfile.c
-	$(CC) -o $(OBJ_D)/randfile.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rand/randfile.c
+	$(CC) -o $(OBJ_D)/randfile.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/rand/randfile.c
 
 $(OBJ_D)/err.o: $(SRC_D)/crypto/err/err.c
-	$(CC) -o $(OBJ_D)/err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/err/err.c
+	$(CC) -o $(OBJ_D)/err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/err/err.c
 
 $(OBJ_D)/err_all.o: $(SRC_D)/crypto/err/err_all.c
-	$(CC) -o $(OBJ_D)/err_all.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/err/err_all.c
+	$(CC) -o $(OBJ_D)/err_all.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/err/err_all.c
 
 $(OBJ_D)/err_prn.o: $(SRC_D)/crypto/err/err_prn.c
-	$(CC) -o $(OBJ_D)/err_prn.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/err/err_prn.c
+	$(CC) -o $(OBJ_D)/err_prn.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/err/err_prn.c
 
 $(OBJ_D)/obj_dat.o: $(SRC_D)/crypto/objects/obj_dat.c
-	$(CC) -o $(OBJ_D)/obj_dat.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/objects/obj_dat.c
+	$(CC) -o $(OBJ_D)/obj_dat.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/objects/obj_dat.c
 
 $(OBJ_D)/obj_lib.o: $(SRC_D)/crypto/objects/obj_lib.c
-	$(CC) -o $(OBJ_D)/obj_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/objects/obj_lib.c
+	$(CC) -o $(OBJ_D)/obj_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/objects/obj_lib.c
 
 $(OBJ_D)/obj_err.o: $(SRC_D)/crypto/objects/obj_err.c
-	$(CC) -o $(OBJ_D)/obj_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/objects/obj_err.c
+	$(CC) -o $(OBJ_D)/obj_err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/objects/obj_err.c
 
 $(OBJ_D)/encode.o: $(SRC_D)/crypto/evp/encode.c
-	$(CC) -o $(OBJ_D)/encode.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/encode.c
+	$(CC) -o $(OBJ_D)/encode.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/encode.c
 
 $(OBJ_D)/digest.o: $(SRC_D)/crypto/evp/digest.c
-	$(CC) -o $(OBJ_D)/digest.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/digest.c
+	$(CC) -o $(OBJ_D)/digest.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/digest.c
 
 $(OBJ_D)/evp_enc.o: $(SRC_D)/crypto/evp/evp_enc.c
-	$(CC) -o $(OBJ_D)/evp_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/evp_enc.c
+	$(CC) -o $(OBJ_D)/evp_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/evp_enc.c
 
 $(OBJ_D)/evp_key.o: $(SRC_D)/crypto/evp/evp_key.c
-	$(CC) -o $(OBJ_D)/evp_key.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/evp_key.c
+	$(CC) -o $(OBJ_D)/evp_key.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/evp_key.c
 
 $(OBJ_D)/e_ecb_d.o: $(SRC_D)/crypto/evp/e_ecb_d.c
-	$(CC) -o $(OBJ_D)/e_ecb_d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_d.c
+	$(CC) -o $(OBJ_D)/e_ecb_d.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_d.c
 
 $(OBJ_D)/e_cbc_d.o: $(SRC_D)/crypto/evp/e_cbc_d.c
-	$(CC) -o $(OBJ_D)/e_cbc_d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_d.c
+	$(CC) -o $(OBJ_D)/e_cbc_d.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_d.c
 
 $(OBJ_D)/e_cfb_d.o: $(SRC_D)/crypto/evp/e_cfb_d.c
-	$(CC) -o $(OBJ_D)/e_cfb_d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_d.c
+	$(CC) -o $(OBJ_D)/e_cfb_d.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_d.c
 
 $(OBJ_D)/e_ofb_d.o: $(SRC_D)/crypto/evp/e_ofb_d.c
-	$(CC) -o $(OBJ_D)/e_ofb_d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_d.c
+	$(CC) -o $(OBJ_D)/e_ofb_d.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_d.c
 
 $(OBJ_D)/e_ecb_i.o: $(SRC_D)/crypto/evp/e_ecb_i.c
-	$(CC) -o $(OBJ_D)/e_ecb_i.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_i.c
+	$(CC) -o $(OBJ_D)/e_ecb_i.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_i.c
 
 $(OBJ_D)/e_cbc_i.o: $(SRC_D)/crypto/evp/e_cbc_i.c
-	$(CC) -o $(OBJ_D)/e_cbc_i.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_i.c
+	$(CC) -o $(OBJ_D)/e_cbc_i.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_i.c
 
 $(OBJ_D)/e_cfb_i.o: $(SRC_D)/crypto/evp/e_cfb_i.c
-	$(CC) -o $(OBJ_D)/e_cfb_i.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_i.c
+	$(CC) -o $(OBJ_D)/e_cfb_i.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_i.c
 
 $(OBJ_D)/e_ofb_i.o: $(SRC_D)/crypto/evp/e_ofb_i.c
-	$(CC) -o $(OBJ_D)/e_ofb_i.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_i.c
+	$(CC) -o $(OBJ_D)/e_ofb_i.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_i.c
 
 $(OBJ_D)/e_ecb_3d.o: $(SRC_D)/crypto/evp/e_ecb_3d.c
-	$(CC) -o $(OBJ_D)/e_ecb_3d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_3d.c
+	$(CC) -o $(OBJ_D)/e_ecb_3d.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_3d.c
 
 $(OBJ_D)/e_cbc_3d.o: $(SRC_D)/crypto/evp/e_cbc_3d.c
-	$(CC) -o $(OBJ_D)/e_cbc_3d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_3d.c
+	$(CC) -o $(OBJ_D)/e_cbc_3d.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_3d.c
 
 $(OBJ_D)/e_rc4.o: $(SRC_D)/crypto/evp/e_rc4.c
-	$(CC) -o $(OBJ_D)/e_rc4.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_rc4.c
+	$(CC) -o $(OBJ_D)/e_rc4.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_rc4.c
 
 $(OBJ_D)/names.o: $(SRC_D)/crypto/evp/names.c
-	$(CC) -o $(OBJ_D)/names.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/names.c
+	$(CC) -o $(OBJ_D)/names.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/names.c
 
 $(OBJ_D)/e_cfb_3d.o: $(SRC_D)/crypto/evp/e_cfb_3d.c
-	$(CC) -o $(OBJ_D)/e_cfb_3d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_3d.c
+	$(CC) -o $(OBJ_D)/e_cfb_3d.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_3d.c
 
 $(OBJ_D)/e_ofb_3d.o: $(SRC_D)/crypto/evp/e_ofb_3d.c
-	$(CC) -o $(OBJ_D)/e_ofb_3d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_3d.c
+	$(CC) -o $(OBJ_D)/e_ofb_3d.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_3d.c
 
 $(OBJ_D)/e_xcbc_d.o: $(SRC_D)/crypto/evp/e_xcbc_d.c
-	$(CC) -o $(OBJ_D)/e_xcbc_d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_xcbc_d.c
+	$(CC) -o $(OBJ_D)/e_xcbc_d.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_xcbc_d.c
 
 $(OBJ_D)/e_ecb_r2.o: $(SRC_D)/crypto/evp/e_ecb_r2.c
-	$(CC) -o $(OBJ_D)/e_ecb_r2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_r2.c
+	$(CC) -o $(OBJ_D)/e_ecb_r2.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_r2.c
 
 $(OBJ_D)/e_cbc_r2.o: $(SRC_D)/crypto/evp/e_cbc_r2.c
-	$(CC) -o $(OBJ_D)/e_cbc_r2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_r2.c
+	$(CC) -o $(OBJ_D)/e_cbc_r2.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_r2.c
 
 $(OBJ_D)/e_cfb_r2.o: $(SRC_D)/crypto/evp/e_cfb_r2.c
-	$(CC) -o $(OBJ_D)/e_cfb_r2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_r2.c
+	$(CC) -o $(OBJ_D)/e_cfb_r2.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_r2.c
 
 $(OBJ_D)/e_ofb_r2.o: $(SRC_D)/crypto/evp/e_ofb_r2.c
-	$(CC) -o $(OBJ_D)/e_ofb_r2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_r2.c
+	$(CC) -o $(OBJ_D)/e_ofb_r2.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_r2.c
 
 $(OBJ_D)/e_ecb_bf.o: $(SRC_D)/crypto/evp/e_ecb_bf.c
-	$(CC) -o $(OBJ_D)/e_ecb_bf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_bf.c
+	$(CC) -o $(OBJ_D)/e_ecb_bf.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_bf.c
 
 $(OBJ_D)/e_cbc_bf.o: $(SRC_D)/crypto/evp/e_cbc_bf.c
-	$(CC) -o $(OBJ_D)/e_cbc_bf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_bf.c
+	$(CC) -o $(OBJ_D)/e_cbc_bf.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_bf.c
 
 $(OBJ_D)/e_cfb_bf.o: $(SRC_D)/crypto/evp/e_cfb_bf.c
-	$(CC) -o $(OBJ_D)/e_cfb_bf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_bf.c
+	$(CC) -o $(OBJ_D)/e_cfb_bf.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_bf.c
 
 $(OBJ_D)/e_ofb_bf.o: $(SRC_D)/crypto/evp/e_ofb_bf.c
-	$(CC) -o $(OBJ_D)/e_ofb_bf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_bf.c
+	$(CC) -o $(OBJ_D)/e_ofb_bf.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_bf.c
+
+$(OBJ_D)/e_ecb_c.o: $(SRC_D)/crypto/evp/e_ecb_c.c
+	$(CC) -o $(OBJ_D)/e_ecb_c.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_c.c
+
+$(OBJ_D)/e_cbc_c.o: $(SRC_D)/crypto/evp/e_cbc_c.c
+	$(CC) -o $(OBJ_D)/e_cbc_c.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_c.c
+
+$(OBJ_D)/e_cfb_c.o: $(SRC_D)/crypto/evp/e_cfb_c.c
+	$(CC) -o $(OBJ_D)/e_cfb_c.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_c.c
+
+$(OBJ_D)/e_ofb_c.o: $(SRC_D)/crypto/evp/e_ofb_c.c
+	$(CC) -o $(OBJ_D)/e_ofb_c.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_c.c
+
+$(OBJ_D)/e_ecb_r5.o: $(SRC_D)/crypto/evp/e_ecb_r5.c
+	$(CC) -o $(OBJ_D)/e_ecb_r5.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_r5.c
+
+$(OBJ_D)/e_cbc_r5.o: $(SRC_D)/crypto/evp/e_cbc_r5.c
+	$(CC) -o $(OBJ_D)/e_cbc_r5.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_r5.c
+
+$(OBJ_D)/e_cfb_r5.o: $(SRC_D)/crypto/evp/e_cfb_r5.c
+	$(CC) -o $(OBJ_D)/e_cfb_r5.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_r5.c
+
+$(OBJ_D)/e_ofb_r5.o: $(SRC_D)/crypto/evp/e_ofb_r5.c
+	$(CC) -o $(OBJ_D)/e_ofb_r5.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_r5.c
 
 $(OBJ_D)/m_null.o: $(SRC_D)/crypto/evp/m_null.c
-	$(CC) -o $(OBJ_D)/m_null.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_null.c
+	$(CC) -o $(OBJ_D)/m_null.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_null.c
 
 $(OBJ_D)/m_md2.o: $(SRC_D)/crypto/evp/m_md2.c
-	$(CC) -o $(OBJ_D)/m_md2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_md2.c
+	$(CC) -o $(OBJ_D)/m_md2.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_md2.c
 
 $(OBJ_D)/m_md5.o: $(SRC_D)/crypto/evp/m_md5.c
-	$(CC) -o $(OBJ_D)/m_md5.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_md5.c
+	$(CC) -o $(OBJ_D)/m_md5.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_md5.c
 
 $(OBJ_D)/m_sha.o: $(SRC_D)/crypto/evp/m_sha.c
-	$(CC) -o $(OBJ_D)/m_sha.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_sha.c
+	$(CC) -o $(OBJ_D)/m_sha.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_sha.c
 
 $(OBJ_D)/m_sha1.o: $(SRC_D)/crypto/evp/m_sha1.c
-	$(CC) -o $(OBJ_D)/m_sha1.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_sha1.c
+	$(CC) -o $(OBJ_D)/m_sha1.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_sha1.c
 
 $(OBJ_D)/m_dss.o: $(SRC_D)/crypto/evp/m_dss.c
-	$(CC) -o $(OBJ_D)/m_dss.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_dss.c
+	$(CC) -o $(OBJ_D)/m_dss.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_dss.c
 
 $(OBJ_D)/m_dss1.o: $(SRC_D)/crypto/evp/m_dss1.c
-	$(CC) -o $(OBJ_D)/m_dss1.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_dss1.c
+	$(CC) -o $(OBJ_D)/m_dss1.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_dss1.c
 
 $(OBJ_D)/m_mdc2.o: $(SRC_D)/crypto/evp/m_mdc2.c
-	$(CC) -o $(OBJ_D)/m_mdc2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_mdc2.c
+	$(CC) -o $(OBJ_D)/m_mdc2.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_mdc2.c
+
+$(OBJ_D)/m_ripemd.o: $(SRC_D)/crypto/evp/m_ripemd.c
+	$(CC) -o $(OBJ_D)/m_ripemd.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_ripemd.c
 
 $(OBJ_D)/p_open.o: $(SRC_D)/crypto/evp/p_open.c
-	$(CC) -o $(OBJ_D)/p_open.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_open.c
+	$(CC) -o $(OBJ_D)/p_open.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_open.c
 
 $(OBJ_D)/p_seal.o: $(SRC_D)/crypto/evp/p_seal.c
-	$(CC) -o $(OBJ_D)/p_seal.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_seal.c
+	$(CC) -o $(OBJ_D)/p_seal.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_seal.c
 
 $(OBJ_D)/p_sign.o: $(SRC_D)/crypto/evp/p_sign.c
-	$(CC) -o $(OBJ_D)/p_sign.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_sign.c
+	$(CC) -o $(OBJ_D)/p_sign.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_sign.c
 
 $(OBJ_D)/p_verify.o: $(SRC_D)/crypto/evp/p_verify.c
-	$(CC) -o $(OBJ_D)/p_verify.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_verify.c
+	$(CC) -o $(OBJ_D)/p_verify.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_verify.c
 
 $(OBJ_D)/p_lib.o: $(SRC_D)/crypto/evp/p_lib.c
-	$(CC) -o $(OBJ_D)/p_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_lib.c
+	$(CC) -o $(OBJ_D)/p_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_lib.c
+
+$(OBJ_D)/p_enc.o: $(SRC_D)/crypto/evp/p_enc.c
+	$(CC) -o $(OBJ_D)/p_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_enc.c
+
+$(OBJ_D)/p_dec.o: $(SRC_D)/crypto/evp/p_dec.c
+	$(CC) -o $(OBJ_D)/p_dec.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_dec.c
 
 $(OBJ_D)/bio_md.o: $(SRC_D)/crypto/evp/bio_md.c
-	$(CC) -o $(OBJ_D)/bio_md.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/bio_md.c
+	$(CC) -o $(OBJ_D)/bio_md.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/bio_md.c
 
 $(OBJ_D)/bio_b64.o: $(SRC_D)/crypto/evp/bio_b64.c
-	$(CC) -o $(OBJ_D)/bio_b64.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/bio_b64.c
+	$(CC) -o $(OBJ_D)/bio_b64.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/bio_b64.c
 
 $(OBJ_D)/bio_enc.o: $(SRC_D)/crypto/evp/bio_enc.c
-	$(CC) -o $(OBJ_D)/bio_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/bio_enc.c
+	$(CC) -o $(OBJ_D)/bio_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/bio_enc.c
 
 $(OBJ_D)/evp_err.o: $(SRC_D)/crypto/evp/evp_err.c
-	$(CC) -o $(OBJ_D)/evp_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/evp_err.c
+	$(CC) -o $(OBJ_D)/evp_err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/evp_err.c
 
 $(OBJ_D)/e_null.o: $(SRC_D)/crypto/evp/e_null.c
-	$(CC) -o $(OBJ_D)/e_null.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_null.c
+	$(CC) -o $(OBJ_D)/e_null.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_null.c
 
 $(OBJ_D)/c_all.o: $(SRC_D)/crypto/evp/c_all.c
-	$(CC) -o $(OBJ_D)/c_all.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/c_all.c
+	$(CC) -o $(OBJ_D)/c_all.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/c_all.c
+
+$(OBJ_D)/evp_lib.o: $(SRC_D)/crypto/evp/evp_lib.c
+	$(CC) -o $(OBJ_D)/evp_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/evp_lib.c
 
 $(OBJ_D)/pem_sign.o: $(SRC_D)/crypto/pem/pem_sign.c
-	$(CC) -o $(OBJ_D)/pem_sign.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_sign.c
+	$(CC) -o $(OBJ_D)/pem_sign.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_sign.c
 
 $(OBJ_D)/pem_seal.o: $(SRC_D)/crypto/pem/pem_seal.c
-	$(CC) -o $(OBJ_D)/pem_seal.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_seal.c
+	$(CC) -o $(OBJ_D)/pem_seal.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_seal.c
 
 $(OBJ_D)/pem_info.o: $(SRC_D)/crypto/pem/pem_info.c
-	$(CC) -o $(OBJ_D)/pem_info.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_info.c
+	$(CC) -o $(OBJ_D)/pem_info.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_info.c
 
 $(OBJ_D)/pem_lib.o: $(SRC_D)/crypto/pem/pem_lib.c
-	$(CC) -o $(OBJ_D)/pem_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_lib.c
+	$(CC) -o $(OBJ_D)/pem_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_lib.c
 
 $(OBJ_D)/pem_all.o: $(SRC_D)/crypto/pem/pem_all.c
-	$(CC) -o $(OBJ_D)/pem_all.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_all.c
+	$(CC) -o $(OBJ_D)/pem_all.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_all.c
 
 $(OBJ_D)/pem_err.o: $(SRC_D)/crypto/pem/pem_err.c
-	$(CC) -o $(OBJ_D)/pem_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_err.c
+	$(CC) -o $(OBJ_D)/pem_err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_err.c
 
 $(OBJ_D)/a_object.o: $(SRC_D)/crypto/asn1/a_object.c
-	$(CC) -o $(OBJ_D)/a_object.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_object.c
+	$(CC) -o $(OBJ_D)/a_object.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_object.c
 
 $(OBJ_D)/a_bitstr.o: $(SRC_D)/crypto/asn1/a_bitstr.c
-	$(CC) -o $(OBJ_D)/a_bitstr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_bitstr.c
+	$(CC) -o $(OBJ_D)/a_bitstr.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_bitstr.c
 
 $(OBJ_D)/a_utctm.o: $(SRC_D)/crypto/asn1/a_utctm.c
-	$(CC) -o $(OBJ_D)/a_utctm.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_utctm.c
+	$(CC) -o $(OBJ_D)/a_utctm.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_utctm.c
 
 $(OBJ_D)/a_int.o: $(SRC_D)/crypto/asn1/a_int.c
-	$(CC) -o $(OBJ_D)/a_int.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_int.c
+	$(CC) -o $(OBJ_D)/a_int.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_int.c
 
 $(OBJ_D)/a_octet.o: $(SRC_D)/crypto/asn1/a_octet.c
-	$(CC) -o $(OBJ_D)/a_octet.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_octet.c
+	$(CC) -o $(OBJ_D)/a_octet.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_octet.c
 
 $(OBJ_D)/a_print.o: $(SRC_D)/crypto/asn1/a_print.c
-	$(CC) -o $(OBJ_D)/a_print.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_print.c
+	$(CC) -o $(OBJ_D)/a_print.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_print.c
 
 $(OBJ_D)/a_type.o: $(SRC_D)/crypto/asn1/a_type.c
-	$(CC) -o $(OBJ_D)/a_type.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_type.c
+	$(CC) -o $(OBJ_D)/a_type.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_type.c
 
 $(OBJ_D)/a_set.o: $(SRC_D)/crypto/asn1/a_set.c
-	$(CC) -o $(OBJ_D)/a_set.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_set.c
+	$(CC) -o $(OBJ_D)/a_set.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_set.c
 
 $(OBJ_D)/a_dup.o: $(SRC_D)/crypto/asn1/a_dup.c
-	$(CC) -o $(OBJ_D)/a_dup.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_dup.c
+	$(CC) -o $(OBJ_D)/a_dup.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_dup.c
 
 $(OBJ_D)/a_d2i_fp.o: $(SRC_D)/crypto/asn1/a_d2i_fp.c
-	$(CC) -o $(OBJ_D)/a_d2i_fp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_d2i_fp.c
+	$(CC) -o $(OBJ_D)/a_d2i_fp.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_d2i_fp.c
 
 $(OBJ_D)/a_i2d_fp.o: $(SRC_D)/crypto/asn1/a_i2d_fp.c
-	$(CC) -o $(OBJ_D)/a_i2d_fp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_i2d_fp.c
+	$(CC) -o $(OBJ_D)/a_i2d_fp.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_i2d_fp.c
 
 $(OBJ_D)/a_sign.o: $(SRC_D)/crypto/asn1/a_sign.c
-	$(CC) -o $(OBJ_D)/a_sign.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_sign.c
+	$(CC) -o $(OBJ_D)/a_sign.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_sign.c
 
 $(OBJ_D)/a_digest.o: $(SRC_D)/crypto/asn1/a_digest.c
-	$(CC) -o $(OBJ_D)/a_digest.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_digest.c
+	$(CC) -o $(OBJ_D)/a_digest.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_digest.c
 
 $(OBJ_D)/a_verify.o: $(SRC_D)/crypto/asn1/a_verify.c
-	$(CC) -o $(OBJ_D)/a_verify.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_verify.c
+	$(CC) -o $(OBJ_D)/a_verify.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_verify.c
 
 $(OBJ_D)/x_algor.o: $(SRC_D)/crypto/asn1/x_algor.c
-	$(CC) -o $(OBJ_D)/x_algor.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_algor.c
+	$(CC) -o $(OBJ_D)/x_algor.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_algor.c
 
 $(OBJ_D)/x_val.o: $(SRC_D)/crypto/asn1/x_val.c
-	$(CC) -o $(OBJ_D)/x_val.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_val.c
+	$(CC) -o $(OBJ_D)/x_val.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_val.c
 
 $(OBJ_D)/x_pubkey.o: $(SRC_D)/crypto/asn1/x_pubkey.c
-	$(CC) -o $(OBJ_D)/x_pubkey.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_pubkey.c
+	$(CC) -o $(OBJ_D)/x_pubkey.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_pubkey.c
 
 $(OBJ_D)/x_sig.o: $(SRC_D)/crypto/asn1/x_sig.c
-	$(CC) -o $(OBJ_D)/x_sig.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_sig.c
+	$(CC) -o $(OBJ_D)/x_sig.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_sig.c
 
 $(OBJ_D)/x_req.o: $(SRC_D)/crypto/asn1/x_req.c
-	$(CC) -o $(OBJ_D)/x_req.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_req.c
+	$(CC) -o $(OBJ_D)/x_req.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_req.c
 
 $(OBJ_D)/x_attrib.o: $(SRC_D)/crypto/asn1/x_attrib.c
-	$(CC) -o $(OBJ_D)/x_attrib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_attrib.c
+	$(CC) -o $(OBJ_D)/x_attrib.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_attrib.c
 
 $(OBJ_D)/x_name.o: $(SRC_D)/crypto/asn1/x_name.c
-	$(CC) -o $(OBJ_D)/x_name.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_name.c
+	$(CC) -o $(OBJ_D)/x_name.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_name.c
 
 $(OBJ_D)/x_cinf.o: $(SRC_D)/crypto/asn1/x_cinf.c
-	$(CC) -o $(OBJ_D)/x_cinf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_cinf.c
+	$(CC) -o $(OBJ_D)/x_cinf.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_cinf.c
 
 $(OBJ_D)/x_x509.o: $(SRC_D)/crypto/asn1/x_x509.c
-	$(CC) -o $(OBJ_D)/x_x509.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_x509.c
+	$(CC) -o $(OBJ_D)/x_x509.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_x509.c
 
 $(OBJ_D)/x_crl.o: $(SRC_D)/crypto/asn1/x_crl.c
-	$(CC) -o $(OBJ_D)/x_crl.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_crl.c
+	$(CC) -o $(OBJ_D)/x_crl.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_crl.c
 
 $(OBJ_D)/x_info.o: $(SRC_D)/crypto/asn1/x_info.c
-	$(CC) -o $(OBJ_D)/x_info.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_info.c
+	$(CC) -o $(OBJ_D)/x_info.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_info.c
 
 $(OBJ_D)/x_spki.o: $(SRC_D)/crypto/asn1/x_spki.c
-	$(CC) -o $(OBJ_D)/x_spki.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_spki.c
+	$(CC) -o $(OBJ_D)/x_spki.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_spki.c
 
 $(OBJ_D)/d2i_r_pr.o: $(SRC_D)/crypto/asn1/d2i_r_pr.c
-	$(CC) -o $(OBJ_D)/d2i_r_pr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_r_pr.c
+	$(CC) -o $(OBJ_D)/d2i_r_pr.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_r_pr.c
 
 $(OBJ_D)/i2d_r_pr.o: $(SRC_D)/crypto/asn1/i2d_r_pr.c
-	$(CC) -o $(OBJ_D)/i2d_r_pr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_r_pr.c
+	$(CC) -o $(OBJ_D)/i2d_r_pr.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_r_pr.c
 
 $(OBJ_D)/d2i_r_pu.o: $(SRC_D)/crypto/asn1/d2i_r_pu.c
-	$(CC) -o $(OBJ_D)/d2i_r_pu.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_r_pu.c
+	$(CC) -o $(OBJ_D)/d2i_r_pu.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_r_pu.c
 
 $(OBJ_D)/i2d_r_pu.o: $(SRC_D)/crypto/asn1/i2d_r_pu.c
-	$(CC) -o $(OBJ_D)/i2d_r_pu.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_r_pu.c
+	$(CC) -o $(OBJ_D)/i2d_r_pu.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_r_pu.c
 
 $(OBJ_D)/d2i_s_pr.o: $(SRC_D)/crypto/asn1/d2i_s_pr.c
-	$(CC) -o $(OBJ_D)/d2i_s_pr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_s_pr.c
+	$(CC) -o $(OBJ_D)/d2i_s_pr.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_s_pr.c
 
 $(OBJ_D)/i2d_s_pr.o: $(SRC_D)/crypto/asn1/i2d_s_pr.c
-	$(CC) -o $(OBJ_D)/i2d_s_pr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_s_pr.c
+	$(CC) -o $(OBJ_D)/i2d_s_pr.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_s_pr.c
 
 $(OBJ_D)/d2i_s_pu.o: $(SRC_D)/crypto/asn1/d2i_s_pu.c
-	$(CC) -o $(OBJ_D)/d2i_s_pu.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_s_pu.c
+	$(CC) -o $(OBJ_D)/d2i_s_pu.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_s_pu.c
 
 $(OBJ_D)/i2d_s_pu.o: $(SRC_D)/crypto/asn1/i2d_s_pu.c
-	$(CC) -o $(OBJ_D)/i2d_s_pu.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_s_pu.c
+	$(CC) -o $(OBJ_D)/i2d_s_pu.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_s_pu.c
 
 $(OBJ_D)/d2i_pu.o: $(SRC_D)/crypto/asn1/d2i_pu.c
-	$(CC) -o $(OBJ_D)/d2i_pu.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_pu.c
+	$(CC) -o $(OBJ_D)/d2i_pu.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_pu.c
 
 $(OBJ_D)/d2i_pr.o: $(SRC_D)/crypto/asn1/d2i_pr.c
-	$(CC) -o $(OBJ_D)/d2i_pr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_pr.c
+	$(CC) -o $(OBJ_D)/d2i_pr.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_pr.c
 
 $(OBJ_D)/i2d_pu.o: $(SRC_D)/crypto/asn1/i2d_pu.c
-	$(CC) -o $(OBJ_D)/i2d_pu.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_pu.c
+	$(CC) -o $(OBJ_D)/i2d_pu.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_pu.c
 
 $(OBJ_D)/i2d_pr.o: $(SRC_D)/crypto/asn1/i2d_pr.c
-	$(CC) -o $(OBJ_D)/i2d_pr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_pr.c
+	$(CC) -o $(OBJ_D)/i2d_pr.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_pr.c
 
 $(OBJ_D)/t_req.o: $(SRC_D)/crypto/asn1/t_req.c
-	$(CC) -o $(OBJ_D)/t_req.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/t_req.c
+	$(CC) -o $(OBJ_D)/t_req.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/t_req.c
 
 $(OBJ_D)/t_x509.o: $(SRC_D)/crypto/asn1/t_x509.c
-	$(CC) -o $(OBJ_D)/t_x509.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/t_x509.c
+	$(CC) -o $(OBJ_D)/t_x509.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/t_x509.c
 
 $(OBJ_D)/t_pkey.o: $(SRC_D)/crypto/asn1/t_pkey.c
-	$(CC) -o $(OBJ_D)/t_pkey.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/t_pkey.c
+	$(CC) -o $(OBJ_D)/t_pkey.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/t_pkey.c
 
 $(OBJ_D)/p7_i_s.o: $(SRC_D)/crypto/asn1/p7_i_s.c
-	$(CC) -o $(OBJ_D)/p7_i_s.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_i_s.c
+	$(CC) -o $(OBJ_D)/p7_i_s.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_i_s.c
 
 $(OBJ_D)/p7_signi.o: $(SRC_D)/crypto/asn1/p7_signi.c
-	$(CC) -o $(OBJ_D)/p7_signi.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_signi.c
+	$(CC) -o $(OBJ_D)/p7_signi.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_signi.c
 
 $(OBJ_D)/p7_signd.o: $(SRC_D)/crypto/asn1/p7_signd.c
-	$(CC) -o $(OBJ_D)/p7_signd.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_signd.c
+	$(CC) -o $(OBJ_D)/p7_signd.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_signd.c
 
 $(OBJ_D)/p7_recip.o: $(SRC_D)/crypto/asn1/p7_recip.c
-	$(CC) -o $(OBJ_D)/p7_recip.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_recip.c
+	$(CC) -o $(OBJ_D)/p7_recip.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_recip.c
 
 $(OBJ_D)/p7_enc_c.o: $(SRC_D)/crypto/asn1/p7_enc_c.c
-	$(CC) -o $(OBJ_D)/p7_enc_c.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_enc_c.c
+	$(CC) -o $(OBJ_D)/p7_enc_c.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_enc_c.c
 
 $(OBJ_D)/p7_evp.o: $(SRC_D)/crypto/asn1/p7_evp.c
-	$(CC) -o $(OBJ_D)/p7_evp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_evp.c
+	$(CC) -o $(OBJ_D)/p7_evp.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_evp.c
 
 $(OBJ_D)/p7_dgst.o: $(SRC_D)/crypto/asn1/p7_dgst.c
-	$(CC) -o $(OBJ_D)/p7_dgst.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_dgst.c
+	$(CC) -o $(OBJ_D)/p7_dgst.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_dgst.c
 
 $(OBJ_D)/p7_s_e.o: $(SRC_D)/crypto/asn1/p7_s_e.c
-	$(CC) -o $(OBJ_D)/p7_s_e.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_s_e.c
+	$(CC) -o $(OBJ_D)/p7_s_e.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_s_e.c
 
 $(OBJ_D)/p7_enc.o: $(SRC_D)/crypto/asn1/p7_enc.c
-	$(CC) -o $(OBJ_D)/p7_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_enc.c
+	$(CC) -o $(OBJ_D)/p7_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_enc.c
 
 $(OBJ_D)/p7_lib.o: $(SRC_D)/crypto/asn1/p7_lib.c
-	$(CC) -o $(OBJ_D)/p7_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_lib.c
+	$(CC) -o $(OBJ_D)/p7_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_lib.c
 
 $(OBJ_D)/f_int.o: $(SRC_D)/crypto/asn1/f_int.c
-	$(CC) -o $(OBJ_D)/f_int.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/f_int.c
+	$(CC) -o $(OBJ_D)/f_int.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/f_int.c
 
 $(OBJ_D)/f_string.o: $(SRC_D)/crypto/asn1/f_string.c
-	$(CC) -o $(OBJ_D)/f_string.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/f_string.c
+	$(CC) -o $(OBJ_D)/f_string.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/f_string.c
 
 $(OBJ_D)/i2d_dhp.o: $(SRC_D)/crypto/asn1/i2d_dhp.c
-	$(CC) -o $(OBJ_D)/i2d_dhp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_dhp.c
+	$(CC) -o $(OBJ_D)/i2d_dhp.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_dhp.c
 
 $(OBJ_D)/i2d_dsap.o: $(SRC_D)/crypto/asn1/i2d_dsap.c
-	$(CC) -o $(OBJ_D)/i2d_dsap.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_dsap.c
+	$(CC) -o $(OBJ_D)/i2d_dsap.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_dsap.c
 
 $(OBJ_D)/d2i_dhp.o: $(SRC_D)/crypto/asn1/d2i_dhp.c
-	$(CC) -o $(OBJ_D)/d2i_dhp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_dhp.c
+	$(CC) -o $(OBJ_D)/d2i_dhp.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_dhp.c
 
 $(OBJ_D)/d2i_dsap.o: $(SRC_D)/crypto/asn1/d2i_dsap.c
-	$(CC) -o $(OBJ_D)/d2i_dsap.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_dsap.c
+	$(CC) -o $(OBJ_D)/d2i_dsap.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_dsap.c
 
 $(OBJ_D)/n_pkey.o: $(SRC_D)/crypto/asn1/n_pkey.c
-	$(CC) -o $(OBJ_D)/n_pkey.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/n_pkey.c
+	$(CC) -o $(OBJ_D)/n_pkey.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/n_pkey.c
 
 $(OBJ_D)/a_hdr.o: $(SRC_D)/crypto/asn1/a_hdr.c
-	$(CC) -o $(OBJ_D)/a_hdr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_hdr.c
+	$(CC) -o $(OBJ_D)/a_hdr.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_hdr.c
 
 $(OBJ_D)/x_pkey.o: $(SRC_D)/crypto/asn1/x_pkey.c
-	$(CC) -o $(OBJ_D)/x_pkey.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_pkey.c
+	$(CC) -o $(OBJ_D)/x_pkey.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_pkey.c
 
 $(OBJ_D)/a_bool.o: $(SRC_D)/crypto/asn1/a_bool.c
-	$(CC) -o $(OBJ_D)/a_bool.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_bool.c
+	$(CC) -o $(OBJ_D)/a_bool.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_bool.c
 
 $(OBJ_D)/x_exten.o: $(SRC_D)/crypto/asn1/x_exten.c
-	$(CC) -o $(OBJ_D)/x_exten.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_exten.c
+	$(CC) -o $(OBJ_D)/x_exten.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_exten.c
 
 $(OBJ_D)/asn1_par.o: $(SRC_D)/crypto/asn1/asn1_par.c
-	$(CC) -o $(OBJ_D)/asn1_par.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/asn1_par.c
+	$(CC) -o $(OBJ_D)/asn1_par.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/asn1_par.c
 
 $(OBJ_D)/asn1_lib.o: $(SRC_D)/crypto/asn1/asn1_lib.c
-	$(CC) -o $(OBJ_D)/asn1_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/asn1_lib.c
+	$(CC) -o $(OBJ_D)/asn1_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/asn1_lib.c
 
 $(OBJ_D)/asn1_err.o: $(SRC_D)/crypto/asn1/asn1_err.c
-	$(CC) -o $(OBJ_D)/asn1_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/asn1_err.c
+	$(CC) -o $(OBJ_D)/asn1_err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/asn1_err.c
 
 $(OBJ_D)/a_meth.o: $(SRC_D)/crypto/asn1/a_meth.c
-	$(CC) -o $(OBJ_D)/a_meth.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_meth.c
+	$(CC) -o $(OBJ_D)/a_meth.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_meth.c
 
 $(OBJ_D)/a_bytes.o: $(SRC_D)/crypto/asn1/a_bytes.c
-	$(CC) -o $(OBJ_D)/a_bytes.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_bytes.c
+	$(CC) -o $(OBJ_D)/a_bytes.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_bytes.c
+
+$(OBJ_D)/evp_asn1.o: $(SRC_D)/crypto/asn1/evp_asn1.c
+	$(CC) -o $(OBJ_D)/evp_asn1.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/evp_asn1.c
 
 $(OBJ_D)/x509_def.o: $(SRC_D)/crypto/x509/x509_def.c
-	$(CC) -o $(OBJ_D)/x509_def.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_def.c
+	$(CC) -o $(OBJ_D)/x509_def.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_def.c
 
 $(OBJ_D)/x509_d2.o: $(SRC_D)/crypto/x509/x509_d2.c
-	$(CC) -o $(OBJ_D)/x509_d2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_d2.c
+	$(CC) -o $(OBJ_D)/x509_d2.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_d2.c
 
 $(OBJ_D)/x509_r2x.o: $(SRC_D)/crypto/x509/x509_r2x.c
-	$(CC) -o $(OBJ_D)/x509_r2x.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_r2x.c
+	$(CC) -o $(OBJ_D)/x509_r2x.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_r2x.c
 
 $(OBJ_D)/x509_cmp.o: $(SRC_D)/crypto/x509/x509_cmp.c
-	$(CC) -o $(OBJ_D)/x509_cmp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_cmp.c
+	$(CC) -o $(OBJ_D)/x509_cmp.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_cmp.c
 
 $(OBJ_D)/x509_obj.o: $(SRC_D)/crypto/x509/x509_obj.c
-	$(CC) -o $(OBJ_D)/x509_obj.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_obj.c
+	$(CC) -o $(OBJ_D)/x509_obj.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_obj.c
 
 $(OBJ_D)/x509_req.o: $(SRC_D)/crypto/x509/x509_req.c
-	$(CC) -o $(OBJ_D)/x509_req.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_req.c
+	$(CC) -o $(OBJ_D)/x509_req.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_req.c
 
 $(OBJ_D)/x509_vfy.o: $(SRC_D)/crypto/x509/x509_vfy.c
-	$(CC) -o $(OBJ_D)/x509_vfy.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_vfy.c
+	$(CC) -o $(OBJ_D)/x509_vfy.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_vfy.c
 
 $(OBJ_D)/x509_set.o: $(SRC_D)/crypto/x509/x509_set.c
-	$(CC) -o $(OBJ_D)/x509_set.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_set.c
+	$(CC) -o $(OBJ_D)/x509_set.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_set.c
 
 $(OBJ_D)/x509rset.o: $(SRC_D)/crypto/x509/x509rset.c
-	$(CC) -o $(OBJ_D)/x509rset.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509rset.c
+	$(CC) -o $(OBJ_D)/x509rset.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509rset.c
 
 $(OBJ_D)/x509_err.o: $(SRC_D)/crypto/x509/x509_err.c
-	$(CC) -o $(OBJ_D)/x509_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_err.c
+	$(CC) -o $(OBJ_D)/x509_err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_err.c
 
 $(OBJ_D)/x509name.o: $(SRC_D)/crypto/x509/x509name.c
-	$(CC) -o $(OBJ_D)/x509name.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509name.c
+	$(CC) -o $(OBJ_D)/x509name.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509name.c
 
 $(OBJ_D)/x509_v3.o: $(SRC_D)/crypto/x509/x509_v3.c
-	$(CC) -o $(OBJ_D)/x509_v3.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_v3.c
+	$(CC) -o $(OBJ_D)/x509_v3.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_v3.c
 
 $(OBJ_D)/x509_ext.o: $(SRC_D)/crypto/x509/x509_ext.c
-	$(CC) -o $(OBJ_D)/x509_ext.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_ext.c
+	$(CC) -o $(OBJ_D)/x509_ext.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_ext.c
 
 $(OBJ_D)/x509pack.o: $(SRC_D)/crypto/x509/x509pack.c
-	$(CC) -o $(OBJ_D)/x509pack.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509pack.c
+	$(CC) -o $(OBJ_D)/x509pack.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509pack.c
 
 $(OBJ_D)/x509type.o: $(SRC_D)/crypto/x509/x509type.c
-	$(CC) -o $(OBJ_D)/x509type.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509type.c
+	$(CC) -o $(OBJ_D)/x509type.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509type.c
 
 $(OBJ_D)/x509_lu.o: $(SRC_D)/crypto/x509/x509_lu.c
-	$(CC) -o $(OBJ_D)/x509_lu.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_lu.c
+	$(CC) -o $(OBJ_D)/x509_lu.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_lu.c
 
 $(OBJ_D)/x_all.o: $(SRC_D)/crypto/x509/x_all.c
-	$(CC) -o $(OBJ_D)/x_all.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x_all.c
+	$(CC) -o $(OBJ_D)/x_all.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x_all.c
 
 $(OBJ_D)/x509_txt.o: $(SRC_D)/crypto/x509/x509_txt.c
-	$(CC) -o $(OBJ_D)/x509_txt.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_txt.c
+	$(CC) -o $(OBJ_D)/x509_txt.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_txt.c
 
 $(OBJ_D)/by_file.o: $(SRC_D)/crypto/x509/by_file.c
-	$(CC) -o $(OBJ_D)/by_file.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/by_file.c
+	$(CC) -o $(OBJ_D)/by_file.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/by_file.c
 
 $(OBJ_D)/by_dir.o: $(SRC_D)/crypto/x509/by_dir.c
-	$(CC) -o $(OBJ_D)/by_dir.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/by_dir.c
+	$(CC) -o $(OBJ_D)/by_dir.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/by_dir.c
 
 $(OBJ_D)/v3_net.o: $(SRC_D)/crypto/x509/v3_net.c
-	$(CC) -o $(OBJ_D)/v3_net.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/v3_net.c
+	$(CC) -o $(OBJ_D)/v3_net.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/v3_net.c
 
 $(OBJ_D)/v3_x509.o: $(SRC_D)/crypto/x509/v3_x509.c
-	$(CC) -o $(OBJ_D)/v3_x509.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/v3_x509.c
+	$(CC) -o $(OBJ_D)/v3_x509.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/v3_x509.c
 
 $(OBJ_D)/conf.o: $(SRC_D)/crypto/conf/conf.c
-	$(CC) -o $(OBJ_D)/conf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/conf/conf.c
+	$(CC) -o $(OBJ_D)/conf.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/conf/conf.c
 
 $(OBJ_D)/conf_err.o: $(SRC_D)/crypto/conf/conf_err.c
-	$(CC) -o $(OBJ_D)/conf_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/conf/conf_err.c
+	$(CC) -o $(OBJ_D)/conf_err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/conf/conf_err.c
 
 $(OBJ_D)/txt_db.o: $(SRC_D)/crypto/txt_db/txt_db.c
-	$(CC) -o $(OBJ_D)/txt_db.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/txt_db/txt_db.c
+	$(CC) -o $(OBJ_D)/txt_db.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/txt_db/txt_db.c
 
 $(OBJ_D)/pk7_lib.o: $(SRC_D)/crypto/pkcs7/pk7_lib.c
-	$(CC) -o $(OBJ_D)/pk7_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pkcs7/pk7_lib.c
+	$(CC) -o $(OBJ_D)/pk7_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/pkcs7/pk7_lib.c
 
 $(OBJ_D)/pkcs7err.o: $(SRC_D)/crypto/pkcs7/pkcs7err.c
-	$(CC) -o $(OBJ_D)/pkcs7err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pkcs7/pkcs7err.c
+	$(CC) -o $(OBJ_D)/pkcs7err.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/pkcs7/pkcs7err.c
 
 $(OBJ_D)/pk7_doit.o: $(SRC_D)/crypto/pkcs7/pk7_doit.c
-	$(CC) -o $(OBJ_D)/pk7_doit.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pkcs7/pk7_doit.c
+	$(CC) -o $(OBJ_D)/pk7_doit.o  $(LIB_CFLAGS) -c $(SRC_D)/crypto/pkcs7/pk7_doit.c
 
 $(OBJ_D)/s2_meth.o: $(SRC_D)/ssl/s2_meth.c
-	$(CC) -o $(OBJ_D)/s2_meth.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_meth.c
+	$(CC) -o $(OBJ_D)/s2_meth.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_meth.c
 
 $(OBJ_D)/s2_srvr.o: $(SRC_D)/ssl/s2_srvr.c
-	$(CC) -o $(OBJ_D)/s2_srvr.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_srvr.c
+	$(CC) -o $(OBJ_D)/s2_srvr.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_srvr.c
 
 $(OBJ_D)/s2_clnt.o: $(SRC_D)/ssl/s2_clnt.c
-	$(CC) -o $(OBJ_D)/s2_clnt.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_clnt.c
+	$(CC) -o $(OBJ_D)/s2_clnt.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_clnt.c
 
 $(OBJ_D)/s2_lib.o: $(SRC_D)/ssl/s2_lib.c
-	$(CC) -o $(OBJ_D)/s2_lib.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_lib.c
-
-$(OBJ_D)/s2_pkt.o: $(SRC_D)/ssl/s2_pkt.c
-	$(CC) -o $(OBJ_D)/s2_pkt.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_pkt.c
+	$(CC) -o $(OBJ_D)/s2_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_lib.c
 
 $(OBJ_D)/s2_enc.o: $(SRC_D)/ssl/s2_enc.c
-	$(CC) -o $(OBJ_D)/s2_enc.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_enc.c
+	$(CC) -o $(OBJ_D)/s2_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_enc.c
+
+$(OBJ_D)/s2_pkt.o: $(SRC_D)/ssl/s2_pkt.c
+	$(CC) -o $(OBJ_D)/s2_pkt.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_pkt.c
 
 $(OBJ_D)/s3_meth.o: $(SRC_D)/ssl/s3_meth.c
-	$(CC) -o $(OBJ_D)/s3_meth.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_meth.c
+	$(CC) -o $(OBJ_D)/s3_meth.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_meth.c
 
 $(OBJ_D)/s3_srvr.o: $(SRC_D)/ssl/s3_srvr.c
-	$(CC) -o $(OBJ_D)/s3_srvr.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_srvr.c
+	$(CC) -o $(OBJ_D)/s3_srvr.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_srvr.c
 
 $(OBJ_D)/s3_clnt.o: $(SRC_D)/ssl/s3_clnt.c
-	$(CC) -o $(OBJ_D)/s3_clnt.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_clnt.c
+	$(CC) -o $(OBJ_D)/s3_clnt.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_clnt.c
 
 $(OBJ_D)/s3_lib.o: $(SRC_D)/ssl/s3_lib.c
-	$(CC) -o $(OBJ_D)/s3_lib.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_lib.c
-
-$(OBJ_D)/s3_pkt.o: $(SRC_D)/ssl/s3_pkt.c
-	$(CC) -o $(OBJ_D)/s3_pkt.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_pkt.c
+	$(CC) -o $(OBJ_D)/s3_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_lib.c
 
 $(OBJ_D)/s3_enc.o: $(SRC_D)/ssl/s3_enc.c
-	$(CC) -o $(OBJ_D)/s3_enc.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_enc.c
+	$(CC) -o $(OBJ_D)/s3_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_enc.c
+
+$(OBJ_D)/s3_pkt.o: $(SRC_D)/ssl/s3_pkt.c
+	$(CC) -o $(OBJ_D)/s3_pkt.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_pkt.c
 
 $(OBJ_D)/s3_both.o: $(SRC_D)/ssl/s3_both.c
-	$(CC) -o $(OBJ_D)/s3_both.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_both.c
+	$(CC) -o $(OBJ_D)/s3_both.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_both.c
 
 $(OBJ_D)/s23_meth.o: $(SRC_D)/ssl/s23_meth.c
-	$(CC) -o $(OBJ_D)/s23_meth.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_meth.c
+	$(CC) -o $(OBJ_D)/s23_meth.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_meth.c
 
 $(OBJ_D)/s23_srvr.o: $(SRC_D)/ssl/s23_srvr.c
-	$(CC) -o $(OBJ_D)/s23_srvr.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_srvr.c
+	$(CC) -o $(OBJ_D)/s23_srvr.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_srvr.c
 
 $(OBJ_D)/s23_clnt.o: $(SRC_D)/ssl/s23_clnt.c
-	$(CC) -o $(OBJ_D)/s23_clnt.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_clnt.c
+	$(CC) -o $(OBJ_D)/s23_clnt.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_clnt.c
 
 $(OBJ_D)/s23_lib.o: $(SRC_D)/ssl/s23_lib.c
-	$(CC) -o $(OBJ_D)/s23_lib.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_lib.c
+	$(CC) -o $(OBJ_D)/s23_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_lib.c
 
 $(OBJ_D)/s23_pkt.o: $(SRC_D)/ssl/s23_pkt.c
-	$(CC) -o $(OBJ_D)/s23_pkt.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_pkt.c
+	$(CC) -o $(OBJ_D)/s23_pkt.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_pkt.c
+
+$(OBJ_D)/t1_meth.o: $(SRC_D)/ssl/t1_meth.c
+	$(CC) -o $(OBJ_D)/t1_meth.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/t1_meth.c
+
+$(OBJ_D)/t1_srvr.o: $(SRC_D)/ssl/t1_srvr.c
+	$(CC) -o $(OBJ_D)/t1_srvr.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/t1_srvr.c
+
+$(OBJ_D)/t1_clnt.o: $(SRC_D)/ssl/t1_clnt.c
+	$(CC) -o $(OBJ_D)/t1_clnt.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/t1_clnt.c
+
+$(OBJ_D)/t1_lib.o: $(SRC_D)/ssl/t1_lib.c
+	$(CC) -o $(OBJ_D)/t1_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/t1_lib.c
+
+$(OBJ_D)/t1_enc.o: $(SRC_D)/ssl/t1_enc.c
+	$(CC) -o $(OBJ_D)/t1_enc.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/t1_enc.c
 
 $(OBJ_D)/ssl_lib.o: $(SRC_D)/ssl/ssl_lib.c
-	$(CC) -o $(OBJ_D)/ssl_lib.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_lib.c
+	$(CC) -o $(OBJ_D)/ssl_lib.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_lib.c
 
 $(OBJ_D)/ssl_err2.o: $(SRC_D)/ssl/ssl_err2.c
-	$(CC) -o $(OBJ_D)/ssl_err2.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_err2.c
+	$(CC) -o $(OBJ_D)/ssl_err2.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_err2.c
 
 $(OBJ_D)/ssl_cert.o: $(SRC_D)/ssl/ssl_cert.c
-	$(CC) -o $(OBJ_D)/ssl_cert.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_cert.c
+	$(CC) -o $(OBJ_D)/ssl_cert.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_cert.c
 
 $(OBJ_D)/ssl_sess.o: $(SRC_D)/ssl/ssl_sess.c
-	$(CC) -o $(OBJ_D)/ssl_sess.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_sess.c
+	$(CC) -o $(OBJ_D)/ssl_sess.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_sess.c
 
 $(OBJ_D)/ssl_ciph.o: $(SRC_D)/ssl/ssl_ciph.c
-	$(CC) -o $(OBJ_D)/ssl_ciph.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_ciph.c
+	$(CC) -o $(OBJ_D)/ssl_ciph.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_ciph.c
 
 $(OBJ_D)/ssl_stat.o: $(SRC_D)/ssl/ssl_stat.c
-	$(CC) -o $(OBJ_D)/ssl_stat.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_stat.c
+	$(CC) -o $(OBJ_D)/ssl_stat.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_stat.c
 
 $(OBJ_D)/ssl_rsa.o: $(SRC_D)/ssl/ssl_rsa.c
-	$(CC) -o $(OBJ_D)/ssl_rsa.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_rsa.c
+	$(CC) -o $(OBJ_D)/ssl_rsa.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_rsa.c
 
 $(OBJ_D)/ssl_asn1.o: $(SRC_D)/ssl/ssl_asn1.c
-	$(CC) -o $(OBJ_D)/ssl_asn1.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_asn1.c
+	$(CC) -o $(OBJ_D)/ssl_asn1.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_asn1.c
 
 $(OBJ_D)/ssl_txt.o: $(SRC_D)/ssl/ssl_txt.c
-	$(CC) -o $(OBJ_D)/ssl_txt.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_txt.c
+	$(CC) -o $(OBJ_D)/ssl_txt.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_txt.c
 
 $(OBJ_D)/ssl_algs.o: $(SRC_D)/ssl/ssl_algs.c
-	$(CC) -o $(OBJ_D)/ssl_algs.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_algs.c
+	$(CC) -o $(OBJ_D)/ssl_algs.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_algs.c
 
 $(OBJ_D)/bio_ssl.o: $(SRC_D)/ssl/bio_ssl.c
-	$(CC) -o $(OBJ_D)/bio_ssl.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/bio_ssl.c
+	$(CC) -o $(OBJ_D)/bio_ssl.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/bio_ssl.c
 
 $(OBJ_D)/ssl_err.o: $(SRC_D)/ssl/ssl_err.c
-	$(CC) -o $(OBJ_D)/ssl_err.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_err.c
+	$(CC) -o $(OBJ_D)/ssl_err.o  $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_err.c
 
 $(OBJ_D)/rsaref.o: $(SRC_D)/rsaref/rsaref.c
-	$(CC) -o $(OBJ_D)/rsaref.o $(LIB_CFLAGS) -c $(SRC_D)/rsaref/rsaref.c
+	$(CC) -o $(OBJ_D)/rsaref.o  $(LIB_CFLAGS) -c $(SRC_D)/rsaref/rsaref.c
 
 $(OBJ_D)/rsar_err.o: $(SRC_D)/rsaref/rsar_err.c
-	$(CC) -o $(OBJ_D)/rsar_err.o $(LIB_CFLAGS) -c $(SRC_D)/rsaref/rsar_err.c
+	$(CC) -o $(OBJ_D)/rsar_err.o  $(LIB_CFLAGS) -c $(SRC_D)/rsaref/rsar_err.c
 
 $(TEST_D)/md2test: $(OBJ_D)/md2test.o $(LIBS_DEP)
 	$(LINK) -o $(TEST_D)/md2test $(LFLAGS) $(OBJ_D)/md2test.o $(L_LIBS) $(EX_LIBS)
@@ -1523,14 +1716,23 @@ $(TEST_D)/sha1test: $(OBJ_D)/sha1test.o $(LIBS_DEP)
 $(TEST_D)/mdc2test: $(OBJ_D)/mdc2test.o $(LIBS_DEP)
 	$(LINK) -o $(TEST_D)/mdc2test $(LFLAGS) $(OBJ_D)/mdc2test.o $(L_LIBS) $(EX_LIBS)
 
+$(TEST_D)/hmactest: $(OBJ_D)/hmactest.o $(LIBS_DEP)
+	$(LINK) -o $(TEST_D)/hmactest $(LFLAGS) $(OBJ_D)/hmactest.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/rmdtest: $(OBJ_D)/rmdtest.o $(LIBS_DEP)
+	$(LINK) -o $(TEST_D)/rmdtest $(LFLAGS) $(OBJ_D)/rmdtest.o $(L_LIBS) $(EX_LIBS)
+
 $(TEST_D)/destest: $(OBJ_D)/destest.o $(LIBS_DEP)
 	$(LINK) -o $(TEST_D)/destest $(LFLAGS) $(OBJ_D)/destest.o $(L_LIBS) $(EX_LIBS)
 
+$(TEST_D)/rc2test: $(OBJ_D)/rc2test.o $(LIBS_DEP)
+	$(LINK) -o $(TEST_D)/rc2test $(LFLAGS) $(OBJ_D)/rc2test.o $(L_LIBS) $(EX_LIBS)
+
 $(TEST_D)/rc4test: $(OBJ_D)/rc4test.o $(LIBS_DEP)
 	$(LINK) -o $(TEST_D)/rc4test $(LFLAGS) $(OBJ_D)/rc4test.o $(L_LIBS) $(EX_LIBS)
 
-$(TEST_D)/rc2test: $(OBJ_D)/rc2test.o $(LIBS_DEP)
-	$(LINK) -o $(TEST_D)/rc2test $(LFLAGS) $(OBJ_D)/rc2test.o $(L_LIBS) $(EX_LIBS)
+$(TEST_D)/rc5test: $(OBJ_D)/rc5test.o $(LIBS_DEP)
+	$(LINK) -o $(TEST_D)/rc5test $(LFLAGS) $(OBJ_D)/rc5test.o $(L_LIBS) $(EX_LIBS)
 
 $(TEST_D)/ideatest: $(OBJ_D)/ideatest.o $(LIBS_DEP)
 	$(LINK) -o $(TEST_D)/ideatest $(LFLAGS) $(OBJ_D)/ideatest.o $(L_LIBS) $(EX_LIBS)
@@ -1538,6 +1740,9 @@ $(TEST_D)/ideatest: $(OBJ_D)/ideatest.o $(LIBS_DEP)
 $(TEST_D)/bftest: $(OBJ_D)/bftest.o $(LIBS_DEP)
 	$(LINK) -o $(TEST_D)/bftest $(LFLAGS) $(OBJ_D)/bftest.o $(L_LIBS) $(EX_LIBS)
 
+$(TEST_D)/casttest: $(OBJ_D)/casttest.o $(LIBS_DEP)
+	$(LINK) -o $(TEST_D)/casttest $(LFLAGS) $(OBJ_D)/casttest.o $(L_LIBS) $(EX_LIBS)
+
 $(TEST_D)/bntest: $(OBJ_D)/bntest.o $(LIBS_DEP)
 	$(LINK) -o $(TEST_D)/bntest $(LFLAGS) $(OBJ_D)/bntest.o $(L_LIBS) $(EX_LIBS)
 
@@ -1556,20 +1761,20 @@ $(TEST_D)/randtest: $(OBJ_D)/randtest.o $(LIBS_DEP)
 $(TEST_D)/ssltest: $(OBJ_D)/ssltest.o $(LIBS_DEP)
 	$(LINK) -o $(TEST_D)/ssltest $(LFLAGS) $(OBJ_D)/ssltest.o $(L_LIBS) $(EX_LIBS)
 
-$(O_SSL): $(SSLOBJ)
-	$(RM) $(O_SSL)
-	$(MKLIB) $(O_SSL) $(SSLOBJ)
-	$(RANLIB) $(O_SSL)
+$(LIB_D)/$(O_SSL): $(SSLOBJ)
+	$(RM) $(LIB_D)/$(O_SSL)
+	$(MKLIB) $(LIB_D)/$(O_SSL) $(SSLOBJ)
+	$(RANLIB) $(LIB_D)/$(O_SSL)
 
-$(O_RSAGLUE): $(RSAGLUEOBJ)
-	$(RM) $(O_RSAGLUE)
-	$(MKLIB) $(O_RSAGLUE) $(RSAGLUEOBJ)
-	$(RANLIB) $(O_RSAGLUE)
+$(LIB_D)/$(O_RSAGLUE): $(RSAGLUEOBJ)
+	$(RM) $(LIB_D)/$(O_RSAGLUE)
+	$(MKLIB) $(LIB_D)/$(O_RSAGLUE) $(RSAGLUEOBJ)
+	$(RANLIB) $(LIB_D)/$(O_RSAGLUE)
 
-$(O_CRYPTO): $(CRYPTOOBJ)
-	$(RM) $(O_CRYPTO)
-	$(MKLIB) $(O_CRYPTO) $(CRYPTOOBJ)
-	$(RANLIB) $(O_CRYPTO)
+$(LIB_D)/$(O_CRYPTO): $(CRYPTOOBJ)
+	$(RM) $(LIB_D)/$(O_CRYPTO)
+	$(MKLIB) $(LIB_D)/$(O_CRYPTO) $(CRYPTOOBJ)
+	$(RANLIB) $(LIB_D)/$(O_CRYPTO)
 
 $(BIN_D)/$(E_EXE): $(E_OBJ) $(LIBS_DEP)
 	$(LINK) -o $(BIN_D)/$(E_EXE) $(LFLAGS) $(E_OBJ) $(L_LIBS) $(EX_LIBS)
diff --git a/ms/16all.bat b/ms/16all.bat
new file mode 100755
index 0000000000..e57e177177
--- /dev/null
+++ b/ms/16all.bat
@@ -0,0 +1,12 @@
+set OPTS=no_asm
+
+perl Configure VC-WIN16
+perl util\mk1mf.pl %OPTS% debug VC-WIN16 >d16.mak
+perl util\mk1mf.pl %OPTS% VC-WIN16 >16.mak
+perl util\mk1mf.pl %OPTS% debug dll VC-WIN16 >d16dll.mak
+perl util\mk1mf.pl %OPTS% dll VC-WIN16 >16dll.mak
+
+nmake -f d16.mak
+nmake -f 16.mak
+nmake -f d16dll.mak
+nmake -f 16dll.mak
diff --git a/ms/32all.bat b/ms/32all.bat
new file mode 100755
index 0000000000..088c942887
--- /dev/null
+++ b/ms/32all.bat
@@ -0,0 +1,12 @@
+set OPTS=no_asm
+
+perl Configure VC-WIN32
+perl util\mk1mf.pl %OPTS% debug VC-WIN32 >d32.mak
+perl util\mk1mf.pl %OPTS% VC-WIN32 >32.mak
+perl util\mk1mf.pl %OPTS% debug dll VC-WIN32 >d32dll.mak
+perl util\mk1mf.pl %OPTS% dll VC-WIN32 >32dll.mak
+
+nmake -f d32.mak
+nmake -f 32.mak
+nmake -f d32dll.mak
+nmake -f 32dll.mak
diff --git a/ms/certCA.srl b/ms/certCA.srl
index 60d3b2f4a4..d6b24041cf 100644
--- a/ms/certCA.srl
+++ b/ms/certCA.srl
@@ -1 +1 @@
-15
+19
diff --git a/ms/certCA.ss b/ms/certCA.ss
index 7ce37179dc..6bfccc7c48 100644
--- a/ms/certCA.ss
+++ b/ms/certCA.ss
@@ -1,10 +1,10 @@
 -----BEGIN CERTIFICATE-----
 MIIBXDCCAQYCAQAwDQYJKoZIhvcNAQEEBQAwOTELMAkGA1UEBhMCQVUxFzAVBgNV
-BAoTDkRvZGd5IEJyb3RoZXJzMREwDwYDVQQDEwhEb2RneSBDQTAeFw05NzA3MTkx
-MTA1MTFaFw05NzA4MTgxMTA1MTFaMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5E
+BAoTDkRvZGd5IEJyb3RoZXJzMREwDwYDVQQDEwhEb2RneSBDQTAeFw05NzExMjgw
+MDA3MzBaFw05NzEyMjgwMDA3MzBaMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5E
 b2RneSBCcm90aGVyczERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEF
-AANLADBIAkEA3dU4kgK/MVnr7Q3p+Nl5y1TRXPk5L9dNOJ0BoCjKC2wLXSzwcj5c
-Vx2X5WiIeDDH2Dt7AbDvtGhBLVOiq0LuuwIDAQABMA0GCSqGSIb3DQEBBAUAA0EA
-gT6uyZYLx1chz1oV3GnvlbUsWd1x1Y4UQ/KqIP3wr2Bh270CYlWZfm1xiHlQQ6Jf
-DPEMSzr1e1VcRUCT25z7KQ==
+AANLADBIAkEAwOKExbdfKLemEMGOKeBgqI3abJE9yzf3WhrPcQLRAyM85YPxk0DQ
+YWwhEh9i2BxGWYAZ7Krv1EqdsViCQBGuBQIDAQABMA0GCSqGSIb3DQEBBAUAA0EA
+VXYhZ1FnfBFIjHiYV8PD4uQuVJLhNa2q3cSWX1HTHfbrAPa/lMSUWuWcYwD3lBeb
+D69W77B0LqAfVajBQwbXkQ==
 -----END CERTIFICATE-----
diff --git a/ms/certU.ss b/ms/certU.ss
index 6166bf9de1..6a0302ed1d 100644
--- a/ms/certU.ss
+++ b/ms/certU.ss
@@ -1,10 +1,10 @@
 -----BEGIN CERTIFICATE-----
-MIIBcTCCARsCARQwDQYJKoZIhvcNAQEEBQAwOTELMAkGA1UEBhMCQVUxFzAVBgNV
-BAoTDkRvZGd5IEJyb3RoZXJzMREwDwYDVQQDEwhEb2RneSBDQTAeFw05NzA3MTkx
-MTA1MTZaFw05NzA4MTgxMTA1MTZaME4xCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5E
+MIIBcTCCARsCARgwDQYJKoZIhvcNAQEEBQAwOTELMAkGA1UEBhMCQVUxFzAVBgNV
+BAoTDkRvZGd5IEJyb3RoZXJzMREwDwYDVQQDEwhEb2RneSBDQTAeFw05NzExMjgw
+MDA3MzRaFw05NzEyMjgwMDA3MzRaME4xCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5E
 b2RneSBCcm90aGVyczESMBAGA1UEAxMJQnJvdGhlciAxMRIwEAYDVQQDEwlCcm90
-aGVyIDIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAxcxzGnflhfIiyt/ijc3WvWKK
-ajZOXnzKDmIo+ENc3Q16oJLkom0FdsYyVbYs9LEyHhApuurrLUH/odPyegqcAQID
-AQABMA0GCSqGSIb3DQEBBAUAA0EAlWvxkrsdbIUj3KSDqvMPYewgV1BAaluuYGCu
-TwllD+yfuZjSzOZbE0tQCigh2yhcGWRin6ngwd+wtxTAnaomMQ==
+aGVyIDIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAyfgRHCZvlyq9yiQisWmetnpb
+DZMhZB+HjuxQxp3gEpI7P8q5Z5tXIU5+OFAfIRkRdMGa/UK+NVg7AJ6UYyIR3wID
+AQABMA0GCSqGSIb3DQEBBAUAA0EAgH3htGAw6tMcZYANofqYr96RhjnxzCGZkUq3
+SH9thHUBywcXQo6BUpGxUXFExW4NA2f49OWQxf8kYrVAXHcCsA==
 -----END CERTIFICATE-----
diff --git a/ms/cipher.out b/ms/cipher.out
new file mode 100755
index 0000000000..2c73bb7d1c
--- /dev/null
+++ b/ms/cipher.out
@@ -0,0 +1,93 @@
+echo=off
+
+echo start testenc
+path=..\ms;%path%
+set ssleay=%1%
+set input=..\ms\testenc.bat
+set tmp1=..\ms\cipher.out
+set out1=..\ms\clear.out
+set cmp=perl ..\ms\cmp.pl
+
+call tenc.bat enc
+if errorlevel 1 goto err
+
+call tenc.bat rc4
+if errorlevel 1 goto err
+
+call tenc.bat des-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ecb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3
+if errorlevel 1 goto err
+
+call tenc.bat des-cbc
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-cbc
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-cbc
+if errorlevel 1 goto err
+
+call tenc.bat idea-ecb
+if errorlevel 1 goto err
+
+call tenc.bat idea-cfb
+if errorlevel 1 goto err
+
+call tenc.bat idea-ofb
+if errorlevel 1 goto err
+
+call tenc.bat idea-cbc
+if errorlevel 1 goto err
+
+call tenc.bat rc2-ecb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-cfb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-ofb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-cbc
+if errorlevel 1 goto err
+
+call tenc.bat bf-ecb
+if errorlevel 1 goto err
+
+call tenc.bat bf-cfb
+if errorlevel 1 goto err
+
+call tenc.bat bf-ofb
+if errorlevel 1 goto err
+
+call tenc.bat bf-cbc
+if errorlevel 1 goto err
+
+echo OK
+del %out1%
+del %tmp1%
+:err
+
diff --git a/ms/clear.out b/ms/clear.out
new file mode 100755
index 0000000000..2c73bb7d1c
--- /dev/null
+++ b/ms/clear.out
@@ -0,0 +1,93 @@
+echo=off
+
+echo start testenc
+path=..\ms;%path%
+set ssleay=%1%
+set input=..\ms\testenc.bat
+set tmp1=..\ms\cipher.out
+set out1=..\ms\clear.out
+set cmp=perl ..\ms\cmp.pl
+
+call tenc.bat enc
+if errorlevel 1 goto err
+
+call tenc.bat rc4
+if errorlevel 1 goto err
+
+call tenc.bat des-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ecb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3
+if errorlevel 1 goto err
+
+call tenc.bat des-cbc
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-cbc
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-cbc
+if errorlevel 1 goto err
+
+call tenc.bat idea-ecb
+if errorlevel 1 goto err
+
+call tenc.bat idea-cfb
+if errorlevel 1 goto err
+
+call tenc.bat idea-ofb
+if errorlevel 1 goto err
+
+call tenc.bat idea-cbc
+if errorlevel 1 goto err
+
+call tenc.bat rc2-ecb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-cfb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-ofb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-cbc
+if errorlevel 1 goto err
+
+call tenc.bat bf-ecb
+if errorlevel 1 goto err
+
+call tenc.bat bf-cfb
+if errorlevel 1 goto err
+
+call tenc.bat bf-ofb
+if errorlevel 1 goto err
+
+call tenc.bat bf-cbc
+if errorlevel 1 goto err
+
+echo OK
+del %out1%
+del %tmp1%
+:err
+
diff --git a/ms/keyCA.ss b/ms/keyCA.ss
index 6c007bdad1..9ed3e7dc46 100644
--- a/ms/keyCA.ss
+++ b/ms/keyCA.ss
@@ -1,9 +1,9 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIIBOwIBAAJBAN3VOJICvzFZ6+0N6fjZectU0Vz5OS/XTTidAaAoygtsC10s8HI+
-XFcdl+VoiHgwx9g7ewGw77RoQS1ToqtC7rsCAwEAAQJAECcKa3dPvKQzjZtJwhjz
-yV5vsDlldJpUwR6Nk7/kllgw4rK2AQJKVXqe6lAv8+P3Pny/XEtUe7YZ0Q/i1L23
-QQIhAP8cckDTFzyaP8O7Hy/SL70e8a8FbHbSl5keVIkNHL2pAiEA3psXWV+eruDd
-l9ERN9ARLqR5VehhnTLKIw+MhHKPH8MCIQCVXDBAZ9Z48s5WaF3v/51XmqBhmklQ
-oCeFzE4uF3E2UQIhAN3T92ScoOjsNGZBdMMFmNm+FRvCwuN/5Wci64hhELc5AiAd
-RjOJzXN5tfiPfl97WF0LCb1UXsL54/+2yI6hTg3xng==
+MIIBOwIBAAJBAMDihMW3Xyi3phDBjingYKiN2myRPcs391oaz3EC0QMjPOWD8ZNA
+0GFsIRIfYtgcRlmAGeyq79RKnbFYgkARrgUCAwEAAQJAGEWo/ZRoth/+Fse0kxJ4
+N126acURKJx/VOhgyFDZanJxxwhaXRRkZZfXgFP5StY2lAOrcuMnsDjc8XYNrvcE
+wQIhAOXcIp0eZfoPAAuhoQ2bd94dg8QX+8Hv38oJBUuduTs1AiEA1tHvlMrRC1dp
+mPUWooFaRFfadFvCMJy5ouGQ24bKMZECIB1YiHbEvcI6DghuHzCsi5Yo8HyljzfI
+VyrlEe8AePiNAiEAv6Hxpnsy9noZAlEIyxi3TKZOg2Rjm/gDhfDQx3S7pHECIQDC
+R6w+uHZzVJ50/kNh3mJow2W2+Rffkk2hcM4r5Sf4Vg==
 -----END RSA PRIVATE KEY-----
diff --git a/ms/keyU.ss b/ms/keyU.ss
index fad45f9467..ab62876195 100644
--- a/ms/keyU.ss
+++ b/ms/keyU.ss
@@ -1,9 +1,9 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAMXMcxp35YXyIsrf4o3N1r1iimo2Tl58yg5iKPhDXN0NeqCS5KJt
-BXbGMlW2LPSxMh4QKbrq6y1B/6HT8noKnAECAwEAAQJAVJ21z+jio36GK8vDG26n
-IrV5CR7aP8malrSfWjVXEKjm4BR5on5C+TuVeV67WgwIEtIuwyzRefQuBLnmtJsT
-UQIhAOhPQ4NjInS7vXTrvVM/cXEHj+gMN0yq1Lrijo6qM/QrAiEA2fg7mr8Erj86
-t5kM2/clEnA4lMNg2UnfMEkBbEyW/oMCIQClSUgq4kzwq2coGlaRNZGcLxo3qwFp
-fh5vfaSaYwUmEwIhALRkw/ezRY1sWQ0gBst5hF35MGq2NE5A3A1bLmlSDdk/AiEA
-kuVZHwwJIzGrCf9RqJ7CEHs4gPda3OeOiu0+f6M9dvc=
+MIIBOgIBAAJBAMn4ERwmb5cqvcokIrFpnrZ6Ww2TIWQfh47sUMad4BKSOz/KuWeb
+VyFOfjhQHyEZEXTBmv1CvjVYOwCelGMiEd8CAwEAAQJAEu/4orwT4Ie4bfi/bAUs
+RY3pdbdi/SFbs5IC7OymsvbqO/J5/6lTLKX/CFUvXjbpd922jfNMQzdalOfZ7R+K
+aQIhAP9DOq6eFRbNqzxxDadOOSLFEcWBZwzIX12zoPgxarPDAiEAyo1tF3zbU93G
+WQ1yjlhXYm07VdoZV0CUI6dKkB0ok7UCIEmiQhZHAbxfPcskrZSaiv7NrE+2AVz9
+nAzymTefQbFzAiAFCODmTY8yFXghrIjlauK5Kpfn+WTZ21wTSsw6qs7gZQIhAK2l
+vwdD73PZSW928dZ9VoV7Dh7Klflf6J+xrJIibP7z
 -----END RSA PRIVATE KEY-----
diff --git a/ms/libeay16.def b/ms/libeay16.def
index 9e036c5c6f..65bbad629e 100644
--- a/ms/libeay16.def
+++ b/ms/libeay16.def
@@ -21,6 +21,8 @@ EXPORTS
     _SSLeay_add_all_digests             @510
     _SSLeay_version                     @2
     _ASN1_BIT_STRING_asn1_meth          @3
+    _ASN1_BIT_STRING_get_bit            @1060
+    _ASN1_BIT_STRING_set_bit            @1061
     _ASN1_HEADER_free                   @4
     _ASN1_HEADER_new                    @5
     _ASN1_IA5STRING_asn1_meth           @6
@@ -40,12 +42,17 @@ EXPORTS
     _ASN1_STRING_type_new               @20
     _ASN1_TYPE_free                     @21
     _ASN1_TYPE_get                      @916
+    _ASN1_TYPE_get_int_octetstring      @1076
+    _ASN1_TYPE_get_octetstring          @1077
     _ASN1_TYPE_new                      @22
     _ASN1_TYPE_set                      @917
+    _ASN1_TYPE_set_int_octetstring      @1078
+    _ASN1_TYPE_set_octetstring          @1079
     _ASN1_UNIVERSALSTRING_to_string     @23
     _ASN1_UTCTIME_check                 @24
     _ASN1_UTCTIME_print                 @25
     _ASN1_UTCTIME_set                   @26
+    _ASN1_UTCTIME_set_string            @1080
     _ASN1_check_infinite_end            @27
     _ASN1_d2i_bio                       @28
     _ASN1_digest                        @30
@@ -59,6 +66,7 @@ EXPORTS
     _ASN1_verify                        @39
     _BF_cbc_encrypt                     @40
     _BF_cfb64_encrypt                   @41
+    _BF_decrypt                         @987
     _BF_ecb_encrypt                     @42
     _BF_encrypt                         @43
     _BF_ofb64_encrypt                   @44
@@ -67,7 +75,6 @@ EXPORTS
     _BIO_accept                         @51
     _BIO_copy_next_retry                @955
     _BIO_ctrl                           @52
-    _BIO_ctrl_int                       @53
     _BIO_debug_callback                 @54
     _BIO_dump                           @55
     _BIO_dup_chain                      @56
@@ -89,6 +96,8 @@ EXPORTS
     _BIO_get_retry_reason               @74
     _BIO_gethostbyname                  @75
     _BIO_gets                           @76
+    _BIO_ghbn_ctrl                      @1003
+    _BIO_int_ctrl                       @53
     _BIO_new                            @78
     _BIO_new_accept                     @79
     _BIO_new_connect                    @80
@@ -96,16 +105,16 @@ EXPORTS
     _BIO_new_socket                     @84
     _BIO_pop                            @85
     _BIO_printf                         @86
+    _BIO_ptr_ctrl                       @969
     _BIO_push                           @87
     _BIO_puts                           @88
     _BIO_read                           @89
     _BIO_s_accept                       @90
     _BIO_s_connect                      @91
     _BIO_s_fd                           @92
-    _BIO_s_file_internal_w16            @94
     _BIO_s_mem                          @95
     _BIO_s_null                         @96
-    _BIO_s_socket                       @99
+    _BIO_s_socket                       @98
     _BIO_set                            @100
     _BIO_set_cipher                     @101
     _BIO_set_tcp_ndelay                 @102
@@ -116,6 +125,11 @@ EXPORTS
     _BIO_sock_should_retry              @107
     _BIO_socket_ioctl                   @108
     _BIO_write                          @109
+    _BN_BLINDING_convert                @973
+    _BN_BLINDING_free                   @981
+    _BN_BLINDING_invert                 @974
+    _BN_BLINDING_new                    @980
+    _BN_BLINDING_update                 @975
     _BN_CTX_free                        @110
     _BN_CTX_new                         @111
     _BN_MONT_CTX_free                   @112
@@ -123,23 +137,27 @@ EXPORTS
     _BN_MONT_CTX_set                    @114
     _BN_add                             @115
     _BN_add_word                        @116
-    _BN_ascii2bn                        @117
     _BN_bin2bn                          @118
-    _BN_bn2ascii                        @119
     _BN_bn2bin                          @120
+    _BN_bn2dec                          @1002
+    _BN_bn2hex                          @119
+    _BN_bn2mpi                          @1058
     _BN_clear                           @121
     _BN_clear_bit                       @122
     _BN_clear_free                      @123
     _BN_cmp                             @124
     _BN_copy                            @125
+    _BN_dec2bn                          @1001
     _BN_div                             @126
     _BN_div_word                        @127
     _BN_dup                             @128
+    _BN_exp                             @998
     _BN_free                            @129
     _BN_from_montgomery                 @130
     _BN_gcd                             @131
     _BN_generate_prime                  @132
     _BN_get_word                        @133
+    _BN_hex2bn                          @117
     _BN_is_bit_set                      @134
     _BN_is_prime                        @135
     _BN_lshift                          @136
@@ -155,7 +173,9 @@ EXPORTS
     _BN_mod_mul_montgomery              @146
     _BN_mod_mul_reciprocal              @147
     _BN_mod_word                        @148
+    _BN_mpi2bn                          @1059
     _BN_mul                             @149
+    _BN_mul_word                        @999
     _BN_new                             @150
     _BN_num_bits                        @151
     _BN_num_bits_word                   @152
@@ -169,6 +189,7 @@ EXPORTS
     _BN_set_word                        @161
     _BN_sqr                             @162
     _BN_sub                             @163
+    _BN_sub_word                        @1000
     _BN_to_ASN1_INTEGER                 @164
     _BN_ucmp                            @165
     _BN_value_one                       @166
@@ -176,6 +197,13 @@ EXPORTS
     _BUF_MEM_grow                       @168
     _BUF_MEM_new                        @169
     _BUF_strdup                         @170
+    _CAST_cbc_encrypt                   @992
+    _CAST_cfb64_encrypt                 @993
+    _CAST_decrypt                       @990
+    _CAST_ecb_encrypt                   @991
+    _CAST_encrypt                       @989
+    _CAST_ofb64_encrypt                 @994
+    _CAST_set_key                       @988
     _CONF_free                          @171
     _CONF_get_number                    @172
     _CONF_get_section                   @173
@@ -186,20 +214,27 @@ EXPORTS
     _CRYPTO_dbg_malloc                  @178
     _CRYPTO_dbg_realloc                 @179
     _CRYPTO_dbg_remalloc                @180
+    _CRYPTO_dup_ex_data                 @1025
     _CRYPTO_free                        @181
+    _CRYPTO_free_ex_data                @1004
     _CRYPTO_get_add_lock_callback       @182
+    _CRYPTO_get_ex_data                 @1005
+    _CRYPTO_get_ex_new_index            @1041
     _CRYPTO_get_id_callback             @183
     _CRYPTO_get_lock_name               @184
     _CRYPTO_get_locking_callback        @185
     _CRYPTO_get_mem_functions           @186
+    _CRYPTO_get_new_lockid              @1026
     _CRYPTO_lock                        @187
     _CRYPTO_malloc                      @188
     _CRYPTO_mem_ctrl                    @189
     _CRYPTO_mem_leaks                   @190
     _CRYPTO_mem_leaks_cb                @191
+    _CRYPTO_new_ex_data                 @1027
     _CRYPTO_realloc                     @193
     _CRYPTO_remalloc                    @194
     _CRYPTO_set_add_lock_callback       @195
+    _CRYPTO_set_ex_data                 @1007
     _CRYPTO_set_id_callback             @196
     _CRYPTO_set_locking_callback        @197
     _CRYPTO_set_mem_functions           @198
@@ -223,6 +258,7 @@ EXPORTS
     _DSA_size                           @218
     _DSA_verify                         @219
     _DSAparams_print                    @220
+    _ERR_add_error_data                 @1081
     _ERR_clear_error                    @222
     _ERR_error_string                   @223
     _ERR_free_strings                   @224
@@ -230,6 +266,7 @@ EXPORTS
     _ERR_get_err_state_table            @226
     _ERR_get_error                      @227
     _ERR_get_error_line                 @228
+    _ERR_get_next_error_library         @966
     _ERR_get_state                      @229
     _ERR_get_string_table               @230
     _ERR_lib_error_string               @231
@@ -238,6 +275,7 @@ EXPORTS
     _ERR_load_BN_strings                @234
     _ERR_load_BUF_strings               @235
     _ERR_load_CONF_strings              @236
+    _ERR_load_CRYPTOlib_strings         @1009
     _ERR_load_DH_strings                @237
     _ERR_load_DSA_strings               @238
     _ERR_load_ERR_strings               @239
@@ -255,8 +293,14 @@ EXPORTS
     _ERR_put_error                      @252
     _ERR_reason_error_string            @253
     _ERR_remove_state                   @254
+    _ERR_set_error_data                 @1082
     _EVP_BytesToKey                     @255
     _EVP_CIPHER_CTX_cleanup             @256
+    _EVP_CIPHER_CTX_init                @961
+    _EVP_CIPHER_asn1_to_param           @1083
+    _EVP_CIPHER_get_asn1_iv             @1085
+    _EVP_CIPHER_param_to_asn1           @1084
+    _EVP_CIPHER_set_asn1_iv             @1086
     _EVP_CipherFinal                    @257
     _EVP_CipherInit                     @258
     _EVP_CipherUpdate                   @259
@@ -280,7 +324,11 @@ EXPORTS
     _EVP_OpenFinal                      @277
     _EVP_OpenInit                       @278
     _EVP_PKEY_assign                    @279
+    _EVP_PKEY_bits                      @1010
+    _EVP_PKEY_cmp_parameters            @967
     _EVP_PKEY_copy_parameters           @280
+    _EVP_PKEY_decrypt                   @1070
+    _EVP_PKEY_encrypt                   @1071
     _EVP_PKEY_free                      @281
     _EVP_PKEY_missing_parameters        @282
     _EVP_PKEY_new                       @283
@@ -298,6 +346,10 @@ EXPORTS
     _EVP_bf_cfb                         @295
     _EVP_bf_ecb                         @296
     _EVP_bf_ofb                         @297
+    _EVP_cast5_cbc                      @983
+    _EVP_cast5_cfb                      @984
+    _EVP_cast5_ecb                      @985
+    _EVP_cast5_ofb                      @986
     _EVP_cleanup                        @298
     _EVP_delete_alias                   @941
     _EVP_des_cbc                        @299
@@ -327,15 +379,26 @@ EXPORTS
     _EVP_md5                            @323
     _EVP_md_null                        @324
     _EVP_mdc2                           @942
+    _EVP_rc2_40_cbc                     @959
     _EVP_rc2_cbc                        @325
     _EVP_rc2_cfb                        @326
     _EVP_rc2_ecb                        @327
     _EVP_rc2_ofb                        @328
     _EVP_rc4                            @329
+    _EVP_rc4_40                         @960
+    _EVP_rc5_32_12_16_cbc               @1087
+    _EVP_rc5_32_12_16_cfb               @1088
+    _EVP_rc5_32_12_16_ecb               @1089
+    _EVP_rc5_32_12_16_ofb               @1090
     _EVP_read_pw_string                 @330
     _EVP_set_pw_prompt                  @331
     _EVP_sha                            @332
     _EVP_sha1                           @333
+    _HMAC                               @962
+    _HMAC_Final                         @965
+    _HMAC_Init                          @963
+    _HMAC_Update                        @964
+    _HMAC_cleanup                       @968
     _MD2                                @334
     _MD2_Final                          @335
     _MD2_Init                           @336
@@ -344,6 +407,7 @@ EXPORTS
     _MD5                                @339
     _MD5_Final                          @340
     _MD5_Init                           @341
+    _MD5_Transform                      @1011
     _MD5_Update                         @342
     _MDC2                               @343
     _MDC2_Final                         @344
@@ -359,7 +423,8 @@ EXPORTS
     _OBJ_bsearch                        @354
     _OBJ_cleanup                        @355
     _OBJ_cmp                            @356
-    _OBJ_create_and_add_object          @357
+    _OBJ_create                         @357
+    _OBJ_create_objects                 @997
     _OBJ_dup                            @358
     _OBJ_ln2nid                         @359
     _OBJ_new_nid                        @360
@@ -388,7 +453,7 @@ EXPORTS
     _PEM_read_bio_PKCS7                 @398
     _PEM_read_bio_PrivateKey            @399
     _PEM_read_bio_RSAPrivateKey         @400
-    _PEM_read_bio_RSAPublicKey          @948
+    _PEM_read_bio_RSAPublicKey          @943
     _PEM_read_bio_X509                  @401
     _PEM_read_bio_X509_CRL              @402
     _PEM_read_bio_X509_REQ              @403
@@ -399,7 +464,7 @@ EXPORTS
     _PEM_write_bio_PKCS7                @418
     _PEM_write_bio_PrivateKey           @419
     _PEM_write_bio_RSAPrivateKey        @420
-    _PEM_write_bio_RSAPublicKey         @950
+    _PEM_write_bio_RSAPublicKey         @944
     _PEM_write_bio_X509                 @421
     _PEM_write_bio_X509_CRL             @422
     _PEM_write_bio_X509_REQ             @423
@@ -416,6 +481,7 @@ EXPORTS
     _PKCS7_ISSUER_AND_SERIAL_new        @434
     _PKCS7_RECIP_INFO_free              @435
     _PKCS7_RECIP_INFO_new               @436
+    _PKCS7_RECIP_INFO_set               @1072
     _PKCS7_SIGNED_free                  @437
     _PKCS7_SIGNED_new                   @438
     _PKCS7_SIGNER_INFO_free             @439
@@ -425,6 +491,8 @@ EXPORTS
     _PKCS7_SIGN_ENVELOPE_new            @442
     _PKCS7_add_certificate              @932
     _PKCS7_add_crl                      @933
+    _PKCS7_add_recipient                @1073
+    _PKCS7_add_recipient_info           @1074
     _PKCS7_add_signature                @938
     _PKCS7_add_signer                   @931
     _PKCS7_cert_from_signer_info        @939
@@ -434,10 +502,11 @@ EXPORTS
     _PKCS7_dataInit                     @937
     _PKCS7_dataSign                     @935
     _PKCS7_dataVerify                   @936
-    _PKCS7_dup                          @924
+    _PKCS7_dup                          @443
     _PKCS7_free                         @444
     _PKCS7_get_signer_info              @940
     _PKCS7_new                          @445
+    _PKCS7_set_cipher                   @1075
     _PKCS7_set_content                  @929
     _PKCS7_set_type                     @928
     _RAND_bytes                         @464
@@ -449,6 +518,7 @@ EXPORTS
     _RAND_write_file                    @470
     _RC2_cbc_encrypt                    @471
     _RC2_cfb64_encrypt                  @472
+    _RC2_decrypt                        @995
     _RC2_ecb_encrypt                    @473
     _RC2_encrypt                        @474
     _RC2_ofb64_encrypt                  @475
@@ -456,20 +526,46 @@ EXPORTS
     _RC4                                @477
     _RC4_options                        @478
     _RC4_set_key                        @479
+    _RC5_32_cbc_encrypt                 @1051
+    _RC5_32_cfb64_encrypt               @1052
+    _RC5_32_decrypt                     @1050
+    _RC5_32_ecb_encrypt                 @1048
+    _RC5_32_encrypt                     @1049
+    _RC5_32_ofb64_encrypt               @1053
+    _RC5_32_set_key                     @1047
+    _RIPEMD160                          @1045
+    _RIPEMD160_Final                    @1044
+    _RIPEMD160_Init                     @1042
+    _RIPEMD160_Transform                @1046
+    _RIPEMD160_Update                   @1043
     _RSAPrivateKey_asn1_meth            @480
     _RSAPrivateKey_dup                  @481
     _RSAPublicKey_dup                   @482
     _RSA_PKCS1_SSLeay                   @483
+    _RSA_blinding_off                   @978
+    _RSA_blinding_on                    @977
+    _RSA_flags                          @956
     _RSA_free                           @484
     _RSA_generate_key                   @485
+    _RSA_get_ex_data                    @1029
+    _RSA_get_ex_new_index               @1030
     _RSA_new                            @486
     _RSA_new_method                     @487
+    _RSA_padding_add_PKCS1_type_1       @1031
+    _RSA_padding_add_PKCS1_type_2       @1032
+    _RSA_padding_add_SSLv23             @1033
+    _RSA_padding_add_none               @1034
+    _RSA_padding_check_PKCS1_type_1     @1035
+    _RSA_padding_check_PKCS1_type_2     @1036
+    _RSA_padding_check_SSLv23           @1037
+    _RSA_padding_check_none             @1038
     _RSA_print                          @488
     _RSA_private_decrypt                @490
     _RSA_private_encrypt                @491
     _RSA_public_decrypt                 @492
     _RSA_public_encrypt                 @493
     _RSA_set_default_method             @494
+    _RSA_set_ex_data                    @1028
     _RSA_sign                           @495
     _RSA_sign_ASN1_OCTET_STRING         @496
     _RSA_size                           @497
@@ -479,9 +575,11 @@ EXPORTS
     _SHA1                               @501
     _SHA1_Final                         @502
     _SHA1_Init                          @503
+    _SHA1_Transform                     @1012
     _SHA1_Update                        @504
     _SHA_Final                          @505
     _SHA_Init                           @506
+    _SHA_Transform                      @1013
     _SHA_Update                         @507
     _TXT_DB_create_index                @511
     _TXT_DB_free                        @512
@@ -594,8 +692,18 @@ EXPORTS
     _X509_SIG_free                      @620
     _X509_SIG_new                       @621
     _X509_STORE_CTX_cleanup             @622
+    _X509_STORE_CTX_get_chain           @1014
+    _X509_STORE_CTX_get_current_cert    @1015
+    _X509_STORE_CTX_get_error           @1016
+    _X509_STORE_CTX_get_error_depth     @1017
+    _X509_STORE_CTX_get_ex_data         @1018
     _X509_STORE_CTX_init                @623
+    _X509_STORE_CTX_set_cert            @1020
+    _X509_STORE_CTX_set_chain           @1021
+    _X509_STORE_CTX_set_error           @1022
+    _X509_STORE_CTX_set_ex_data         @1023
     _X509_STORE_add_cert                @624
+    _X509_STORE_add_crl                 @957
     _X509_STORE_add_lookup              @625
     _X509_STORE_free                    @626
     _X509_STORE_get_by_subject          @627
@@ -637,6 +745,7 @@ EXPORTS
     _X509_issuer_name_cmp               @661
     _X509_issuer_name_hash              @662
     _X509_load_cert_file                @663
+    _X509_load_crl_file                 @958
     _X509_new                           @664
     _X509_print                         @665
     _X509_set_issuer_name               @667
@@ -675,10 +784,12 @@ EXPORTS
     _a2i_ASN1_STRING                    @701
     _asn1_Finish                        @702
     _asn1_GetSequence                   @703
+    _asn1_add_error                     @1091
+    _bn_add_words                       @1039
     _bn_div64                           @704
     _bn_expand2                         @705
-    _bn_mul_add_word                    @706
-    _bn_mul_word                        @707
+    _bn_mul_add_words                   @706
+    _bn_mul_words                       @707
     _bn_qadd                            @708
     _bn_qsub                            @709
     _bn_sqr_words                       @710
@@ -706,6 +817,7 @@ EXPORTS
     _d2i_NETSCAPE_SPKAC                 @733
     _d2i_NETSCAPE_SPKI                  @734
     _d2i_Netscape_RSA                   @735
+    _d2i_Netscape_RSA_2                 @1040
     _d2i_PKCS7                          @736
     _d2i_PKCS7_DIGEST                   @737
     _d2i_PKCS7_ENCRYPT                  @738
@@ -716,13 +828,13 @@ EXPORTS
     _d2i_PKCS7_SIGNED                   @743
     _d2i_PKCS7_SIGNER_INFO              @744
     _d2i_PKCS7_SIGN_ENVELOPE            @745
-    _d2i_PKCS7_bio                      @925
+    _d2i_PKCS7_bio                      @746
     _d2i_PrivateKey                     @748
     _d2i_PublicKey                      @749
     _d2i_RSAPrivateKey                  @750
     _d2i_RSAPrivateKey_bio              @751
     _d2i_RSAPublicKey                   @753
-    _d2i_RSAPublicKey_bio               @951
+    _d2i_RSAPublicKey_bio               @945
     _d2i_X509                           @754
     _d2i_X509_ALGOR                     @755
     _d2i_X509_ATTRIBUTE                 @756
@@ -742,7 +854,6 @@ EXPORTS
     _d2i_X509_SIG                       @772
     _d2i_X509_VAL                       @773
     _d2i_X509_bio                       @774
-    _des_3cbc_encrypt                   @776
     _des_cbc_cksum                      @777
     _des_cbc_encrypt                    @778
     _des_cblock_print_file              @779
@@ -813,13 +924,13 @@ EXPORTS
     _i2d_PKCS7_SIGNED                   @846
     _i2d_PKCS7_SIGNER_INFO              @847
     _i2d_PKCS7_SIGN_ENVELOPE            @848
-    _i2d_PKCS7_bio                      @926
+    _i2d_PKCS7_bio                      @849
     _i2d_PrivateKey                     @851
     _i2d_PublicKey                      @852
     _i2d_RSAPrivateKey                  @853
     _i2d_RSAPrivateKey_bio              @854
     _i2d_RSAPublicKey                   @856
-    _i2d_RSAPublicKey_bio               @953
+    _i2d_RSAPublicKey_bio               @946
     _i2d_X509                           @857
     _i2d_X509_ALGOR                     @858
     _i2d_X509_ATTRIBUTE                 @859
@@ -839,6 +950,7 @@ EXPORTS
     _i2d_X509_SIG                       @875
     _i2d_X509_VAL                       @876
     _i2d_X509_bio                       @877
+    _i2t_ASN1_OBJECT                    @979
     _idea_cbc_encrypt                   @879
     _idea_cfb64_encrypt                 @880
     _idea_ecb_encrypt                   @881
diff --git a/ms/libeay32.def b/ms/libeay32.def
index 26595fcae8..196c52216e 100644
--- a/ms/libeay32.def
+++ b/ms/libeay32.def
@@ -13,6 +13,8 @@ EXPORTS
     SSLeay_add_all_digests             @510
     SSLeay_version                     @2
     ASN1_BIT_STRING_asn1_meth          @3
+    ASN1_BIT_STRING_get_bit            @1060
+    ASN1_BIT_STRING_set_bit            @1061
     ASN1_HEADER_free                   @4
     ASN1_HEADER_new                    @5
     ASN1_IA5STRING_asn1_meth           @6
@@ -32,12 +34,17 @@ EXPORTS
     ASN1_STRING_type_new               @20
     ASN1_TYPE_free                     @21
     ASN1_TYPE_get                      @916
+    ASN1_TYPE_get_int_octetstring      @1076
+    ASN1_TYPE_get_octetstring          @1077
     ASN1_TYPE_new                      @22
     ASN1_TYPE_set                      @917
+    ASN1_TYPE_set_int_octetstring      @1078
+    ASN1_TYPE_set_octetstring          @1079
     ASN1_UNIVERSALSTRING_to_string     @23
     ASN1_UTCTIME_check                 @24
     ASN1_UTCTIME_print                 @25
     ASN1_UTCTIME_set                   @26
+    ASN1_UTCTIME_set_string            @1080
     ASN1_check_infinite_end            @27
     ASN1_d2i_bio                       @28
     ASN1_d2i_fp                        @29
@@ -53,6 +60,7 @@ EXPORTS
     ASN1_verify                        @39
     BF_cbc_encrypt                     @40
     BF_cfb64_encrypt                   @41
+    BF_decrypt                         @987
     BF_ecb_encrypt                     @42
     BF_encrypt                         @43
     BF_ofb64_encrypt                   @44
@@ -61,7 +69,6 @@ EXPORTS
     BIO_accept                         @51
     BIO_copy_next_retry                @955
     BIO_ctrl                           @52
-    BIO_ctrl_int                       @53
     BIO_debug_callback                 @54
     BIO_dump                           @55
     BIO_dup_chain                      @56
@@ -83,6 +90,8 @@ EXPORTS
     BIO_get_retry_reason               @74
     BIO_gethostbyname                  @75
     BIO_gets                           @76
+    BIO_ghbn_ctrl                      @1003
+    BIO_int_ctrl                       @53
     BIO_new                            @78
     BIO_new_accept                     @79
     BIO_new_connect                    @80
@@ -92,6 +101,7 @@ EXPORTS
     BIO_new_socket                     @84
     BIO_pop                            @85
     BIO_printf                         @86
+    BIO_ptr_ctrl                       @969
     BIO_push                           @87
     BIO_puts                           @88
     BIO_read                           @89
@@ -101,7 +111,7 @@ EXPORTS
     BIO_s_file                         @93
     BIO_s_mem                          @95
     BIO_s_null                         @96
-    BIO_s_socket                       @99
+    BIO_s_socket                       @98
     BIO_set                            @100
     BIO_set_cipher                     @101
     BIO_set_tcp_ndelay                 @102
@@ -112,6 +122,11 @@ EXPORTS
     BIO_sock_should_retry              @107
     BIO_socket_ioctl                   @108
     BIO_write                          @109
+    BN_BLINDING_convert                @973
+    BN_BLINDING_free                   @981
+    BN_BLINDING_invert                 @974
+    BN_BLINDING_new                    @980
+    BN_BLINDING_update                 @975
     BN_CTX_free                        @110
     BN_CTX_new                         @111
     BN_MONT_CTX_free                   @112
@@ -119,23 +134,27 @@ EXPORTS
     BN_MONT_CTX_set                    @114
     BN_add                             @115
     BN_add_word                        @116
-    BN_ascii2bn                        @117
     BN_bin2bn                          @118
-    BN_bn2ascii                        @119
     BN_bn2bin                          @120
+    BN_bn2dec                          @1002
+    BN_bn2hex                          @119
+    BN_bn2mpi                          @1058
     BN_clear                           @121
     BN_clear_bit                       @122
     BN_clear_free                      @123
     BN_cmp                             @124
     BN_copy                            @125
+    BN_dec2bn                          @1001
     BN_div                             @126
     BN_div_word                        @127
     BN_dup                             @128
+    BN_exp                             @998
     BN_free                            @129
     BN_from_montgomery                 @130
     BN_gcd                             @131
     BN_generate_prime                  @132
     BN_get_word                        @133
+    BN_hex2bn                          @117
     BN_is_bit_set                      @134
     BN_is_prime                        @135
     BN_lshift                          @136
@@ -151,7 +170,9 @@ EXPORTS
     BN_mod_mul_montgomery              @146
     BN_mod_mul_reciprocal              @147
     BN_mod_word                        @148
+    BN_mpi2bn                          @1059
     BN_mul                             @149
+    BN_mul_word                        @999
     BN_new                             @150
     BN_num_bits                        @151
     BN_num_bits_word                   @152
@@ -166,6 +187,7 @@ EXPORTS
     BN_set_word                        @161
     BN_sqr                             @162
     BN_sub                             @163
+    BN_sub_word                        @1000
     BN_to_ASN1_INTEGER                 @164
     BN_ucmp                            @165
     BN_value_one                       @166
@@ -173,6 +195,13 @@ EXPORTS
     BUF_MEM_grow                       @168
     BUF_MEM_new                        @169
     BUF_strdup                         @170
+    CAST_cbc_encrypt                   @992
+    CAST_cfb64_encrypt                 @993
+    CAST_decrypt                       @990
+    CAST_ecb_encrypt                   @991
+    CAST_encrypt                       @989
+    CAST_ofb64_encrypt                 @994
+    CAST_set_key                       @988
     CONF_free                          @171
     CONF_get_number                    @172
     CONF_get_section                   @173
@@ -183,21 +212,28 @@ EXPORTS
     CRYPTO_dbg_malloc                  @178
     CRYPTO_dbg_realloc                 @179
     CRYPTO_dbg_remalloc                @180
+    CRYPTO_dup_ex_data                 @1025
     CRYPTO_free                        @181
+    CRYPTO_free_ex_data                @1004
     CRYPTO_get_add_lock_callback       @182
+    CRYPTO_get_ex_data                 @1005
+    CRYPTO_get_ex_new_index            @1041
     CRYPTO_get_id_callback             @183
     CRYPTO_get_lock_name               @184
     CRYPTO_get_locking_callback        @185
     CRYPTO_get_mem_functions           @186
+    CRYPTO_get_new_lockid              @1026
     CRYPTO_lock                        @187
     CRYPTO_malloc                      @188
     CRYPTO_mem_ctrl                    @189
     CRYPTO_mem_leaks                   @190
     CRYPTO_mem_leaks_cb                @191
     CRYPTO_mem_leaks_fp                @192
+    CRYPTO_new_ex_data                 @1027
     CRYPTO_realloc                     @193
     CRYPTO_remalloc                    @194
     CRYPTO_set_add_lock_callback       @195
+    CRYPTO_set_ex_data                 @1007
     CRYPTO_set_id_callback             @196
     CRYPTO_set_locking_callback        @197
     CRYPTO_set_mem_functions           @198
@@ -224,6 +260,7 @@ EXPORTS
     DSA_verify                         @219
     DSAparams_print                    @220
     DSAparams_print_fp                 @221
+    ERR_add_error_data                 @1081
     ERR_clear_error                    @222
     ERR_error_string                   @223
     ERR_free_strings                   @224
@@ -231,6 +268,7 @@ EXPORTS
     ERR_get_err_state_table            @226
     ERR_get_error                      @227
     ERR_get_error_line                 @228
+    ERR_get_next_error_library         @966
     ERR_get_state                      @229
     ERR_get_string_table               @230
     ERR_lib_error_string               @231
@@ -239,6 +277,7 @@ EXPORTS
     ERR_load_BN_strings                @234
     ERR_load_BUF_strings               @235
     ERR_load_CONF_strings              @236
+    ERR_load_CRYPTO_strings            @1009
     ERR_load_DH_strings                @237
     ERR_load_DSA_strings               @238
     ERR_load_ERR_strings               @239
@@ -257,8 +296,14 @@ EXPORTS
     ERR_put_error                      @252
     ERR_reason_error_string            @253
     ERR_remove_state                   @254
+    ERR_set_error_data                 @1082
     EVP_BytesToKey                     @255
     EVP_CIPHER_CTX_cleanup             @256
+    EVP_CIPHER_CTX_init                @961
+    EVP_CIPHER_asn1_to_param           @1083
+    EVP_CIPHER_get_asn1_iv             @1085
+    EVP_CIPHER_param_to_asn1           @1084
+    EVP_CIPHER_set_asn1_iv             @1086
     EVP_CipherFinal                    @257
     EVP_CipherInit                     @258
     EVP_CipherUpdate                   @259
@@ -282,7 +327,11 @@ EXPORTS
     EVP_OpenFinal                      @277
     EVP_OpenInit                       @278
     EVP_PKEY_assign                    @279
+    EVP_PKEY_bits                      @1010
+    EVP_PKEY_cmp_parameters            @967
     EVP_PKEY_copy_parameters           @280
+    EVP_PKEY_decrypt                   @1070
+    EVP_PKEY_encrypt                   @1071
     EVP_PKEY_free                      @281
     EVP_PKEY_missing_parameters        @282
     EVP_PKEY_new                       @283
@@ -300,6 +349,10 @@ EXPORTS
     EVP_bf_cfb                         @295
     EVP_bf_ecb                         @296
     EVP_bf_ofb                         @297
+    EVP_cast5_cbc                      @983
+    EVP_cast5_cfb                      @984
+    EVP_cast5_ecb                      @985
+    EVP_cast5_ofb                      @986
     EVP_cleanup                        @298
     EVP_delete_alias                   @941
     EVP_des_cbc                        @299
@@ -329,15 +382,26 @@ EXPORTS
     EVP_md5                            @323
     EVP_md_null                        @324
     EVP_mdc2                           @942
+    EVP_rc2_40_cbc                     @959
     EVP_rc2_cbc                        @325
     EVP_rc2_cfb                        @326
     EVP_rc2_ecb                        @327
     EVP_rc2_ofb                        @328
     EVP_rc4                            @329
+    EVP_rc4_40                         @960
+    EVP_rc5_32_12_16_cbc               @1087
+    EVP_rc5_32_12_16_cfb               @1088
+    EVP_rc5_32_12_16_ecb               @1089
+    EVP_rc5_32_12_16_ofb               @1090
     EVP_read_pw_string                 @330
     EVP_set_pw_prompt                  @331
     EVP_sha                            @332
     EVP_sha1                           @333
+    HMAC                               @962
+    HMAC_Final                         @965
+    HMAC_Init                          @963
+    HMAC_Update                        @964
+    HMAC_cleanup                       @968
     MD2                                @334
     MD2_Final                          @335
     MD2_Init                           @336
@@ -346,6 +410,7 @@ EXPORTS
     MD5                                @339
     MD5_Final                          @340
     MD5_Init                           @341
+    MD5_Transform                      @1011
     MD5_Update                         @342
     MDC2                               @343
     MDC2_Final                         @344
@@ -361,7 +426,8 @@ EXPORTS
     OBJ_bsearch                        @354
     OBJ_cleanup                        @355
     OBJ_cmp                            @356
-    OBJ_create_and_add_object          @357
+    OBJ_create                         @357
+    OBJ_create_objects                 @997
     OBJ_dup                            @358
     OBJ_ln2nid                         @359
     OBJ_new_nid                        @360
@@ -404,7 +470,7 @@ EXPORTS
     PEM_read_bio_PKCS7                 @398
     PEM_read_bio_PrivateKey            @399
     PEM_read_bio_RSAPrivateKey         @400
-    PEM_read_bio_RSAPublicKey          @948
+    PEM_read_bio_RSAPublicKey          @943
     PEM_read_bio_X509                  @401
     PEM_read_bio_X509_CRL              @402
     PEM_read_bio_X509_REQ              @403
@@ -426,7 +492,7 @@ EXPORTS
     PEM_write_bio_PKCS7                @418
     PEM_write_bio_PrivateKey           @419
     PEM_write_bio_RSAPrivateKey        @420
-    PEM_write_bio_RSAPublicKey         @950
+    PEM_write_bio_RSAPublicKey         @944
     PEM_write_bio_X509                 @421
     PEM_write_bio_X509_CRL             @422
     PEM_write_bio_X509_REQ             @423
@@ -443,6 +509,7 @@ EXPORTS
     PKCS7_ISSUER_AND_SERIAL_new        @434
     PKCS7_RECIP_INFO_free              @435
     PKCS7_RECIP_INFO_new               @436
+    PKCS7_RECIP_INFO_set               @1072
     PKCS7_SIGNED_free                  @437
     PKCS7_SIGNED_new                   @438
     PKCS7_SIGNER_INFO_free             @439
@@ -452,6 +519,8 @@ EXPORTS
     PKCS7_SIGN_ENVELOPE_new            @442
     PKCS7_add_certificate              @932
     PKCS7_add_crl                      @933
+    PKCS7_add_recipient                @1073
+    PKCS7_add_recipient_info           @1074
     PKCS7_add_signature                @938
     PKCS7_add_signer                   @931
     PKCS7_cert_from_signer_info        @939
@@ -461,10 +530,11 @@ EXPORTS
     PKCS7_dataInit                     @937
     PKCS7_dataSign                     @935
     PKCS7_dataVerify                   @936
-    PKCS7_dup                          @924
+    PKCS7_dup                          @443
     PKCS7_free                         @444
     PKCS7_get_signer_info              @940
     PKCS7_new                          @445
+    PKCS7_set_cipher                   @1075
     PKCS7_set_content                  @929
     PKCS7_set_type                     @928
     RAND_bytes                         @464
@@ -476,6 +546,7 @@ EXPORTS
     RAND_write_file                    @470
     RC2_cbc_encrypt                    @471
     RC2_cfb64_encrypt                  @472
+    RC2_decrypt                        @995
     RC2_ecb_encrypt                    @473
     RC2_encrypt                        @474
     RC2_ofb64_encrypt                  @475
@@ -483,14 +554,39 @@ EXPORTS
     RC4                                @477
     RC4_options                        @478
     RC4_set_key                        @479
+    RC5_32_cbc_encrypt                 @1051
+    RC5_32_cfb64_encrypt               @1052
+    RC5_32_decrypt                     @1050
+    RC5_32_ecb_encrypt                 @1048
+    RC5_32_encrypt                     @1049
+    RC5_32_ofb64_encrypt               @1053
+    RC5_32_set_key                     @1047
+    RIPEMD160                          @1045
+    RIPEMD160_Final                    @1044
+    RIPEMD160_Init                     @1042
+    RIPEMD160_Transform                @1046
+    RIPEMD160_Update                   @1043
     RSAPrivateKey_asn1_meth            @480
     RSAPrivateKey_dup                  @481
     RSAPublicKey_dup                   @482
     RSA_PKCS1_SSLeay                   @483
+    RSA_blinding_off                   @978
+    RSA_blinding_on                    @977
+    RSA_flags                          @956
     RSA_free                           @484
     RSA_generate_key                   @485
+    RSA_get_ex_data                    @1029
+    RSA_get_ex_new_index               @1030
     RSA_new                            @486
     RSA_new_method                     @487
+    RSA_padding_add_PKCS1_type_1       @1031
+    RSA_padding_add_PKCS1_type_2       @1032
+    RSA_padding_add_SSLv23             @1033
+    RSA_padding_add_none               @1034
+    RSA_padding_check_PKCS1_type_1     @1035
+    RSA_padding_check_PKCS1_type_2     @1036
+    RSA_padding_check_SSLv23           @1037
+    RSA_padding_check_none             @1038
     RSA_print                          @488
     RSA_print_fp                       @489
     RSA_private_decrypt                @490
@@ -498,6 +594,7 @@ EXPORTS
     RSA_public_decrypt                 @492
     RSA_public_encrypt                 @493
     RSA_set_default_method             @494
+    RSA_set_ex_data                    @1028
     RSA_sign                           @495
     RSA_sign_ASN1_OCTET_STRING         @496
     RSA_size                           @497
@@ -507,9 +604,11 @@ EXPORTS
     SHA1                               @501
     SHA1_Final                         @502
     SHA1_Init                          @503
+    SHA1_Transform                     @1012
     SHA1_Update                        @504
     SHA_Final                          @505
     SHA_Init                           @506
+    SHA_Transform                      @1013
     SHA_Update                         @507
     TXT_DB_create_index                @511
     TXT_DB_free                        @512
@@ -623,8 +722,18 @@ EXPORTS
     X509_SIG_free                      @620
     X509_SIG_new                       @621
     X509_STORE_CTX_cleanup             @622
+    X509_STORE_CTX_get_chain           @1014
+    X509_STORE_CTX_get_current_cert    @1015
+    X509_STORE_CTX_get_error           @1016
+    X509_STORE_CTX_get_error_depth     @1017
+    X509_STORE_CTX_get_ex_data         @1018
     X509_STORE_CTX_init                @623
+    X509_STORE_CTX_set_cert            @1020
+    X509_STORE_CTX_set_chain           @1021
+    X509_STORE_CTX_set_error           @1022
+    X509_STORE_CTX_set_ex_data         @1023
     X509_STORE_add_cert                @624
+    X509_STORE_add_crl                 @957
     X509_STORE_add_lookup              @625
     X509_STORE_free                    @626
     X509_STORE_get_by_subject          @627
@@ -666,6 +775,7 @@ EXPORTS
     X509_issuer_name_cmp               @661
     X509_issuer_name_hash              @662
     X509_load_cert_file                @663
+    X509_load_crl_file                 @958
     X509_new                           @664
     X509_print                         @665
     X509_print_fp                      @666
@@ -705,10 +815,12 @@ EXPORTS
     a2i_ASN1_STRING                    @701
     asn1_Finish                        @702
     asn1_GetSequence                   @703
+    asn1_add_error                     @1091
+    bn_add_words                       @1039
     bn_div64                           @704
     bn_expand2                         @705
-    bn_mul_add_word                    @706
-    bn_mul_word                        @707
+    bn_mul_add_words                   @706
+    bn_mul_words                       @707
     bn_qadd                            @708
     bn_qsub                            @709
     bn_sqr_words                       @710
@@ -737,6 +849,7 @@ EXPORTS
     d2i_NETSCAPE_SPKAC                 @733
     d2i_NETSCAPE_SPKI                  @734
     d2i_Netscape_RSA                   @735
+    d2i_Netscape_RSA_2                 @1040
     d2i_PKCS7                          @736
     d2i_PKCS7_DIGEST                   @737
     d2i_PKCS7_ENCRYPT                  @738
@@ -747,15 +860,15 @@ EXPORTS
     d2i_PKCS7_SIGNED                   @743
     d2i_PKCS7_SIGNER_INFO              @744
     d2i_PKCS7_SIGN_ENVELOPE            @745
-    d2i_PKCS7_bio                      @925
-    d2i_PKCS7_fp                       @922
+    d2i_PKCS7_bio                      @746
+    d2i_PKCS7_fp                       @747
     d2i_PrivateKey                     @748
     d2i_PublicKey                      @749
     d2i_RSAPrivateKey                  @750
     d2i_RSAPrivateKey_bio              @751
     d2i_RSAPrivateKey_fp               @752
     d2i_RSAPublicKey                   @753
-    d2i_RSAPublicKey_bio               @951
+    d2i_RSAPublicKey_bio               @945
     d2i_RSAPublicKey_fp                @952
     d2i_X509                           @754
     d2i_X509_ALGOR                     @755
@@ -779,7 +892,6 @@ EXPORTS
     d2i_X509_VAL                       @773
     d2i_X509_bio                       @774
     d2i_X509_fp                        @775
-    des_3cbc_encrypt                   @776
     des_cbc_cksum                      @777
     des_cbc_encrypt                    @778
     des_cblock_print_file              @779
@@ -851,15 +963,15 @@ EXPORTS
     i2d_PKCS7_SIGNED                   @846
     i2d_PKCS7_SIGNER_INFO              @847
     i2d_PKCS7_SIGN_ENVELOPE            @848
-    i2d_PKCS7_bio                      @926
-    i2d_PKCS7_fp                       @923
+    i2d_PKCS7_bio                      @849
+    i2d_PKCS7_fp                       @850
     i2d_PrivateKey                     @851
     i2d_PublicKey                      @852
     i2d_RSAPrivateKey                  @853
     i2d_RSAPrivateKey_bio              @854
     i2d_RSAPrivateKey_fp               @855
     i2d_RSAPublicKey                   @856
-    i2d_RSAPublicKey_bio               @953
+    i2d_RSAPublicKey_bio               @946
     i2d_RSAPublicKey_fp                @954
     i2d_X509                           @857
     i2d_X509_ALGOR                     @858
@@ -883,6 +995,7 @@ EXPORTS
     i2d_X509_VAL                       @876
     i2d_X509_bio                       @877
     i2d_X509_fp                        @878
+    i2t_ASN1_OBJECT                    @979
     idea_cbc_encrypt                   @879
     idea_cfb64_encrypt                 @880
     idea_ecb_encrypt                   @881
diff --git a/ms/ntdll.mak b/ms/ntdll.mak
index f552216ce3..044cd909bc 100644
--- a/ms/ntdll.mak
+++ b/ms/ntdll.mak
@@ -15,9 +15,10 @@ INSTALLTOP=\usr\local\ssl
 
 # Set your compiler options
 CC=cl
-CFLAG=/W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN /MD
+CFLAG= /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
 APP_CFLAG=
-LIB_CFLAG= /GD
+LIB_CFLAG= /GD -D_WINDLL -D_DLL
+SHLIB_CFLAG=
 APP_EX_OBJ=setargv.obj
 SHLIB_EX_OBJ=
 # add extra libraries to this define, for solaris -lsocket -lnsl would
@@ -30,19 +31,33 @@ SRC_D=.
 LINK=link
 LFLAGS=/nologo /subsystem:console /machine:I386 /opt:ref
 
-BN_MULW_OBJ=crypto\bn\asm\x86nt32.obj
-BN_MULW_SRC=crypto\bn\asm\x86nt32.asm
-DES_ENC_OBJ=crypto\des\asm\d-win32.obj crypto\des\asm\c-win32.obj
-DES_ENC_SRC=crypto\des\asm\d-win32.asm crypto\des\asm\c-win32.asm
+BN_MULW_OBJ=crypto\bn\asm\bn-win32.obj
+BN_MULW_SRC=crypto\bn\asm\bn-win32.asm
+DES_ENC_OBJ=crypto\des\asm\d-win32.obj crypto\des\asm\y-win32.obj
+DES_ENC_SRC=crypto\des\asm\d-win32.asm crypto\des\asm\y-win32.asm
 DES_CRYPT_OBJ=
 DES_CRYPT_SRC=
 BF_ENC_OBJ=crypto\bf\asm\b-win32.obj
 BF_ENC_SRC=crypto\bf\asm\b-win32.asm
+CAST_ENC_OBJ=crypto\cast\asm\c-win32.obj
+CAST_ENC_SRC=crypto\cast\asm\c-win32.asm
+RC4_ENC_OBJ=crypto\rc4\asm\r4-win32.obj
+RC4_ENC_SRC=crypto\rc4\asm\r4-win32.asm
+RC5_ENC_OBJ=crypto\rc5\asm\r5-win32.obj
+RC5_ENC_SRC=crypto\rc5\asm\r5-win32.asm
+MD5_ASM_OBJ=crypto\md5\asm\m5-win32.obj
+MD5_ASM_SRC=crypto\md5\asm\m5-win32.asm
+SHA1_ASM_OBJ=crypto\sha\asm\s1-win32.obj
+SHA1_ASM_SRC=crypto\sha\asm\s1-win32.asm
+RMD160_ASM_OBJ=crypto\ripemd\asm\rm-win32.obj
+RMD160_ASM_SRC=crypto\ripemd\asm\rm-win32.asm
 
 # The output directory for everything intersting
-OUT_D=out
+OUT_D=out32dll
 # The output directory for all the temporary muck
-TMP_D=tmp
+TMP_D=tmp32dll
+# The output directory for the header files
+INC_D=inc32
 
 CP=copy
 RM=del
@@ -64,11 +79,9 @@ RSAGLUE=RSAglue
 # BIN_D  - Binary output directory
 # TEST_D - Binary test file output directory
 # LIB_D  - library output directory
-# INC_D  - include directory
 BIN_D=$(OUT_D)
 TEST_D=$(OUT_D)
 LIB_D=$(OUT_D)
-INC_D=$(OUT_D)
 
 # INCL_D - local library directory
 # OBJ_D  - temp object file directory
@@ -78,6 +91,8 @@ INCL_D=$(TMP_D)
 O_SSL=     $(LIB_D)\$(SSL).dll
 O_CRYPTO=  $(LIB_D)\$(CRYPTO).dll
 O_RSAGLUE= $(LIB_D)\$(RSAGLUE).lib
+SO_SSL=    $(SSL)
+SO_CRYPTO= $(CRYPTO)
 L_SSL=     $(LIB_D)\$(SSL).lib
 L_CRYPTO=  $(LIB_D)\$(CRYPTO).lib
 
@@ -88,137 +103,153 @@ L_LIBS= $(L_SSL) $(L_CRYPTO)
 # Don't touch anything below this point
 ######################################################
 
-INC=-DFLAT_INC -I$(INC_D) -I$(INCL_D)
+INC=-I$(INC_D) -I$(INCL_D)
 APP_CFLAGS=$(INC) $(CFLAG) $(APP_CFLAG)
 LIB_CFLAGS=$(INC) $(CFLAG) $(LIB_CFLAG)
+SHLIB_CFLAGS=$(INC) $(CFLAG) $(LIB_CFLAG) $(SHLIB_CFLAG)
 LIBS_DEP=$(O_CRYPTO) $(O_RSAGLUE) $(O_SSL)
 
 #############################################
-HEADER=$(INCL_D)\e_os.h \
-	$(INCL_D)\cryptlib.h $(INCL_D)\date.h $(INCL_D)\md5_locl.h \
-	$(INCL_D)\sha_locl.h $(INCL_D)\des_locl.h $(INCL_D)\rpc_des.h \
-	$(INCL_D)\podd.h $(INCL_D)\sk.h $(INCL_D)\spr.h \
-	$(INCL_D)\des_ver.h $(INCL_D)\rc2_locl.h $(INCL_D)\idea_lcl.h \
-	$(INCL_D)\bf_pi.h $(INCL_D)\bf_locl.h $(INCL_D)\bn_lcl.h \
-	$(INCL_D)\bn_prime.h $(INCL_D)\obj_dat.h $(INCL_D)\conf_lcl.h \
-	$(INCL_D)\ssl_locl.h $(INCL_D)\rsaref.h $(INCL_D)\apps.h \
-	$(INCL_D)\progs.h $(INCL_D)\s_apps.h $(INCL_D)\testdsa.h \
-	$(INCL_D)\testrsa.h
-
-EXHEADER=$(INC_D)\crypto.h \
-	$(INC_D)\cryptall.h $(INC_D)\md2.h $(INC_D)\md5.h \
-	$(INC_D)\sha.h $(INC_D)\mdc2.h $(INC_D)\des.h \
-	$(INC_D)\rc4.h $(INC_D)\rc2.h $(INC_D)\idea.h \
-	$(INC_D)\blowfish.h $(INC_D)\bn.h $(INC_D)\rsa.h \
-	$(INC_D)\dsa.h $(INC_D)\dh.h $(INC_D)\buffer.h \
-	$(INC_D)\bio.h $(INC_D)\stack.h $(INC_D)\lhash.h \
+HEADER=$(INCL_D)\cryptlib.h \
+	$(INCL_D)\date.h $(INCL_D)\md5_locl.h $(INCL_D)\sha_locl.h \
+	$(INCL_D)\rmd_locl.h $(INCL_D)\rmdconst.h $(INCL_D)\des_locl.h \
+	$(INCL_D)\rpc_des.h $(INCL_D)\podd.h $(INCL_D)\sk.h \
+	$(INCL_D)\spr.h $(INCL_D)\des_ver.h $(INCL_D)\rc2_locl.h \
+	$(INCL_D)\rc4_locl.h $(INCL_D)\rc5_locl.h $(INCL_D)\idea_lcl.h \
+	$(INCL_D)\bf_pi.h $(INCL_D)\bf_locl.h $(INCL_D)\cast_s.h \
+	$(INCL_D)\cast_lcl.h $(INCL_D)\bn_lcl.h $(INCL_D)\bn_prime.h \
+	$(INCL_D)\obj_dat.h $(INCL_D)\conf_lcl.h $(INCL_D)\ssl_locl.h \
+	$(INCL_D)\rsaref.h $(INCL_D)\apps.h $(INCL_D)\progs.h \
+	$(INCL_D)\s_apps.h $(INCL_D)\testdsa.h $(INCL_D)\testrsa.h
+
+EXHEADER=$(INC_D)\e_os.h \
+	$(INC_D)\crypto.h $(INC_D)\cryptall.h $(INC_D)\md2.h \
+	$(INC_D)\md5.h $(INC_D)\sha.h $(INC_D)\mdc2.h \
+	$(INC_D)\hmac.h $(INC_D)\ripemd.h $(INC_D)\des.h \
+	$(INC_D)\rc2.h $(INC_D)\rc4.h $(INC_D)\rc5.h \
+	$(INC_D)\idea.h $(INC_D)\blowfish.h $(INC_D)\cast.h \
+	$(INC_D)\bn.h $(INC_D)\rsa.h $(INC_D)\dsa.h \
+	$(INC_D)\dh.h $(INC_D)\buffer.h $(INC_D)\bio.h \
+	$(INC_D)\bss_file.c $(INC_D)\stack.h $(INC_D)\lhash.h \
 	$(INC_D)\rand.h $(INC_D)\err.h $(INC_D)\objects.h \
 	$(INC_D)\evp.h $(INC_D)\pem.h $(INC_D)\asn1.h \
 	$(INC_D)\asn1_mac.h $(INC_D)\x509.h $(INC_D)\x509_vfy.h \
 	$(INC_D)\conf.h $(INC_D)\txt_db.h $(INC_D)\pkcs7.h \
 	$(INC_D)\ssl.h $(INC_D)\ssl2.h $(INC_D)\ssl3.h \
-	$(INC_D)\ssl23.h
+	$(INC_D)\ssl23.h $(INC_D)\tls1.h
 
 T_OBJ=$(OBJ_D)\md2test.obj \
 	$(OBJ_D)\md5test.obj $(OBJ_D)\shatest.obj $(OBJ_D)\sha1test.obj \
-	$(OBJ_D)\mdc2test.obj $(OBJ_D)\destest.obj $(OBJ_D)\rc4test.obj \
-	$(OBJ_D)\rc2test.obj $(OBJ_D)\ideatest.obj $(OBJ_D)\bftest.obj \
-	$(OBJ_D)\bntest.obj $(OBJ_D)\exptest.obj $(OBJ_D)\dsatest.obj \
-	$(OBJ_D)\dhtest.obj $(OBJ_D)\randtest.obj $(OBJ_D)\ssltest.obj
+	$(OBJ_D)\mdc2test.obj $(OBJ_D)\hmactest.obj $(OBJ_D)\rmdtest.obj \
+	$(OBJ_D)\destest.obj $(OBJ_D)\rc2test.obj $(OBJ_D)\rc4test.obj \
+	$(OBJ_D)\rc5test.obj $(OBJ_D)\ideatest.obj $(OBJ_D)\bftest.obj \
+	$(OBJ_D)\casttest.obj $(OBJ_D)\bntest.obj $(OBJ_D)\exptest.obj \
+	$(OBJ_D)\dsatest.obj $(OBJ_D)\dhtest.obj $(OBJ_D)\randtest.obj \
+	$(OBJ_D)\ssltest.obj
 
 E_OBJ=$(OBJ_D)\verify.obj \
 	$(OBJ_D)\asn1pars.obj $(OBJ_D)\req.obj $(OBJ_D)\dgst.obj \
 	$(OBJ_D)\dh.obj $(OBJ_D)\enc.obj $(OBJ_D)\gendh.obj \
-	$(OBJ_D)\errstr.obj $(OBJ_D)\ca.obj $(OBJ_D)\gendsa.obj \
-	$(OBJ_D)\pkcs7.obj $(OBJ_D)\crl2p7.obj $(OBJ_D)\crl.obj \
-	$(OBJ_D)\rsa.obj $(OBJ_D)\dsa.obj $(OBJ_D)\dsaparam.obj \
-	$(OBJ_D)\x509.obj $(OBJ_D)\genrsa.obj $(OBJ_D)\s_server.obj \
-	$(OBJ_D)\s_client.obj $(OBJ_D)\speed.obj $(OBJ_D)\s_time.obj \
-	$(OBJ_D)\apps.obj $(OBJ_D)\s_cb.obj $(OBJ_D)\s_socket.obj \
-	$(OBJ_D)\version.obj $(OBJ_D)\sess_id.obj $(OBJ_D)\ciphers.obj \
-	$(OBJ_D)\ssleay.obj
+	$(OBJ_D)\errstr.obj $(OBJ_D)\ca.obj $(OBJ_D)\pkcs7.obj \
+	$(OBJ_D)\crl2p7.obj $(OBJ_D)\crl.obj $(OBJ_D)\rsa.obj \
+	$(OBJ_D)\dsa.obj $(OBJ_D)\dsaparam.obj $(OBJ_D)\x509.obj \
+	$(OBJ_D)\genrsa.obj $(OBJ_D)\s_server.obj $(OBJ_D)\s_client.obj \
+	$(OBJ_D)\speed.obj $(OBJ_D)\s_time.obj $(OBJ_D)\apps.obj \
+	$(OBJ_D)\s_cb.obj $(OBJ_D)\s_socket.obj $(OBJ_D)\version.obj \
+	$(OBJ_D)\sess_id.obj $(OBJ_D)\ciphers.obj $(OBJ_D)\ssleay.obj
 
 CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
-	$(OBJ_D)\mem.obj $(OBJ_D)\cversion.obj $(OBJ_D)\md2_dgst.obj \
-	$(OBJ_D)\md5_dgst.obj $(OBJ_D)\md2_one.obj $(OBJ_D)\md5_one.obj \
-	$(OBJ_D)\sha_dgst.obj $(OBJ_D)\sha1dgst.obj $(OBJ_D)\sha_one.obj \
-	$(OBJ_D)\sha1_one.obj $(OBJ_D)\mdc2dgst.obj $(OBJ_D)\mdc2_one.obj \
-	$(OBJ_D)\set_key.obj $(OBJ_D)\ecb_enc.obj $(OBJ_D)\ede_enc.obj \
-	$(OBJ_D)\cbc_enc.obj $(OBJ_D)\cbc3_enc.obj $(OBJ_D)\ecb3_enc.obj \
+	$(OBJ_D)\mem.obj $(OBJ_D)\cversion.obj $(OBJ_D)\ex_data.obj \
+	$(OBJ_D)\cpt_err.obj $(OBJ_D)\md2_dgst.obj $(OBJ_D)\md2_one.obj \
+	$(OBJ_D)\md5_dgst.obj $(MD5_ASM_OBJ) $(OBJ_D)\md5_one.obj \
+	$(OBJ_D)\sha_dgst.obj $(OBJ_D)\sha1dgst.obj $(SHA1_ASM_OBJ) \
+	$(OBJ_D)\sha_one.obj $(OBJ_D)\sha1_one.obj $(OBJ_D)\mdc2dgst.obj \
+	$(OBJ_D)\mdc2_one.obj $(OBJ_D)\hmac.obj $(OBJ_D)\rmd_dgst.obj \
+	$(RMD160_ASM_OBJ) $(OBJ_D)\rmd_one.obj $(OBJ_D)\set_key.obj \
+	$(OBJ_D)\ecb_enc.obj $(OBJ_D)\cbc_enc.obj $(OBJ_D)\ecb3_enc.obj \
 	$(OBJ_D)\cfb64enc.obj $(OBJ_D)\cfb64ede.obj $(OBJ_D)\cfb_enc.obj \
 	$(OBJ_D)\ofb64ede.obj $(OBJ_D)\enc_read.obj $(OBJ_D)\enc_writ.obj \
-	$(OBJ_D)\ncbc_enc.obj $(OBJ_D)\ofb64enc.obj $(OBJ_D)\ofb_enc.obj \
-	$(OBJ_D)\str2key.obj $(OBJ_D)\pcbc_enc.obj $(OBJ_D)\qud_cksm.obj \
-	$(OBJ_D)\rand_key.obj $(DES_ENC_OBJ) $(OBJ_D)\read2pwd.obj \
-	$(OBJ_D)\fcrypt.obj $(OBJ_D)\xcbc_enc.obj $(OBJ_D)\read_pwd.obj \
-	$(OBJ_D)\rpc_enc.obj $(OBJ_D)\cbc_cksm.obj $(OBJ_D)\supp.obj \
-	$(OBJ_D)\rc4_enc.obj $(OBJ_D)\rc2_ecb.obj $(OBJ_D)\rc2_skey.obj \
-	$(OBJ_D)\rc2_cbc.obj $(OBJ_D)\rc2cfb64.obj $(OBJ_D)\rc2ofb64.obj \
-	$(OBJ_D)\i_cbc.obj $(OBJ_D)\i_cfb64.obj $(OBJ_D)\i_ofb64.obj \
-	$(OBJ_D)\i_ecb.obj $(OBJ_D)\i_skey.obj $(OBJ_D)\bf_skey.obj \
-	$(OBJ_D)\bf_ecb.obj $(BF_ENC_OBJ) $(OBJ_D)\bf_cbc.obj \
-	$(OBJ_D)\bf_cfb64.obj $(OBJ_D)\bf_ofb64.obj $(OBJ_D)\bn_add.obj \
+	$(OBJ_D)\ofb64enc.obj $(OBJ_D)\ofb_enc.obj $(OBJ_D)\str2key.obj \
+	$(OBJ_D)\pcbc_enc.obj $(OBJ_D)\qud_cksm.obj $(OBJ_D)\rand_key.obj \
+	$(DES_ENC_OBJ) $(OBJ_D)\read2pwd.obj $(OBJ_D)\fcrypt.obj \
+	$(OBJ_D)\xcbc_enc.obj $(OBJ_D)\read_pwd.obj $(OBJ_D)\rpc_enc.obj \
+	$(OBJ_D)\cbc_cksm.obj $(OBJ_D)\supp.obj $(OBJ_D)\rc2_ecb.obj \
+	$(OBJ_D)\rc2_skey.obj $(OBJ_D)\rc2_cbc.obj $(OBJ_D)\rc2cfb64.obj \
+	$(OBJ_D)\rc2ofb64.obj $(OBJ_D)\rc4_skey.obj $(RC4_ENC_OBJ) \
+	$(OBJ_D)\rc5_skey.obj $(OBJ_D)\rc5_ecb.obj $(RC5_ENC_OBJ) \
+	$(OBJ_D)\rc5cfb64.obj $(OBJ_D)\rc5ofb64.obj $(OBJ_D)\i_cbc.obj \
+	$(OBJ_D)\i_cfb64.obj $(OBJ_D)\i_ofb64.obj $(OBJ_D)\i_ecb.obj \
+	$(OBJ_D)\i_skey.obj $(OBJ_D)\bf_skey.obj $(OBJ_D)\bf_ecb.obj \
+	$(BF_ENC_OBJ) $(OBJ_D)\bf_cfb64.obj $(OBJ_D)\bf_ofb64.obj \
+	$(OBJ_D)\c_skey.obj $(OBJ_D)\c_ecb.obj $(CAST_ENC_OBJ) \
+	$(OBJ_D)\c_cfb64.obj $(OBJ_D)\c_ofb64.obj $(OBJ_D)\bn_add.obj \
 	$(OBJ_D)\bn_div.obj $(OBJ_D)\bn_exp.obj $(OBJ_D)\bn_lib.obj \
 	$(OBJ_D)\bn_mod.obj $(OBJ_D)\bn_mul.obj $(OBJ_D)\bn_print.obj \
 	$(OBJ_D)\bn_rand.obj $(OBJ_D)\bn_shift.obj $(OBJ_D)\bn_sub.obj \
-	$(OBJ_D)\bn_word.obj $(OBJ_D)\bn_gcd.obj $(OBJ_D)\bn_prime.obj \
-	$(OBJ_D)\bn_err.obj $(OBJ_D)\bn_sqr.obj $(BN_MULW_OBJ) \
-	$(OBJ_D)\bn_recp.obj $(OBJ_D)\bn_mont.obj $(OBJ_D)\rsa_enc.obj \
-	$(OBJ_D)\rsa_gen.obj $(OBJ_D)\rsa_lib.obj $(OBJ_D)\rsa_sign.obj \
-	$(OBJ_D)\rsa_saos.obj $(OBJ_D)\rsa_err.obj $(OBJ_D)\dsa_gen.obj \
-	$(OBJ_D)\dsa_key.obj $(OBJ_D)\dsa_lib.obj $(OBJ_D)\dsa_vrf.obj \
-	$(OBJ_D)\dsa_sign.obj $(OBJ_D)\dsa_err.obj $(OBJ_D)\dh_gen.obj \
-	$(OBJ_D)\dh_key.obj $(OBJ_D)\dh_lib.obj $(OBJ_D)\dh_check.obj \
-	$(OBJ_D)\dh_err.obj $(OBJ_D)\buffer.obj $(OBJ_D)\buf_err.obj \
-	$(OBJ_D)\bio_lib.obj $(OBJ_D)\bio_cb.obj $(OBJ_D)\bio_err.obj \
-	$(OBJ_D)\bss_mem.obj $(OBJ_D)\bss_null.obj $(OBJ_D)\bss_fd.obj \
-	$(OBJ_D)\bss_file.obj $(OBJ_D)\bss_sock.obj $(OBJ_D)\bss_conn.obj \
-	$(OBJ_D)\bf_null.obj $(OBJ_D)\bf_buff.obj $(OBJ_D)\b_print.obj \
-	$(OBJ_D)\b_dump.obj $(OBJ_D)\b_sock.obj $(OBJ_D)\bss_acpt.obj \
-	$(OBJ_D)\bf_nbio.obj $(OBJ_D)\stack.obj $(OBJ_D)\lhash.obj \
-	$(OBJ_D)\lh_stats.obj $(OBJ_D)\md_rand.obj $(OBJ_D)\randfile.obj \
-	$(OBJ_D)\err.obj $(OBJ_D)\err_all.obj $(OBJ_D)\err_prn.obj \
-	$(OBJ_D)\obj_dat.obj $(OBJ_D)\obj_lib.obj $(OBJ_D)\obj_err.obj \
-	$(OBJ_D)\encode.obj $(OBJ_D)\digest.obj $(OBJ_D)\evp_enc.obj \
-	$(OBJ_D)\evp_key.obj $(OBJ_D)\e_ecb_d.obj $(OBJ_D)\e_cbc_d.obj \
-	$(OBJ_D)\e_cfb_d.obj $(OBJ_D)\e_ofb_d.obj $(OBJ_D)\e_ecb_i.obj \
-	$(OBJ_D)\e_cbc_i.obj $(OBJ_D)\e_cfb_i.obj $(OBJ_D)\e_ofb_i.obj \
-	$(OBJ_D)\e_ecb_3d.obj $(OBJ_D)\e_cbc_3d.obj $(OBJ_D)\e_rc4.obj \
-	$(OBJ_D)\names.obj $(OBJ_D)\e_cfb_3d.obj $(OBJ_D)\e_ofb_3d.obj \
-	$(OBJ_D)\e_xcbc_d.obj $(OBJ_D)\e_ecb_r2.obj $(OBJ_D)\e_cbc_r2.obj \
-	$(OBJ_D)\e_cfb_r2.obj $(OBJ_D)\e_ofb_r2.obj $(OBJ_D)\e_ecb_bf.obj \
-	$(OBJ_D)\e_cbc_bf.obj $(OBJ_D)\e_cfb_bf.obj $(OBJ_D)\e_ofb_bf.obj \
-	$(OBJ_D)\m_null.obj $(OBJ_D)\m_md2.obj $(OBJ_D)\m_md5.obj \
-	$(OBJ_D)\m_sha.obj $(OBJ_D)\m_sha1.obj $(OBJ_D)\m_dss.obj \
-	$(OBJ_D)\m_dss1.obj $(OBJ_D)\m_mdc2.obj $(OBJ_D)\p_open.obj \
-	$(OBJ_D)\p_seal.obj $(OBJ_D)\p_sign.obj $(OBJ_D)\p_verify.obj \
-	$(OBJ_D)\p_lib.obj $(OBJ_D)\bio_md.obj $(OBJ_D)\bio_b64.obj \
-	$(OBJ_D)\bio_enc.obj $(OBJ_D)\evp_err.obj $(OBJ_D)\e_null.obj \
-	$(OBJ_D)\c_all.obj $(OBJ_D)\pem_sign.obj $(OBJ_D)\pem_seal.obj \
-	$(OBJ_D)\pem_info.obj $(OBJ_D)\pem_lib.obj $(OBJ_D)\pem_all.obj \
-	$(OBJ_D)\pem_err.obj $(OBJ_D)\a_object.obj $(OBJ_D)\a_bitstr.obj \
-	$(OBJ_D)\a_utctm.obj $(OBJ_D)\a_int.obj $(OBJ_D)\a_octet.obj \
-	$(OBJ_D)\a_print.obj $(OBJ_D)\a_type.obj $(OBJ_D)\a_set.obj \
-	$(OBJ_D)\a_dup.obj $(OBJ_D)\a_d2i_fp.obj $(OBJ_D)\a_i2d_fp.obj \
-	$(OBJ_D)\a_sign.obj $(OBJ_D)\a_digest.obj $(OBJ_D)\a_verify.obj \
-	$(OBJ_D)\x_algor.obj $(OBJ_D)\x_val.obj $(OBJ_D)\x_pubkey.obj \
-	$(OBJ_D)\x_sig.obj $(OBJ_D)\x_req.obj $(OBJ_D)\x_attrib.obj \
-	$(OBJ_D)\x_name.obj $(OBJ_D)\x_cinf.obj $(OBJ_D)\x_x509.obj \
-	$(OBJ_D)\x_crl.obj $(OBJ_D)\x_info.obj $(OBJ_D)\x_spki.obj \
-	$(OBJ_D)\d2i_r_pr.obj $(OBJ_D)\i2d_r_pr.obj $(OBJ_D)\d2i_r_pu.obj \
-	$(OBJ_D)\i2d_r_pu.obj $(OBJ_D)\d2i_s_pr.obj $(OBJ_D)\i2d_s_pr.obj \
-	$(OBJ_D)\d2i_s_pu.obj $(OBJ_D)\i2d_s_pu.obj $(OBJ_D)\d2i_pu.obj \
-	$(OBJ_D)\d2i_pr.obj $(OBJ_D)\i2d_pu.obj $(OBJ_D)\i2d_pr.obj \
-	$(OBJ_D)\t_req.obj $(OBJ_D)\t_x509.obj $(OBJ_D)\t_pkey.obj \
-	$(OBJ_D)\p7_i_s.obj $(OBJ_D)\p7_signi.obj $(OBJ_D)\p7_signd.obj \
-	$(OBJ_D)\p7_recip.obj $(OBJ_D)\p7_enc_c.obj $(OBJ_D)\p7_evp.obj \
-	$(OBJ_D)\p7_dgst.obj $(OBJ_D)\p7_s_e.obj $(OBJ_D)\p7_enc.obj \
-	$(OBJ_D)\p7_lib.obj $(OBJ_D)\f_int.obj $(OBJ_D)\f_string.obj \
-	$(OBJ_D)\i2d_dhp.obj $(OBJ_D)\i2d_dsap.obj $(OBJ_D)\d2i_dhp.obj \
-	$(OBJ_D)\d2i_dsap.obj $(OBJ_D)\n_pkey.obj $(OBJ_D)\a_hdr.obj \
-	$(OBJ_D)\x_pkey.obj $(OBJ_D)\a_bool.obj $(OBJ_D)\x_exten.obj \
-	$(OBJ_D)\asn1_par.obj $(OBJ_D)\asn1_lib.obj $(OBJ_D)\asn1_err.obj \
-	$(OBJ_D)\a_meth.obj $(OBJ_D)\a_bytes.obj $(OBJ_D)\x509_def.obj \
+	$(OBJ_D)\bn_word.obj $(OBJ_D)\bn_blind.obj $(OBJ_D)\bn_gcd.obj \
+	$(OBJ_D)\bn_prime.obj $(OBJ_D)\bn_err.obj $(OBJ_D)\bn_sqr.obj \
+	$(BN_MULW_OBJ) $(OBJ_D)\bn_recp.obj $(OBJ_D)\bn_mont.obj \
+	$(OBJ_D)\bn_mpi.obj $(OBJ_D)\rsa_eay.obj $(OBJ_D)\rsa_gen.obj \
+	$(OBJ_D)\rsa_lib.obj $(OBJ_D)\rsa_sign.obj $(OBJ_D)\rsa_saos.obj \
+	$(OBJ_D)\rsa_err.obj $(OBJ_D)\rsa_pk1.obj $(OBJ_D)\rsa_ssl.obj \
+	$(OBJ_D)\rsa_none.obj $(OBJ_D)\dsa_gen.obj $(OBJ_D)\dsa_key.obj \
+	$(OBJ_D)\dsa_lib.obj $(OBJ_D)\dsa_vrf.obj $(OBJ_D)\dsa_sign.obj \
+	$(OBJ_D)\dsa_err.obj $(OBJ_D)\dh_gen.obj $(OBJ_D)\dh_key.obj \
+	$(OBJ_D)\dh_lib.obj $(OBJ_D)\dh_check.obj $(OBJ_D)\dh_err.obj \
+	$(OBJ_D)\buffer.obj $(OBJ_D)\buf_err.obj $(OBJ_D)\bio_lib.obj \
+	$(OBJ_D)\bio_cb.obj $(OBJ_D)\bio_err.obj $(OBJ_D)\bss_mem.obj \
+	$(OBJ_D)\bss_null.obj $(OBJ_D)\bss_fd.obj $(OBJ_D)\bss_file.obj \
+	$(OBJ_D)\bss_sock.obj $(OBJ_D)\bss_conn.obj $(OBJ_D)\bf_null.obj \
+	$(OBJ_D)\bf_buff.obj $(OBJ_D)\b_print.obj $(OBJ_D)\b_dump.obj \
+	$(OBJ_D)\b_sock.obj $(OBJ_D)\bss_acpt.obj $(OBJ_D)\bf_nbio.obj \
+	$(OBJ_D)\stack.obj $(OBJ_D)\lhash.obj $(OBJ_D)\lh_stats.obj \
+	$(OBJ_D)\md_rand.obj $(OBJ_D)\randfile.obj $(OBJ_D)\err.obj \
+	$(OBJ_D)\err_all.obj $(OBJ_D)\err_prn.obj $(OBJ_D)\obj_dat.obj \
+	$(OBJ_D)\obj_lib.obj $(OBJ_D)\obj_err.obj $(OBJ_D)\encode.obj \
+	$(OBJ_D)\digest.obj $(OBJ_D)\evp_enc.obj $(OBJ_D)\evp_key.obj \
+	$(OBJ_D)\e_ecb_d.obj $(OBJ_D)\e_cbc_d.obj $(OBJ_D)\e_cfb_d.obj \
+	$(OBJ_D)\e_ofb_d.obj $(OBJ_D)\e_ecb_i.obj $(OBJ_D)\e_cbc_i.obj \
+	$(OBJ_D)\e_cfb_i.obj $(OBJ_D)\e_ofb_i.obj $(OBJ_D)\e_ecb_3d.obj \
+	$(OBJ_D)\e_cbc_3d.obj $(OBJ_D)\e_rc4.obj $(OBJ_D)\names.obj \
+	$(OBJ_D)\e_cfb_3d.obj $(OBJ_D)\e_ofb_3d.obj $(OBJ_D)\e_xcbc_d.obj \
+	$(OBJ_D)\e_ecb_r2.obj $(OBJ_D)\e_cbc_r2.obj $(OBJ_D)\e_cfb_r2.obj \
+	$(OBJ_D)\e_ofb_r2.obj $(OBJ_D)\e_ecb_bf.obj $(OBJ_D)\e_cbc_bf.obj \
+	$(OBJ_D)\e_cfb_bf.obj $(OBJ_D)\e_ofb_bf.obj $(OBJ_D)\e_ecb_c.obj \
+	$(OBJ_D)\e_cbc_c.obj $(OBJ_D)\e_cfb_c.obj $(OBJ_D)\e_ofb_c.obj \
+	$(OBJ_D)\e_ecb_r5.obj $(OBJ_D)\e_cbc_r5.obj $(OBJ_D)\e_cfb_r5.obj \
+	$(OBJ_D)\e_ofb_r5.obj $(OBJ_D)\m_null.obj $(OBJ_D)\m_md2.obj \
+	$(OBJ_D)\m_md5.obj $(OBJ_D)\m_sha.obj $(OBJ_D)\m_sha1.obj \
+	$(OBJ_D)\m_dss.obj $(OBJ_D)\m_dss1.obj $(OBJ_D)\m_mdc2.obj \
+	$(OBJ_D)\m_ripemd.obj $(OBJ_D)\p_open.obj $(OBJ_D)\p_seal.obj \
+	$(OBJ_D)\p_sign.obj $(OBJ_D)\p_verify.obj $(OBJ_D)\p_lib.obj \
+	$(OBJ_D)\p_enc.obj $(OBJ_D)\p_dec.obj $(OBJ_D)\bio_md.obj \
+	$(OBJ_D)\bio_b64.obj $(OBJ_D)\bio_enc.obj $(OBJ_D)\evp_err.obj \
+	$(OBJ_D)\e_null.obj $(OBJ_D)\c_all.obj $(OBJ_D)\evp_lib.obj \
+	$(OBJ_D)\pem_sign.obj $(OBJ_D)\pem_seal.obj $(OBJ_D)\pem_info.obj \
+	$(OBJ_D)\pem_lib.obj $(OBJ_D)\pem_all.obj $(OBJ_D)\pem_err.obj \
+	$(OBJ_D)\a_object.obj $(OBJ_D)\a_bitstr.obj $(OBJ_D)\a_utctm.obj \
+	$(OBJ_D)\a_int.obj $(OBJ_D)\a_octet.obj $(OBJ_D)\a_print.obj \
+	$(OBJ_D)\a_type.obj $(OBJ_D)\a_set.obj $(OBJ_D)\a_dup.obj \
+	$(OBJ_D)\a_d2i_fp.obj $(OBJ_D)\a_i2d_fp.obj $(OBJ_D)\a_sign.obj \
+	$(OBJ_D)\a_digest.obj $(OBJ_D)\a_verify.obj $(OBJ_D)\x_algor.obj \
+	$(OBJ_D)\x_val.obj $(OBJ_D)\x_pubkey.obj $(OBJ_D)\x_sig.obj \
+	$(OBJ_D)\x_req.obj $(OBJ_D)\x_attrib.obj $(OBJ_D)\x_name.obj \
+	$(OBJ_D)\x_cinf.obj $(OBJ_D)\x_x509.obj $(OBJ_D)\x_crl.obj \
+	$(OBJ_D)\x_info.obj $(OBJ_D)\x_spki.obj $(OBJ_D)\d2i_r_pr.obj \
+	$(OBJ_D)\i2d_r_pr.obj $(OBJ_D)\d2i_r_pu.obj $(OBJ_D)\i2d_r_pu.obj \
+	$(OBJ_D)\d2i_s_pr.obj $(OBJ_D)\i2d_s_pr.obj $(OBJ_D)\d2i_s_pu.obj \
+	$(OBJ_D)\i2d_s_pu.obj $(OBJ_D)\d2i_pu.obj $(OBJ_D)\d2i_pr.obj \
+	$(OBJ_D)\i2d_pu.obj $(OBJ_D)\i2d_pr.obj $(OBJ_D)\t_req.obj \
+	$(OBJ_D)\t_x509.obj $(OBJ_D)\t_pkey.obj $(OBJ_D)\p7_i_s.obj \
+	$(OBJ_D)\p7_signi.obj $(OBJ_D)\p7_signd.obj $(OBJ_D)\p7_recip.obj \
+	$(OBJ_D)\p7_enc_c.obj $(OBJ_D)\p7_evp.obj $(OBJ_D)\p7_dgst.obj \
+	$(OBJ_D)\p7_s_e.obj $(OBJ_D)\p7_enc.obj $(OBJ_D)\p7_lib.obj \
+	$(OBJ_D)\f_int.obj $(OBJ_D)\f_string.obj $(OBJ_D)\i2d_dhp.obj \
+	$(OBJ_D)\i2d_dsap.obj $(OBJ_D)\d2i_dhp.obj $(OBJ_D)\d2i_dsap.obj \
+	$(OBJ_D)\n_pkey.obj $(OBJ_D)\a_hdr.obj $(OBJ_D)\x_pkey.obj \
+	$(OBJ_D)\a_bool.obj $(OBJ_D)\x_exten.obj $(OBJ_D)\asn1_par.obj \
+	$(OBJ_D)\asn1_lib.obj $(OBJ_D)\asn1_err.obj $(OBJ_D)\a_meth.obj \
+	$(OBJ_D)\a_bytes.obj $(OBJ_D)\evp_asn1.obj $(OBJ_D)\x509_def.obj \
 	$(OBJ_D)\x509_d2.obj $(OBJ_D)\x509_r2x.obj $(OBJ_D)\x509_cmp.obj \
 	$(OBJ_D)\x509_obj.obj $(OBJ_D)\x509_req.obj $(OBJ_D)\x509_vfy.obj \
 	$(OBJ_D)\x509_set.obj $(OBJ_D)\x509rset.obj $(OBJ_D)\x509_err.obj \
@@ -231,38 +262,51 @@ CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
 
 SSLOBJ=$(OBJ_D)\s2_meth.obj \
 	$(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
-	$(OBJ_D)\s2_pkt.obj $(OBJ_D)\s2_enc.obj $(OBJ_D)\s3_meth.obj \
+	$(OBJ_D)\s2_enc.obj $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s3_meth.obj \
 	$(OBJ_D)\s3_srvr.obj $(OBJ_D)\s3_clnt.obj $(OBJ_D)\s3_lib.obj \
-	$(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_both.obj \
+	$(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_both.obj \
 	$(OBJ_D)\s23_meth.obj $(OBJ_D)\s23_srvr.obj $(OBJ_D)\s23_clnt.obj \
-	$(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj $(OBJ_D)\ssl_lib.obj \
-	$(OBJ_D)\ssl_err2.obj $(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj \
-	$(OBJ_D)\ssl_ciph.obj $(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj \
-	$(OBJ_D)\ssl_asn1.obj $(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj \
-	$(OBJ_D)\bio_ssl.obj $(OBJ_D)\ssl_err.obj
+	$(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj $(OBJ_D)\t1_meth.obj \
+	$(OBJ_D)\t1_srvr.obj $(OBJ_D)\t1_clnt.obj $(OBJ_D)\t1_lib.obj \
+	$(OBJ_D)\t1_enc.obj $(OBJ_D)\ssl_lib.obj $(OBJ_D)\ssl_err2.obj \
+	$(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj $(OBJ_D)\ssl_ciph.obj \
+	$(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj $(OBJ_D)\ssl_asn1.obj \
+	$(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj $(OBJ_D)\bio_ssl.obj \
+	$(OBJ_D)\ssl_err.obj
 
 RSAGLUEOBJ=$(OBJ_D)\rsaref.obj \
 	$(OBJ_D)\rsar_err.obj
 
 T_EXE=$(TEST_D)\md2test.exe \
 	$(TEST_D)\md5test.exe $(TEST_D)\shatest.exe $(TEST_D)\sha1test.exe \
-	$(TEST_D)\mdc2test.exe $(TEST_D)\destest.exe $(TEST_D)\rc4test.exe \
-	$(TEST_D)\rc2test.exe $(TEST_D)\ideatest.exe $(TEST_D)\bftest.exe \
-	$(TEST_D)\bntest.exe $(TEST_D)\exptest.exe $(TEST_D)\dsatest.exe \
-	$(TEST_D)\dhtest.exe $(TEST_D)\randtest.exe $(TEST_D)\ssltest.exe
+	$(TEST_D)\mdc2test.exe $(TEST_D)\hmactest.exe $(TEST_D)\rmdtest.exe \
+	$(TEST_D)\destest.exe $(TEST_D)\rc2test.exe $(TEST_D)\rc4test.exe \
+	$(TEST_D)\rc5test.exe $(TEST_D)\ideatest.exe $(TEST_D)\bftest.exe \
+	$(TEST_D)\casttest.exe $(TEST_D)\bntest.exe $(TEST_D)\exptest.exe \
+	$(TEST_D)\dsatest.exe $(TEST_D)\dhtest.exe $(TEST_D)\randtest.exe \
+	$(TEST_D)\ssltest.exe
 
 ###################################################################
-all: banner $(OUT_D) $(TMP_D) headers lib exe
+all: banner $(TMP_D) $(BIN_D) $(TEST_D) $(LIB_D) $(INC_D) headers lib exe
 
 banner:
 
 
-$(OUT_D):
-	$(MKDIR) $(OUT_D)
-
 $(TMP_D):
 	$(MKDIR) $(TMP_D)
 
+$(BIN_D):
+	$(MKDIR) $(BIN_D)
+
+$(TEST_D):
+	$(MKDIR) $(TEST_D)
+
+$(LIB_D):
+	$(MKDIR) $(LIB_D)
+
+$(INC_D):
+	$(MKDIR) $(INC_D)
+
 headers: $(HEADER) $(EXHEADER)
 
 lib: $(LIBS_DEP)
@@ -274,10 +318,10 @@ install:
 	$(MKDIR) $(INSTALLTOP)\bin
 	$(MKDIR) $(INSTALLTOP)\include
 	$(MKDIR) $(INSTALLTOP)\lib
-	$(CP) $(INC_D)\*.h $(INSTALLTOP)\include
+	$(CP) $(INC_D)\*.[ch] $(INSTALLTOP)\include
 	$(CP) $(BIN_D)\$(E_EXE).exe $(INSTALLTOP)\bin
-	$(CP) $(LIB_D)\$(O_SSL) $(INSTALLTOP)\lib
-	$(CP) $(LIB_D)\$(O_CRYPTO) $(INSTALLTOP)\lib
+	$(CP) $(O_SSL) $(INSTALLTOP)\lib
+	$(CP) $(O_CRYPTO) $(INSTALLTOP)\lib
 
 clean:
 	$(RM) $(TMP_D)\*.*
@@ -286,21 +330,24 @@ vclean:
 	$(RM) $(TMP_D)\*.*
 	$(RM) $(OUT_D)\*.*
 
-$(INCL_D)\e_os.h: $(SRC_D)\.\e_os.h
-	$(CP) $(SRC_D)\.\e_os.h $(INCL_D)\e_os.h
-
 $(INCL_D)\cryptlib.h: $(SRC_D)\crypto\cryptlib.h
 	$(CP) $(SRC_D)\crypto\cryptlib.h $(INCL_D)\cryptlib.h
 
 $(INCL_D)\date.h: $(SRC_D)\crypto\date.h
 	$(CP) $(SRC_D)\crypto\date.h $(INCL_D)\date.h
 
-$(INCL_D)\md5_locl.h: $(SRC_D)\crypto\md\md5_locl.h
-	$(CP) $(SRC_D)\crypto\md\md5_locl.h $(INCL_D)\md5_locl.h
+$(INCL_D)\md5_locl.h: $(SRC_D)\crypto\md5\md5_locl.h
+	$(CP) $(SRC_D)\crypto\md5\md5_locl.h $(INCL_D)\md5_locl.h
 
 $(INCL_D)\sha_locl.h: $(SRC_D)\crypto\sha\sha_locl.h
 	$(CP) $(SRC_D)\crypto\sha\sha_locl.h $(INCL_D)\sha_locl.h
 
+$(INCL_D)\rmd_locl.h: $(SRC_D)\crypto\ripemd\rmd_locl.h
+	$(CP) $(SRC_D)\crypto\ripemd\rmd_locl.h $(INCL_D)\rmd_locl.h
+
+$(INCL_D)\rmdconst.h: $(SRC_D)\crypto\ripemd\rmdconst.h
+	$(CP) $(SRC_D)\crypto\ripemd\rmdconst.h $(INCL_D)\rmdconst.h
+
 $(INCL_D)\des_locl.h: $(SRC_D)\crypto\des\des_locl.h
 	$(CP) $(SRC_D)\crypto\des\des_locl.h $(INCL_D)\des_locl.h
 
@@ -322,6 +369,12 @@ $(INCL_D)\des_ver.h: $(SRC_D)\crypto\des\des_ver.h
 $(INCL_D)\rc2_locl.h: $(SRC_D)\crypto\rc2\rc2_locl.h
 	$(CP) $(SRC_D)\crypto\rc2\rc2_locl.h $(INCL_D)\rc2_locl.h
 
+$(INCL_D)\rc4_locl.h: $(SRC_D)\crypto\rc4\rc4_locl.h
+	$(CP) $(SRC_D)\crypto\rc4\rc4_locl.h $(INCL_D)\rc4_locl.h
+
+$(INCL_D)\rc5_locl.h: $(SRC_D)\crypto\rc5\rc5_locl.h
+	$(CP) $(SRC_D)\crypto\rc5\rc5_locl.h $(INCL_D)\rc5_locl.h
+
 $(INCL_D)\idea_lcl.h: $(SRC_D)\crypto\idea\idea_lcl.h
 	$(CP) $(SRC_D)\crypto\idea\idea_lcl.h $(INCL_D)\idea_lcl.h
 
@@ -331,6 +384,12 @@ $(INCL_D)\bf_pi.h: $(SRC_D)\crypto\bf\bf_pi.h
 $(INCL_D)\bf_locl.h: $(SRC_D)\crypto\bf\bf_locl.h
 	$(CP) $(SRC_D)\crypto\bf\bf_locl.h $(INCL_D)\bf_locl.h
 
+$(INCL_D)\cast_s.h: $(SRC_D)\crypto\cast\cast_s.h
+	$(CP) $(SRC_D)\crypto\cast\cast_s.h $(INCL_D)\cast_s.h
+
+$(INCL_D)\cast_lcl.h: $(SRC_D)\crypto\cast\cast_lcl.h
+	$(CP) $(SRC_D)\crypto\cast\cast_lcl.h $(INCL_D)\cast_lcl.h
+
 $(INCL_D)\bn_lcl.h: $(SRC_D)\crypto\bn\bn_lcl.h
 	$(CP) $(SRC_D)\crypto\bn\bn_lcl.h $(INCL_D)\bn_lcl.h
 
@@ -364,17 +423,20 @@ $(INCL_D)\testdsa.h: $(SRC_D)\apps\testdsa.h
 $(INCL_D)\testrsa.h: $(SRC_D)\apps\testrsa.h
 	$(CP) $(SRC_D)\apps\testrsa.h $(INCL_D)\testrsa.h
 
+$(INC_D)\e_os.h: $(SRC_D)\.\e_os.h
+	$(CP) $(SRC_D)\.\e_os.h $(INC_D)\e_os.h
+
 $(INC_D)\crypto.h: $(SRC_D)\crypto\crypto.h
 	$(CP) $(SRC_D)\crypto\crypto.h $(INC_D)\crypto.h
 
 $(INC_D)\cryptall.h: $(SRC_D)\crypto\cryptall.h
 	$(CP) $(SRC_D)\crypto\cryptall.h $(INC_D)\cryptall.h
 
-$(INC_D)\md2.h: $(SRC_D)\crypto\md\md2.h
-	$(CP) $(SRC_D)\crypto\md\md2.h $(INC_D)\md2.h
+$(INC_D)\md2.h: $(SRC_D)\crypto\md2\md2.h
+	$(CP) $(SRC_D)\crypto\md2\md2.h $(INC_D)\md2.h
 
-$(INC_D)\md5.h: $(SRC_D)\crypto\md\md5.h
-	$(CP) $(SRC_D)\crypto\md\md5.h $(INC_D)\md5.h
+$(INC_D)\md5.h: $(SRC_D)\crypto\md5\md5.h
+	$(CP) $(SRC_D)\crypto\md5\md5.h $(INC_D)\md5.h
 
 $(INC_D)\sha.h: $(SRC_D)\crypto\sha\sha.h
 	$(CP) $(SRC_D)\crypto\sha\sha.h $(INC_D)\sha.h
@@ -382,14 +444,23 @@ $(INC_D)\sha.h: $(SRC_D)\crypto\sha\sha.h
 $(INC_D)\mdc2.h: $(SRC_D)\crypto\mdc2\mdc2.h
 	$(CP) $(SRC_D)\crypto\mdc2\mdc2.h $(INC_D)\mdc2.h
 
+$(INC_D)\hmac.h: $(SRC_D)\crypto\hmac\hmac.h
+	$(CP) $(SRC_D)\crypto\hmac\hmac.h $(INC_D)\hmac.h
+
+$(INC_D)\ripemd.h: $(SRC_D)\crypto\ripemd\ripemd.h
+	$(CP) $(SRC_D)\crypto\ripemd\ripemd.h $(INC_D)\ripemd.h
+
 $(INC_D)\des.h: $(SRC_D)\crypto\des\des.h
 	$(CP) $(SRC_D)\crypto\des\des.h $(INC_D)\des.h
 
+$(INC_D)\rc2.h: $(SRC_D)\crypto\rc2\rc2.h
+	$(CP) $(SRC_D)\crypto\rc2\rc2.h $(INC_D)\rc2.h
+
 $(INC_D)\rc4.h: $(SRC_D)\crypto\rc4\rc4.h
 	$(CP) $(SRC_D)\crypto\rc4\rc4.h $(INC_D)\rc4.h
 
-$(INC_D)\rc2.h: $(SRC_D)\crypto\rc2\rc2.h
-	$(CP) $(SRC_D)\crypto\rc2\rc2.h $(INC_D)\rc2.h
+$(INC_D)\rc5.h: $(SRC_D)\crypto\rc5\rc5.h
+	$(CP) $(SRC_D)\crypto\rc5\rc5.h $(INC_D)\rc5.h
 
 $(INC_D)\idea.h: $(SRC_D)\crypto\idea\idea.h
 	$(CP) $(SRC_D)\crypto\idea\idea.h $(INC_D)\idea.h
@@ -397,6 +468,9 @@ $(INC_D)\idea.h: $(SRC_D)\crypto\idea\idea.h
 $(INC_D)\blowfish.h: $(SRC_D)\crypto\bf\blowfish.h
 	$(CP) $(SRC_D)\crypto\bf\blowfish.h $(INC_D)\blowfish.h
 
+$(INC_D)\cast.h: $(SRC_D)\crypto\cast\cast.h
+	$(CP) $(SRC_D)\crypto\cast\cast.h $(INC_D)\cast.h
+
 $(INC_D)\bn.h: $(SRC_D)\crypto\bn\bn.h
 	$(CP) $(SRC_D)\crypto\bn\bn.h $(INC_D)\bn.h
 
@@ -415,6 +489,9 @@ $(INC_D)\buffer.h: $(SRC_D)\crypto\buffer\buffer.h
 $(INC_D)\bio.h: $(SRC_D)\crypto\bio\bio.h
 	$(CP) $(SRC_D)\crypto\bio\bio.h $(INC_D)\bio.h
 
+$(INC_D)\bss_file.c: $(SRC_D)\crypto\bio\bss_file.c
+	$(CP) $(SRC_D)\crypto\bio\bss_file.c $(INC_D)\bss_file.c
+
 $(INC_D)\stack.h: $(SRC_D)\crypto\stack\stack.h
 	$(CP) $(SRC_D)\crypto\stack\stack.h $(INC_D)\stack.h
 
@@ -469,11 +546,14 @@ $(INC_D)\ssl3.h: $(SRC_D)\ssl\ssl3.h
 $(INC_D)\ssl23.h: $(SRC_D)\ssl\ssl23.h
 	$(CP) $(SRC_D)\ssl\ssl23.h $(INC_D)\ssl23.h
 
-$(OBJ_D)\md2test.obj: $(SRC_D)\crypto\md\md2test.c
-	$(CC) /Fo$(OBJ_D)\md2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\md\md2test.c
+$(INC_D)\tls1.h: $(SRC_D)\ssl\tls1.h
+	$(CP) $(SRC_D)\ssl\tls1.h $(INC_D)\tls1.h
+
+$(OBJ_D)\md2test.obj: $(SRC_D)\crypto\md2\md2test.c
+	$(CC) /Fo$(OBJ_D)\md2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\md2\md2test.c
 
-$(OBJ_D)\md5test.obj: $(SRC_D)\crypto\md\md5test.c
-	$(CC) /Fo$(OBJ_D)\md5test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\md\md5test.c
+$(OBJ_D)\md5test.obj: $(SRC_D)\crypto\md5\md5test.c
+	$(CC) /Fo$(OBJ_D)\md5test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\md5\md5test.c
 
 $(OBJ_D)\shatest.obj: $(SRC_D)\crypto\sha\shatest.c
 	$(CC) /Fo$(OBJ_D)\shatest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\sha\shatest.c
@@ -484,14 +564,23 @@ $(OBJ_D)\sha1test.obj: $(SRC_D)\crypto\sha\sha1test.c
 $(OBJ_D)\mdc2test.obj: $(SRC_D)\crypto\mdc2\mdc2test.c
 	$(CC) /Fo$(OBJ_D)\mdc2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2test.c
 
+$(OBJ_D)\hmactest.obj: $(SRC_D)\crypto\hmac\hmactest.c
+	$(CC) /Fo$(OBJ_D)\hmactest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\hmac\hmactest.c
+
+$(OBJ_D)\rmdtest.obj: $(SRC_D)\crypto\ripemd\rmdtest.c
+	$(CC) /Fo$(OBJ_D)\rmdtest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\ripemd\rmdtest.c
+
 $(OBJ_D)\destest.obj: $(SRC_D)\crypto\des\destest.c
 	$(CC) /Fo$(OBJ_D)\destest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\des\destest.c
 
+$(OBJ_D)\rc2test.obj: $(SRC_D)\crypto\rc2\rc2test.c
+	$(CC) /Fo$(OBJ_D)\rc2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2test.c
+
 $(OBJ_D)\rc4test.obj: $(SRC_D)\crypto\rc4\rc4test.c
 	$(CC) /Fo$(OBJ_D)\rc4test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\rc4\rc4test.c
 
-$(OBJ_D)\rc2test.obj: $(SRC_D)\crypto\rc2\rc2test.c
-	$(CC) /Fo$(OBJ_D)\rc2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2test.c
+$(OBJ_D)\rc5test.obj: $(SRC_D)\crypto\rc5\rc5test.c
+	$(CC) /Fo$(OBJ_D)\rc5test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\rc5\rc5test.c
 
 $(OBJ_D)\ideatest.obj: $(SRC_D)\crypto\idea\ideatest.c
 	$(CC) /Fo$(OBJ_D)\ideatest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\idea\ideatest.c
@@ -499,6 +588,9 @@ $(OBJ_D)\ideatest.obj: $(SRC_D)\crypto\idea\ideatest.c
 $(OBJ_D)\bftest.obj: $(SRC_D)\crypto\bf\bftest.c
 	$(CC) /Fo$(OBJ_D)\bftest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\bf\bftest.c
 
+$(OBJ_D)\casttest.obj: $(SRC_D)\crypto\cast\casttest.c
+	$(CC) /Fo$(OBJ_D)\casttest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\cast\casttest.c
+
 $(OBJ_D)\bntest.obj: $(SRC_D)\crypto\bn\bntest.c
 	$(CC) /Fo$(OBJ_D)\bntest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\bn\bntest.c
 
@@ -544,9 +636,6 @@ $(OBJ_D)\errstr.obj: $(SRC_D)\apps\errstr.c
 $(OBJ_D)\ca.obj: $(SRC_D)\apps\ca.c
 	$(CC) /Fo$(OBJ_D)\ca.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\ca.c
 
-$(OBJ_D)\gendsa.obj: $(SRC_D)\apps\gendsa.c
-	$(CC) /Fo$(OBJ_D)\gendsa.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\gendsa.c
-
 $(OBJ_D)\pkcs7.obj: $(SRC_D)\apps\pkcs7.c
 	$(CC) /Fo$(OBJ_D)\pkcs7.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\pkcs7.c
 
@@ -604,920 +693,1043 @@ $(OBJ_D)\ciphers.obj: $(SRC_D)\apps\ciphers.c
 $(OBJ_D)\ssleay.obj: $(SRC_D)\apps\ssleay.c
 	$(CC) /Fo$(OBJ_D)\ssleay.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\ssleay.c
 
-crypto\bn\asm\x86nt32.obj: crypto\bn\asm\x86nt32.asm
-	$(ASM) /Focrypto\bn\asm\x86nt32.obj $(SRC_D)\crypto\bn\asm\x86nt32.asm
+crypto\bn\asm\bn-win32.obj: crypto\bn\asm\bn-win32.asm
+	$(ASM) /Focrypto\bn\asm\bn-win32.obj $(SRC_D)\crypto\bn\asm\bn-win32.asm
 
 crypto\des\asm\d-win32.obj: crypto\des\asm\d-win32.asm
 	$(ASM) /Focrypto\des\asm\d-win32.obj $(SRC_D)\crypto\des\asm\d-win32.asm
 
-crypto\des\asm\c-win32.obj: crypto\des\asm\c-win32.asm
-	$(ASM) /Focrypto\des\asm\c-win32.obj $(SRC_D)\crypto\des\asm\c-win32.asm
+crypto\des\asm\y-win32.obj: crypto\des\asm\y-win32.asm
+	$(ASM) /Focrypto\des\asm\y-win32.obj $(SRC_D)\crypto\des\asm\y-win32.asm
 
 crypto\bf\asm\b-win32.obj: crypto\bf\asm\b-win32.asm
 	$(ASM) /Focrypto\bf\asm\b-win32.obj $(SRC_D)\crypto\bf\asm\b-win32.asm
 
+crypto\cast\asm\c-win32.obj: crypto\cast\asm\c-win32.asm
+	$(ASM) /Focrypto\cast\asm\c-win32.obj $(SRC_D)\crypto\cast\asm\c-win32.asm
+
+crypto\rc4\asm\r4-win32.obj: crypto\rc4\asm\r4-win32.asm
+	$(ASM) /Focrypto\rc4\asm\r4-win32.obj $(SRC_D)\crypto\rc4\asm\r4-win32.asm
+
+crypto\rc5\asm\r5-win32.obj: crypto\rc5\asm\r5-win32.asm
+	$(ASM) /Focrypto\rc5\asm\r5-win32.obj $(SRC_D)\crypto\rc5\asm\r5-win32.asm
+
+crypto\md5\asm\m5-win32.obj: crypto\md5\asm\m5-win32.asm
+	$(ASM) /Focrypto\md5\asm\m5-win32.obj $(SRC_D)\crypto\md5\asm\m5-win32.asm
+
+crypto\sha\asm\s1-win32.obj: crypto\sha\asm\s1-win32.asm
+	$(ASM) /Focrypto\sha\asm\s1-win32.obj $(SRC_D)\crypto\sha\asm\s1-win32.asm
+
+crypto\ripemd\asm\rm-win32.obj: crypto\ripemd\asm\rm-win32.asm
+	$(ASM) /Focrypto\ripemd\asm\rm-win32.obj $(SRC_D)\crypto\ripemd\asm\rm-win32.asm
+
 $(OBJ_D)\cryptlib.obj: $(SRC_D)\crypto\cryptlib.c
-	$(CC) /Fo$(OBJ_D)\cryptlib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\cryptlib.c
+	$(CC) /Fo$(OBJ_D)\cryptlib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cryptlib.c
 
 $(OBJ_D)\mem.obj: $(SRC_D)\crypto\mem.c
-	$(CC) /Fo$(OBJ_D)\mem.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\mem.c
+	$(CC) /Fo$(OBJ_D)\mem.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\mem.c
 
 $(OBJ_D)\cversion.obj: $(SRC_D)\crypto\cversion.c
-	$(CC) /Fo$(OBJ_D)\cversion.obj $(LIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -c $(SRC_D)\crypto\cversion.c
+	$(CC) /Fo$(OBJ_D)\cversion.obj  $(SHLIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -c $(SRC_D)\crypto\cversion.c
 
-$(OBJ_D)\md2_dgst.obj: $(SRC_D)\crypto\md\md2_dgst.c
-	$(CC) /Fo$(OBJ_D)\md2_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md2_dgst.c
+$(OBJ_D)\ex_data.obj: $(SRC_D)\crypto\ex_data.c
+	$(CC) /Fo$(OBJ_D)\ex_data.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\ex_data.c
 
-$(OBJ_D)\md5_dgst.obj: $(SRC_D)\crypto\md\md5_dgst.c
-	$(CC) /Fo$(OBJ_D)\md5_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md5_dgst.c
+$(OBJ_D)\cpt_err.obj: $(SRC_D)\crypto\cpt_err.c
+	$(CC) /Fo$(OBJ_D)\cpt_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cpt_err.c
 
-$(OBJ_D)\md2_one.obj: $(SRC_D)\crypto\md\md2_one.c
-	$(CC) /Fo$(OBJ_D)\md2_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md2_one.c
+$(OBJ_D)\md2_dgst.obj: $(SRC_D)\crypto\md2\md2_dgst.c
+	$(CC) /Fo$(OBJ_D)\md2_dgst.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\md2\md2_dgst.c
 
-$(OBJ_D)\md5_one.obj: $(SRC_D)\crypto\md\md5_one.c
-	$(CC) /Fo$(OBJ_D)\md5_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md5_one.c
+$(OBJ_D)\md2_one.obj: $(SRC_D)\crypto\md2\md2_one.c
+	$(CC) /Fo$(OBJ_D)\md2_one.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\md2\md2_one.c
+
+$(OBJ_D)\md5_dgst.obj: $(SRC_D)\crypto\md5\md5_dgst.c
+	$(CC) /Fo$(OBJ_D)\md5_dgst.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\md5\md5_dgst.c
+
+$(OBJ_D)\md5_one.obj: $(SRC_D)\crypto\md5\md5_one.c
+	$(CC) /Fo$(OBJ_D)\md5_one.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\md5\md5_one.c
 
 $(OBJ_D)\sha_dgst.obj: $(SRC_D)\crypto\sha\sha_dgst.c
-	$(CC) /Fo$(OBJ_D)\sha_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha_dgst.c
+	$(CC) /Fo$(OBJ_D)\sha_dgst.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha_dgst.c
 
 $(OBJ_D)\sha1dgst.obj: $(SRC_D)\crypto\sha\sha1dgst.c
-	$(CC) /Fo$(OBJ_D)\sha1dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha1dgst.c
+	$(CC) /Fo$(OBJ_D)\sha1dgst.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha1dgst.c
 
 $(OBJ_D)\sha_one.obj: $(SRC_D)\crypto\sha\sha_one.c
-	$(CC) /Fo$(OBJ_D)\sha_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha_one.c
+	$(CC) /Fo$(OBJ_D)\sha_one.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha_one.c
 
 $(OBJ_D)\sha1_one.obj: $(SRC_D)\crypto\sha\sha1_one.c
-	$(CC) /Fo$(OBJ_D)\sha1_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha1_one.c
+	$(CC) /Fo$(OBJ_D)\sha1_one.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha1_one.c
 
 $(OBJ_D)\mdc2dgst.obj: $(SRC_D)\crypto\mdc2\mdc2dgst.c
-	$(CC) /Fo$(OBJ_D)\mdc2dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2dgst.c
+	$(CC) /Fo$(OBJ_D)\mdc2dgst.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2dgst.c
 
 $(OBJ_D)\mdc2_one.obj: $(SRC_D)\crypto\mdc2\mdc2_one.c
-	$(CC) /Fo$(OBJ_D)\mdc2_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2_one.c
+	$(CC) /Fo$(OBJ_D)\mdc2_one.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2_one.c
+
+$(OBJ_D)\hmac.obj: $(SRC_D)\crypto\hmac\hmac.c
+	$(CC) /Fo$(OBJ_D)\hmac.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\hmac\hmac.c
+
+$(OBJ_D)\rmd_dgst.obj: $(SRC_D)\crypto\ripemd\rmd_dgst.c
+	$(CC) /Fo$(OBJ_D)\rmd_dgst.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\ripemd\rmd_dgst.c
+
+$(OBJ_D)\rmd_one.obj: $(SRC_D)\crypto\ripemd\rmd_one.c
+	$(CC) /Fo$(OBJ_D)\rmd_one.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\ripemd\rmd_one.c
 
 $(OBJ_D)\set_key.obj: $(SRC_D)\crypto\des\set_key.c
-	$(CC) /Fo$(OBJ_D)\set_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\set_key.c
+	$(CC) /Fo$(OBJ_D)\set_key.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\set_key.c
 
 $(OBJ_D)\ecb_enc.obj: $(SRC_D)\crypto\des\ecb_enc.c
-	$(CC) /Fo$(OBJ_D)\ecb_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ecb_enc.c
-
-$(OBJ_D)\ede_enc.obj: $(SRC_D)\crypto\des\ede_enc.c
-	$(CC) /Fo$(OBJ_D)\ede_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ede_enc.c
+	$(CC) /Fo$(OBJ_D)\ecb_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\ecb_enc.c
 
 $(OBJ_D)\cbc_enc.obj: $(SRC_D)\crypto\des\cbc_enc.c
-	$(CC) /Fo$(OBJ_D)\cbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc_enc.c
-
-$(OBJ_D)\cbc3_enc.obj: $(SRC_D)\crypto\des\cbc3_enc.c
-	$(CC) /Fo$(OBJ_D)\cbc3_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc3_enc.c
+	$(CC) /Fo$(OBJ_D)\cbc_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc_enc.c
 
 $(OBJ_D)\ecb3_enc.obj: $(SRC_D)\crypto\des\ecb3_enc.c
-	$(CC) /Fo$(OBJ_D)\ecb3_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ecb3_enc.c
+	$(CC) /Fo$(OBJ_D)\ecb3_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\ecb3_enc.c
 
 $(OBJ_D)\cfb64enc.obj: $(SRC_D)\crypto\des\cfb64enc.c
-	$(CC) /Fo$(OBJ_D)\cfb64enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb64enc.c
+	$(CC) /Fo$(OBJ_D)\cfb64enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb64enc.c
 
 $(OBJ_D)\cfb64ede.obj: $(SRC_D)\crypto\des\cfb64ede.c
-	$(CC) /Fo$(OBJ_D)\cfb64ede.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb64ede.c
+	$(CC) /Fo$(OBJ_D)\cfb64ede.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb64ede.c
 
 $(OBJ_D)\cfb_enc.obj: $(SRC_D)\crypto\des\cfb_enc.c
-	$(CC) /Fo$(OBJ_D)\cfb_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb_enc.c
+	$(CC) /Fo$(OBJ_D)\cfb_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb_enc.c
 
 $(OBJ_D)\ofb64ede.obj: $(SRC_D)\crypto\des\ofb64ede.c
-	$(CC) /Fo$(OBJ_D)\ofb64ede.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb64ede.c
+	$(CC) /Fo$(OBJ_D)\ofb64ede.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb64ede.c
 
 $(OBJ_D)\enc_read.obj: $(SRC_D)\crypto\des\enc_read.c
-	$(CC) /Fo$(OBJ_D)\enc_read.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\enc_read.c
+	$(CC) /Fo$(OBJ_D)\enc_read.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\enc_read.c
 
 $(OBJ_D)\enc_writ.obj: $(SRC_D)\crypto\des\enc_writ.c
-	$(CC) /Fo$(OBJ_D)\enc_writ.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\enc_writ.c
-
-$(OBJ_D)\ncbc_enc.obj: $(SRC_D)\crypto\des\ncbc_enc.c
-	$(CC) /Fo$(OBJ_D)\ncbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ncbc_enc.c
+	$(CC) /Fo$(OBJ_D)\enc_writ.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\enc_writ.c
 
 $(OBJ_D)\ofb64enc.obj: $(SRC_D)\crypto\des\ofb64enc.c
-	$(CC) /Fo$(OBJ_D)\ofb64enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb64enc.c
+	$(CC) /Fo$(OBJ_D)\ofb64enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb64enc.c
 
 $(OBJ_D)\ofb_enc.obj: $(SRC_D)\crypto\des\ofb_enc.c
-	$(CC) /Fo$(OBJ_D)\ofb_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb_enc.c
+	$(CC) /Fo$(OBJ_D)\ofb_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb_enc.c
 
 $(OBJ_D)\str2key.obj: $(SRC_D)\crypto\des\str2key.c
-	$(CC) /Fo$(OBJ_D)\str2key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\str2key.c
+	$(CC) /Fo$(OBJ_D)\str2key.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\str2key.c
 
 $(OBJ_D)\pcbc_enc.obj: $(SRC_D)\crypto\des\pcbc_enc.c
-	$(CC) /Fo$(OBJ_D)\pcbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\pcbc_enc.c
+	$(CC) /Fo$(OBJ_D)\pcbc_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\pcbc_enc.c
 
 $(OBJ_D)\qud_cksm.obj: $(SRC_D)\crypto\des\qud_cksm.c
-	$(CC) /Fo$(OBJ_D)\qud_cksm.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\qud_cksm.c
+	$(CC) /Fo$(OBJ_D)\qud_cksm.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\qud_cksm.c
 
 $(OBJ_D)\rand_key.obj: $(SRC_D)\crypto\des\rand_key.c
-	$(CC) /Fo$(OBJ_D)\rand_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\rand_key.c
+	$(CC) /Fo$(OBJ_D)\rand_key.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\rand_key.c
 
 $(OBJ_D)\des_enc.obj: $(SRC_D)\crypto\des\des_enc.c
-	$(CC) /Fo$(OBJ_D)\des_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\des_enc.c
+	$(CC) /Fo$(OBJ_D)\des_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\des_enc.c
 
 $(OBJ_D)\fcrypt_b.obj: $(SRC_D)\crypto\des\fcrypt_b.c
-	$(CC) /Fo$(OBJ_D)\fcrypt_b.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\fcrypt_b.c
+	$(CC) /Fo$(OBJ_D)\fcrypt_b.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\fcrypt_b.c
 
 $(OBJ_D)\read2pwd.obj: $(SRC_D)\crypto\des\read2pwd.c
-	$(CC) /Fo$(OBJ_D)\read2pwd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\read2pwd.c
+	$(CC) /Fo$(OBJ_D)\read2pwd.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\read2pwd.c
 
 $(OBJ_D)\fcrypt.obj: $(SRC_D)\crypto\des\fcrypt.c
-	$(CC) /Fo$(OBJ_D)\fcrypt.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\fcrypt.c
+	$(CC) /Fo$(OBJ_D)\fcrypt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\fcrypt.c
 
 $(OBJ_D)\xcbc_enc.obj: $(SRC_D)\crypto\des\xcbc_enc.c
-	$(CC) /Fo$(OBJ_D)\xcbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\xcbc_enc.c
+	$(CC) /Fo$(OBJ_D)\xcbc_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\xcbc_enc.c
 
 $(OBJ_D)\read_pwd.obj: $(SRC_D)\crypto\des\read_pwd.c
-	$(CC) /Fo$(OBJ_D)\read_pwd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\read_pwd.c
+	$(CC) /Fo$(OBJ_D)\read_pwd.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\read_pwd.c
 
 $(OBJ_D)\rpc_enc.obj: $(SRC_D)\crypto\des\rpc_enc.c
-	$(CC) /Fo$(OBJ_D)\rpc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\rpc_enc.c
+	$(CC) /Fo$(OBJ_D)\rpc_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\rpc_enc.c
 
 $(OBJ_D)\cbc_cksm.obj: $(SRC_D)\crypto\des\cbc_cksm.c
-	$(CC) /Fo$(OBJ_D)\cbc_cksm.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc_cksm.c
+	$(CC) /Fo$(OBJ_D)\cbc_cksm.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc_cksm.c
 
 $(OBJ_D)\supp.obj: $(SRC_D)\crypto\des\supp.c
-	$(CC) /Fo$(OBJ_D)\supp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\supp.c
-
-$(OBJ_D)\rc4_enc.obj: $(SRC_D)\crypto\rc4\rc4_enc.c
-	$(CC) /Fo$(OBJ_D)\rc4_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc4\rc4_enc.c
+	$(CC) /Fo$(OBJ_D)\supp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\supp.c
 
 $(OBJ_D)\rc2_ecb.obj: $(SRC_D)\crypto\rc2\rc2_ecb.c
-	$(CC) /Fo$(OBJ_D)\rc2_ecb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_ecb.c
+	$(CC) /Fo$(OBJ_D)\rc2_ecb.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_ecb.c
 
 $(OBJ_D)\rc2_skey.obj: $(SRC_D)\crypto\rc2\rc2_skey.c
-	$(CC) /Fo$(OBJ_D)\rc2_skey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_skey.c
+	$(CC) /Fo$(OBJ_D)\rc2_skey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_skey.c
 
 $(OBJ_D)\rc2_cbc.obj: $(SRC_D)\crypto\rc2\rc2_cbc.c
-	$(CC) /Fo$(OBJ_D)\rc2_cbc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_cbc.c
+	$(CC) /Fo$(OBJ_D)\rc2_cbc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_cbc.c
 
 $(OBJ_D)\rc2cfb64.obj: $(SRC_D)\crypto\rc2\rc2cfb64.c
-	$(CC) /Fo$(OBJ_D)\rc2cfb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2cfb64.c
+	$(CC) /Fo$(OBJ_D)\rc2cfb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2cfb64.c
 
 $(OBJ_D)\rc2ofb64.obj: $(SRC_D)\crypto\rc2\rc2ofb64.c
-	$(CC) /Fo$(OBJ_D)\rc2ofb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2ofb64.c
+	$(CC) /Fo$(OBJ_D)\rc2ofb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2ofb64.c
+
+$(OBJ_D)\rc4_skey.obj: $(SRC_D)\crypto\rc4\rc4_skey.c
+	$(CC) /Fo$(OBJ_D)\rc4_skey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc4\rc4_skey.c
+
+$(OBJ_D)\rc4_enc.obj: $(SRC_D)\crypto\rc4\rc4_enc.c
+	$(CC) /Fo$(OBJ_D)\rc4_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc4\rc4_enc.c
+
+$(OBJ_D)\rc5_skey.obj: $(SRC_D)\crypto\rc5\rc5_skey.c
+	$(CC) /Fo$(OBJ_D)\rc5_skey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc5\rc5_skey.c
+
+$(OBJ_D)\rc5_ecb.obj: $(SRC_D)\crypto\rc5\rc5_ecb.c
+	$(CC) /Fo$(OBJ_D)\rc5_ecb.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc5\rc5_ecb.c
+
+$(OBJ_D)\rc5_enc.obj: $(SRC_D)\crypto\rc5\rc5_enc.c
+	$(CC) /Fo$(OBJ_D)\rc5_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc5\rc5_enc.c
+
+$(OBJ_D)\rc5cfb64.obj: $(SRC_D)\crypto\rc5\rc5cfb64.c
+	$(CC) /Fo$(OBJ_D)\rc5cfb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc5\rc5cfb64.c
+
+$(OBJ_D)\rc5ofb64.obj: $(SRC_D)\crypto\rc5\rc5ofb64.c
+	$(CC) /Fo$(OBJ_D)\rc5ofb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc5\rc5ofb64.c
 
 $(OBJ_D)\i_cbc.obj: $(SRC_D)\crypto\idea\i_cbc.c
-	$(CC) /Fo$(OBJ_D)\i_cbc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_cbc.c
+	$(CC) /Fo$(OBJ_D)\i_cbc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_cbc.c
 
 $(OBJ_D)\i_cfb64.obj: $(SRC_D)\crypto\idea\i_cfb64.c
-	$(CC) /Fo$(OBJ_D)\i_cfb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_cfb64.c
+	$(CC) /Fo$(OBJ_D)\i_cfb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_cfb64.c
 
 $(OBJ_D)\i_ofb64.obj: $(SRC_D)\crypto\idea\i_ofb64.c
-	$(CC) /Fo$(OBJ_D)\i_ofb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_ofb64.c
+	$(CC) /Fo$(OBJ_D)\i_ofb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_ofb64.c
 
 $(OBJ_D)\i_ecb.obj: $(SRC_D)\crypto\idea\i_ecb.c
-	$(CC) /Fo$(OBJ_D)\i_ecb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_ecb.c
+	$(CC) /Fo$(OBJ_D)\i_ecb.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_ecb.c
 
 $(OBJ_D)\i_skey.obj: $(SRC_D)\crypto\idea\i_skey.c
-	$(CC) /Fo$(OBJ_D)\i_skey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_skey.c
+	$(CC) /Fo$(OBJ_D)\i_skey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_skey.c
 
 $(OBJ_D)\bf_skey.obj: $(SRC_D)\crypto\bf\bf_skey.c
-	$(CC) /Fo$(OBJ_D)\bf_skey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_skey.c
+	$(CC) /Fo$(OBJ_D)\bf_skey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_skey.c
 
 $(OBJ_D)\bf_ecb.obj: $(SRC_D)\crypto\bf\bf_ecb.c
-	$(CC) /Fo$(OBJ_D)\bf_ecb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_ecb.c
+	$(CC) /Fo$(OBJ_D)\bf_ecb.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_ecb.c
 
 $(OBJ_D)\bf_enc.obj: $(SRC_D)\crypto\bf\bf_enc.c
-	$(CC) /Fo$(OBJ_D)\bf_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_enc.c
-
-$(OBJ_D)\bf_cbc.obj: $(SRC_D)\crypto\bf\bf_cbc.c
-	$(CC) /Fo$(OBJ_D)\bf_cbc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_cbc.c
+	$(CC) /Fo$(OBJ_D)\bf_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_enc.c
 
 $(OBJ_D)\bf_cfb64.obj: $(SRC_D)\crypto\bf\bf_cfb64.c
-	$(CC) /Fo$(OBJ_D)\bf_cfb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_cfb64.c
+	$(CC) /Fo$(OBJ_D)\bf_cfb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_cfb64.c
 
 $(OBJ_D)\bf_ofb64.obj: $(SRC_D)\crypto\bf\bf_ofb64.c
-	$(CC) /Fo$(OBJ_D)\bf_ofb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_ofb64.c
+	$(CC) /Fo$(OBJ_D)\bf_ofb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_ofb64.c
+
+$(OBJ_D)\c_skey.obj: $(SRC_D)\crypto\cast\c_skey.c
+	$(CC) /Fo$(OBJ_D)\c_skey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cast\c_skey.c
+
+$(OBJ_D)\c_ecb.obj: $(SRC_D)\crypto\cast\c_ecb.c
+	$(CC) /Fo$(OBJ_D)\c_ecb.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cast\c_ecb.c
+
+$(OBJ_D)\c_enc.obj: $(SRC_D)\crypto\cast\c_enc.c
+	$(CC) /Fo$(OBJ_D)\c_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cast\c_enc.c
+
+$(OBJ_D)\c_cfb64.obj: $(SRC_D)\crypto\cast\c_cfb64.c
+	$(CC) /Fo$(OBJ_D)\c_cfb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cast\c_cfb64.c
+
+$(OBJ_D)\c_ofb64.obj: $(SRC_D)\crypto\cast\c_ofb64.c
+	$(CC) /Fo$(OBJ_D)\c_ofb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cast\c_ofb64.c
 
 $(OBJ_D)\bn_add.obj: $(SRC_D)\crypto\bn\bn_add.c
-	$(CC) /Fo$(OBJ_D)\bn_add.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_add.c
+	$(CC) /Fo$(OBJ_D)\bn_add.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_add.c
 
 $(OBJ_D)\bn_div.obj: $(SRC_D)\crypto\bn\bn_div.c
-	$(CC) /Fo$(OBJ_D)\bn_div.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_div.c
+	$(CC) /Fo$(OBJ_D)\bn_div.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_div.c
 
 $(OBJ_D)\bn_exp.obj: $(SRC_D)\crypto\bn\bn_exp.c
-	$(CC) /Fo$(OBJ_D)\bn_exp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_exp.c
+	$(CC) /Fo$(OBJ_D)\bn_exp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_exp.c
 
 $(OBJ_D)\bn_lib.obj: $(SRC_D)\crypto\bn\bn_lib.c
-	$(CC) /Fo$(OBJ_D)\bn_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_lib.c
+	$(CC) /Fo$(OBJ_D)\bn_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_lib.c
 
 $(OBJ_D)\bn_mod.obj: $(SRC_D)\crypto\bn\bn_mod.c
-	$(CC) /Fo$(OBJ_D)\bn_mod.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mod.c
+	$(CC) /Fo$(OBJ_D)\bn_mod.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mod.c
 
 $(OBJ_D)\bn_mul.obj: $(SRC_D)\crypto\bn\bn_mul.c
-	$(CC) /Fo$(OBJ_D)\bn_mul.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mul.c
+	$(CC) /Fo$(OBJ_D)\bn_mul.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mul.c
 
 $(OBJ_D)\bn_print.obj: $(SRC_D)\crypto\bn\bn_print.c
-	$(CC) /Fo$(OBJ_D)\bn_print.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_print.c
+	$(CC) /Fo$(OBJ_D)\bn_print.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_print.c
 
 $(OBJ_D)\bn_rand.obj: $(SRC_D)\crypto\bn\bn_rand.c
-	$(CC) /Fo$(OBJ_D)\bn_rand.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_rand.c
+	$(CC) /Fo$(OBJ_D)\bn_rand.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_rand.c
 
 $(OBJ_D)\bn_shift.obj: $(SRC_D)\crypto\bn\bn_shift.c
-	$(CC) /Fo$(OBJ_D)\bn_shift.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_shift.c
+	$(CC) /Fo$(OBJ_D)\bn_shift.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_shift.c
 
 $(OBJ_D)\bn_sub.obj: $(SRC_D)\crypto\bn\bn_sub.c
-	$(CC) /Fo$(OBJ_D)\bn_sub.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sub.c
+	$(CC) /Fo$(OBJ_D)\bn_sub.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sub.c
 
 $(OBJ_D)\bn_word.obj: $(SRC_D)\crypto\bn\bn_word.c
-	$(CC) /Fo$(OBJ_D)\bn_word.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_word.c
+	$(CC) /Fo$(OBJ_D)\bn_word.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_word.c
+
+$(OBJ_D)\bn_blind.obj: $(SRC_D)\crypto\bn\bn_blind.c
+	$(CC) /Fo$(OBJ_D)\bn_blind.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_blind.c
 
 $(OBJ_D)\bn_gcd.obj: $(SRC_D)\crypto\bn\bn_gcd.c
-	$(CC) /Fo$(OBJ_D)\bn_gcd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_gcd.c
+	$(CC) /Fo$(OBJ_D)\bn_gcd.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_gcd.c
 
 $(OBJ_D)\bn_prime.obj: $(SRC_D)\crypto\bn\bn_prime.c
-	$(CC) /Fo$(OBJ_D)\bn_prime.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_prime.c
+	$(CC) /Fo$(OBJ_D)\bn_prime.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_prime.c
 
 $(OBJ_D)\bn_err.obj: $(SRC_D)\crypto\bn\bn_err.c
-	$(CC) /Fo$(OBJ_D)\bn_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_err.c
+	$(CC) /Fo$(OBJ_D)\bn_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_err.c
 
 $(OBJ_D)\bn_sqr.obj: $(SRC_D)\crypto\bn\bn_sqr.c
-	$(CC) /Fo$(OBJ_D)\bn_sqr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sqr.c
+	$(CC) /Fo$(OBJ_D)\bn_sqr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sqr.c
 
 $(OBJ_D)\bn_mulw.obj: $(SRC_D)\crypto\bn\bn_mulw.c
-	$(CC) /Fo$(OBJ_D)\bn_mulw.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mulw.c
+	$(CC) /Fo$(OBJ_D)\bn_mulw.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mulw.c
 
 $(OBJ_D)\bn_recp.obj: $(SRC_D)\crypto\bn\bn_recp.c
-	$(CC) /Fo$(OBJ_D)\bn_recp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_recp.c
+	$(CC) /Fo$(OBJ_D)\bn_recp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_recp.c
 
 $(OBJ_D)\bn_mont.obj: $(SRC_D)\crypto\bn\bn_mont.c
-	$(CC) /Fo$(OBJ_D)\bn_mont.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mont.c
+	$(CC) /Fo$(OBJ_D)\bn_mont.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mont.c
 
-$(OBJ_D)\rsa_enc.obj: $(SRC_D)\crypto\rsa\rsa_enc.c
-	$(CC) /Fo$(OBJ_D)\rsa_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_enc.c
+$(OBJ_D)\bn_mpi.obj: $(SRC_D)\crypto\bn\bn_mpi.c
+	$(CC) /Fo$(OBJ_D)\bn_mpi.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mpi.c
+
+$(OBJ_D)\rsa_eay.obj: $(SRC_D)\crypto\rsa\rsa_eay.c
+	$(CC) /Fo$(OBJ_D)\rsa_eay.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_eay.c
 
 $(OBJ_D)\rsa_gen.obj: $(SRC_D)\crypto\rsa\rsa_gen.c
-	$(CC) /Fo$(OBJ_D)\rsa_gen.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_gen.c
+	$(CC) /Fo$(OBJ_D)\rsa_gen.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_gen.c
 
 $(OBJ_D)\rsa_lib.obj: $(SRC_D)\crypto\rsa\rsa_lib.c
-	$(CC) /Fo$(OBJ_D)\rsa_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_lib.c
+	$(CC) /Fo$(OBJ_D)\rsa_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_lib.c
 
 $(OBJ_D)\rsa_sign.obj: $(SRC_D)\crypto\rsa\rsa_sign.c
-	$(CC) /Fo$(OBJ_D)\rsa_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_sign.c
+	$(CC) /Fo$(OBJ_D)\rsa_sign.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_sign.c
 
 $(OBJ_D)\rsa_saos.obj: $(SRC_D)\crypto\rsa\rsa_saos.c
-	$(CC) /Fo$(OBJ_D)\rsa_saos.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_saos.c
+	$(CC) /Fo$(OBJ_D)\rsa_saos.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_saos.c
 
 $(OBJ_D)\rsa_err.obj: $(SRC_D)\crypto\rsa\rsa_err.c
-	$(CC) /Fo$(OBJ_D)\rsa_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_err.c
+	$(CC) /Fo$(OBJ_D)\rsa_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_err.c
+
+$(OBJ_D)\rsa_pk1.obj: $(SRC_D)\crypto\rsa\rsa_pk1.c
+	$(CC) /Fo$(OBJ_D)\rsa_pk1.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_pk1.c
+
+$(OBJ_D)\rsa_ssl.obj: $(SRC_D)\crypto\rsa\rsa_ssl.c
+	$(CC) /Fo$(OBJ_D)\rsa_ssl.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_ssl.c
+
+$(OBJ_D)\rsa_none.obj: $(SRC_D)\crypto\rsa\rsa_none.c
+	$(CC) /Fo$(OBJ_D)\rsa_none.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_none.c
 
 $(OBJ_D)\dsa_gen.obj: $(SRC_D)\crypto\dsa\dsa_gen.c
-	$(CC) /Fo$(OBJ_D)\dsa_gen.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_gen.c
+	$(CC) /Fo$(OBJ_D)\dsa_gen.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_gen.c
 
 $(OBJ_D)\dsa_key.obj: $(SRC_D)\crypto\dsa\dsa_key.c
-	$(CC) /Fo$(OBJ_D)\dsa_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_key.c
+	$(CC) /Fo$(OBJ_D)\dsa_key.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_key.c
 
 $(OBJ_D)\dsa_lib.obj: $(SRC_D)\crypto\dsa\dsa_lib.c
-	$(CC) /Fo$(OBJ_D)\dsa_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_lib.c
+	$(CC) /Fo$(OBJ_D)\dsa_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_lib.c
 
 $(OBJ_D)\dsa_vrf.obj: $(SRC_D)\crypto\dsa\dsa_vrf.c
-	$(CC) /Fo$(OBJ_D)\dsa_vrf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_vrf.c
+	$(CC) /Fo$(OBJ_D)\dsa_vrf.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_vrf.c
 
 $(OBJ_D)\dsa_sign.obj: $(SRC_D)\crypto\dsa\dsa_sign.c
-	$(CC) /Fo$(OBJ_D)\dsa_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_sign.c
+	$(CC) /Fo$(OBJ_D)\dsa_sign.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_sign.c
 
 $(OBJ_D)\dsa_err.obj: $(SRC_D)\crypto\dsa\dsa_err.c
-	$(CC) /Fo$(OBJ_D)\dsa_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_err.c
+	$(CC) /Fo$(OBJ_D)\dsa_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_err.c
 
 $(OBJ_D)\dh_gen.obj: $(SRC_D)\crypto\dh\dh_gen.c
-	$(CC) /Fo$(OBJ_D)\dh_gen.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_gen.c
+	$(CC) /Fo$(OBJ_D)\dh_gen.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_gen.c
 
 $(OBJ_D)\dh_key.obj: $(SRC_D)\crypto\dh\dh_key.c
-	$(CC) /Fo$(OBJ_D)\dh_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_key.c
+	$(CC) /Fo$(OBJ_D)\dh_key.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_key.c
 
 $(OBJ_D)\dh_lib.obj: $(SRC_D)\crypto\dh\dh_lib.c
-	$(CC) /Fo$(OBJ_D)\dh_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_lib.c
+	$(CC) /Fo$(OBJ_D)\dh_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_lib.c
 
 $(OBJ_D)\dh_check.obj: $(SRC_D)\crypto\dh\dh_check.c
-	$(CC) /Fo$(OBJ_D)\dh_check.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_check.c
+	$(CC) /Fo$(OBJ_D)\dh_check.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_check.c
 
 $(OBJ_D)\dh_err.obj: $(SRC_D)\crypto\dh\dh_err.c
-	$(CC) /Fo$(OBJ_D)\dh_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_err.c
+	$(CC) /Fo$(OBJ_D)\dh_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_err.c
 
 $(OBJ_D)\buffer.obj: $(SRC_D)\crypto\buffer\buffer.c
-	$(CC) /Fo$(OBJ_D)\buffer.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\buffer\buffer.c
+	$(CC) /Fo$(OBJ_D)\buffer.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\buffer\buffer.c
 
 $(OBJ_D)\buf_err.obj: $(SRC_D)\crypto\buffer\buf_err.c
-	$(CC) /Fo$(OBJ_D)\buf_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\buffer\buf_err.c
+	$(CC) /Fo$(OBJ_D)\buf_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\buffer\buf_err.c
 
 $(OBJ_D)\bio_lib.obj: $(SRC_D)\crypto\bio\bio_lib.c
-	$(CC) /Fo$(OBJ_D)\bio_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_lib.c
+	$(CC) /Fo$(OBJ_D)\bio_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_lib.c
 
 $(OBJ_D)\bio_cb.obj: $(SRC_D)\crypto\bio\bio_cb.c
-	$(CC) /Fo$(OBJ_D)\bio_cb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_cb.c
+	$(CC) /Fo$(OBJ_D)\bio_cb.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_cb.c
 
 $(OBJ_D)\bio_err.obj: $(SRC_D)\crypto\bio\bio_err.c
-	$(CC) /Fo$(OBJ_D)\bio_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_err.c
+	$(CC) /Fo$(OBJ_D)\bio_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_err.c
 
 $(OBJ_D)\bss_mem.obj: $(SRC_D)\crypto\bio\bss_mem.c
-	$(CC) /Fo$(OBJ_D)\bss_mem.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_mem.c
+	$(CC) /Fo$(OBJ_D)\bss_mem.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_mem.c
 
 $(OBJ_D)\bss_null.obj: $(SRC_D)\crypto\bio\bss_null.c
-	$(CC) /Fo$(OBJ_D)\bss_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_null.c
+	$(CC) /Fo$(OBJ_D)\bss_null.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_null.c
 
 $(OBJ_D)\bss_fd.obj: $(SRC_D)\crypto\bio\bss_fd.c
-	$(CC) /Fo$(OBJ_D)\bss_fd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_fd.c
+	$(CC) /Fo$(OBJ_D)\bss_fd.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_fd.c
 
 $(OBJ_D)\bss_file.obj: $(SRC_D)\crypto\bio\bss_file.c
-	$(CC) /Fo$(OBJ_D)\bss_file.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_file.c
+	$(CC) /Fo$(OBJ_D)\bss_file.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_file.c
 
 $(OBJ_D)\bss_sock.obj: $(SRC_D)\crypto\bio\bss_sock.c
-	$(CC) /Fo$(OBJ_D)\bss_sock.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_sock.c
+	$(CC) /Fo$(OBJ_D)\bss_sock.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_sock.c
 
 $(OBJ_D)\bss_conn.obj: $(SRC_D)\crypto\bio\bss_conn.c
-	$(CC) /Fo$(OBJ_D)\bss_conn.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_conn.c
+	$(CC) /Fo$(OBJ_D)\bss_conn.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_conn.c
 
 $(OBJ_D)\bf_null.obj: $(SRC_D)\crypto\bio\bf_null.c
-	$(CC) /Fo$(OBJ_D)\bf_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_null.c
+	$(CC) /Fo$(OBJ_D)\bf_null.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_null.c
 
 $(OBJ_D)\bf_buff.obj: $(SRC_D)\crypto\bio\bf_buff.c
-	$(CC) /Fo$(OBJ_D)\bf_buff.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_buff.c
+	$(CC) /Fo$(OBJ_D)\bf_buff.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_buff.c
 
 $(OBJ_D)\b_print.obj: $(SRC_D)\crypto\bio\b_print.c
-	$(CC) /Fo$(OBJ_D)\b_print.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_print.c
+	$(CC) /Fo$(OBJ_D)\b_print.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_print.c
 
 $(OBJ_D)\b_dump.obj: $(SRC_D)\crypto\bio\b_dump.c
-	$(CC) /Fo$(OBJ_D)\b_dump.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_dump.c
+	$(CC) /Fo$(OBJ_D)\b_dump.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_dump.c
 
 $(OBJ_D)\b_sock.obj: $(SRC_D)\crypto\bio\b_sock.c
-	$(CC) /Fo$(OBJ_D)\b_sock.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_sock.c
+	$(CC) /Fo$(OBJ_D)\b_sock.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_sock.c
 
 $(OBJ_D)\bss_acpt.obj: $(SRC_D)\crypto\bio\bss_acpt.c
-	$(CC) /Fo$(OBJ_D)\bss_acpt.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_acpt.c
+	$(CC) /Fo$(OBJ_D)\bss_acpt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_acpt.c
 
 $(OBJ_D)\bf_nbio.obj: $(SRC_D)\crypto\bio\bf_nbio.c
-	$(CC) /Fo$(OBJ_D)\bf_nbio.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_nbio.c
+	$(CC) /Fo$(OBJ_D)\bf_nbio.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_nbio.c
 
 $(OBJ_D)\stack.obj: $(SRC_D)\crypto\stack\stack.c
-	$(CC) /Fo$(OBJ_D)\stack.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\stack\stack.c
+	$(CC) /Fo$(OBJ_D)\stack.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\stack\stack.c
 
 $(OBJ_D)\lhash.obj: $(SRC_D)\crypto\lhash\lhash.c
-	$(CC) /Fo$(OBJ_D)\lhash.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\lhash\lhash.c
+	$(CC) /Fo$(OBJ_D)\lhash.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\lhash\lhash.c
 
 $(OBJ_D)\lh_stats.obj: $(SRC_D)\crypto\lhash\lh_stats.c
-	$(CC) /Fo$(OBJ_D)\lh_stats.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\lhash\lh_stats.c
+	$(CC) /Fo$(OBJ_D)\lh_stats.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\lhash\lh_stats.c
 
 $(OBJ_D)\md_rand.obj: $(SRC_D)\crypto\rand\md_rand.c
-	$(CC) /Fo$(OBJ_D)\md_rand.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rand\md_rand.c
+	$(CC) /Fo$(OBJ_D)\md_rand.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rand\md_rand.c
 
 $(OBJ_D)\randfile.obj: $(SRC_D)\crypto\rand\randfile.c
-	$(CC) /Fo$(OBJ_D)\randfile.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rand\randfile.c
+	$(CC) /Fo$(OBJ_D)\randfile.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rand\randfile.c
 
 $(OBJ_D)\err.obj: $(SRC_D)\crypto\err\err.c
-	$(CC) /Fo$(OBJ_D)\err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err.c
+	$(CC) /Fo$(OBJ_D)\err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\err\err.c
 
 $(OBJ_D)\err_all.obj: $(SRC_D)\crypto\err\err_all.c
-	$(CC) /Fo$(OBJ_D)\err_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err_all.c
+	$(CC) /Fo$(OBJ_D)\err_all.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\err\err_all.c
 
 $(OBJ_D)\err_prn.obj: $(SRC_D)\crypto\err\err_prn.c
-	$(CC) /Fo$(OBJ_D)\err_prn.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err_prn.c
+	$(CC) /Fo$(OBJ_D)\err_prn.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\err\err_prn.c
 
 $(OBJ_D)\obj_dat.obj: $(SRC_D)\crypto\objects\obj_dat.c
-	$(CC) /Fo$(OBJ_D)\obj_dat.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_dat.c
+	$(CC) /Fo$(OBJ_D)\obj_dat.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_dat.c
 
 $(OBJ_D)\obj_lib.obj: $(SRC_D)\crypto\objects\obj_lib.c
-	$(CC) /Fo$(OBJ_D)\obj_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_lib.c
+	$(CC) /Fo$(OBJ_D)\obj_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_lib.c
 
 $(OBJ_D)\obj_err.obj: $(SRC_D)\crypto\objects\obj_err.c
-	$(CC) /Fo$(OBJ_D)\obj_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_err.c
+	$(CC) /Fo$(OBJ_D)\obj_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_err.c
 
 $(OBJ_D)\encode.obj: $(SRC_D)\crypto\evp\encode.c
-	$(CC) /Fo$(OBJ_D)\encode.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\encode.c
+	$(CC) /Fo$(OBJ_D)\encode.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\encode.c
 
 $(OBJ_D)\digest.obj: $(SRC_D)\crypto\evp\digest.c
-	$(CC) /Fo$(OBJ_D)\digest.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\digest.c
+	$(CC) /Fo$(OBJ_D)\digest.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\digest.c
 
 $(OBJ_D)\evp_enc.obj: $(SRC_D)\crypto\evp\evp_enc.c
-	$(CC) /Fo$(OBJ_D)\evp_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_enc.c
+	$(CC) /Fo$(OBJ_D)\evp_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_enc.c
 
 $(OBJ_D)\evp_key.obj: $(SRC_D)\crypto\evp\evp_key.c
-	$(CC) /Fo$(OBJ_D)\evp_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_key.c
+	$(CC) /Fo$(OBJ_D)\evp_key.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_key.c
 
 $(OBJ_D)\e_ecb_d.obj: $(SRC_D)\crypto\evp\e_ecb_d.c
-	$(CC) /Fo$(OBJ_D)\e_ecb_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_d.c
+	$(CC) /Fo$(OBJ_D)\e_ecb_d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_d.c
 
 $(OBJ_D)\e_cbc_d.obj: $(SRC_D)\crypto\evp\e_cbc_d.c
-	$(CC) /Fo$(OBJ_D)\e_cbc_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_d.c
+	$(CC) /Fo$(OBJ_D)\e_cbc_d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_d.c
 
 $(OBJ_D)\e_cfb_d.obj: $(SRC_D)\crypto\evp\e_cfb_d.c
-	$(CC) /Fo$(OBJ_D)\e_cfb_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_d.c
+	$(CC) /Fo$(OBJ_D)\e_cfb_d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_d.c
 
 $(OBJ_D)\e_ofb_d.obj: $(SRC_D)\crypto\evp\e_ofb_d.c
-	$(CC) /Fo$(OBJ_D)\e_ofb_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_d.c
+	$(CC) /Fo$(OBJ_D)\e_ofb_d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_d.c
 
 $(OBJ_D)\e_ecb_i.obj: $(SRC_D)\crypto\evp\e_ecb_i.c
-	$(CC) /Fo$(OBJ_D)\e_ecb_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_i.c
+	$(CC) /Fo$(OBJ_D)\e_ecb_i.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_i.c
 
 $(OBJ_D)\e_cbc_i.obj: $(SRC_D)\crypto\evp\e_cbc_i.c
-	$(CC) /Fo$(OBJ_D)\e_cbc_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_i.c
+	$(CC) /Fo$(OBJ_D)\e_cbc_i.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_i.c
 
 $(OBJ_D)\e_cfb_i.obj: $(SRC_D)\crypto\evp\e_cfb_i.c
-	$(CC) /Fo$(OBJ_D)\e_cfb_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_i.c
+	$(CC) /Fo$(OBJ_D)\e_cfb_i.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_i.c
 
 $(OBJ_D)\e_ofb_i.obj: $(SRC_D)\crypto\evp\e_ofb_i.c
-	$(CC) /Fo$(OBJ_D)\e_ofb_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_i.c
+	$(CC) /Fo$(OBJ_D)\e_ofb_i.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_i.c
 
 $(OBJ_D)\e_ecb_3d.obj: $(SRC_D)\crypto\evp\e_ecb_3d.c
-	$(CC) /Fo$(OBJ_D)\e_ecb_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_3d.c
+	$(CC) /Fo$(OBJ_D)\e_ecb_3d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_3d.c
 
 $(OBJ_D)\e_cbc_3d.obj: $(SRC_D)\crypto\evp\e_cbc_3d.c
-	$(CC) /Fo$(OBJ_D)\e_cbc_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_3d.c
+	$(CC) /Fo$(OBJ_D)\e_cbc_3d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_3d.c
 
 $(OBJ_D)\e_rc4.obj: $(SRC_D)\crypto\evp\e_rc4.c
-	$(CC) /Fo$(OBJ_D)\e_rc4.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_rc4.c
+	$(CC) /Fo$(OBJ_D)\e_rc4.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_rc4.c
 
 $(OBJ_D)\names.obj: $(SRC_D)\crypto\evp\names.c
-	$(CC) /Fo$(OBJ_D)\names.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\names.c
+	$(CC) /Fo$(OBJ_D)\names.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\names.c
 
 $(OBJ_D)\e_cfb_3d.obj: $(SRC_D)\crypto\evp\e_cfb_3d.c
-	$(CC) /Fo$(OBJ_D)\e_cfb_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_3d.c
+	$(CC) /Fo$(OBJ_D)\e_cfb_3d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_3d.c
 
 $(OBJ_D)\e_ofb_3d.obj: $(SRC_D)\crypto\evp\e_ofb_3d.c
-	$(CC) /Fo$(OBJ_D)\e_ofb_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_3d.c
+	$(CC) /Fo$(OBJ_D)\e_ofb_3d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_3d.c
 
 $(OBJ_D)\e_xcbc_d.obj: $(SRC_D)\crypto\evp\e_xcbc_d.c
-	$(CC) /Fo$(OBJ_D)\e_xcbc_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_xcbc_d.c
+	$(CC) /Fo$(OBJ_D)\e_xcbc_d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_xcbc_d.c
 
 $(OBJ_D)\e_ecb_r2.obj: $(SRC_D)\crypto\evp\e_ecb_r2.c
-	$(CC) /Fo$(OBJ_D)\e_ecb_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_r2.c
+	$(CC) /Fo$(OBJ_D)\e_ecb_r2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_r2.c
 
 $(OBJ_D)\e_cbc_r2.obj: $(SRC_D)\crypto\evp\e_cbc_r2.c
-	$(CC) /Fo$(OBJ_D)\e_cbc_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_r2.c
+	$(CC) /Fo$(OBJ_D)\e_cbc_r2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_r2.c
 
 $(OBJ_D)\e_cfb_r2.obj: $(SRC_D)\crypto\evp\e_cfb_r2.c
-	$(CC) /Fo$(OBJ_D)\e_cfb_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_r2.c
+	$(CC) /Fo$(OBJ_D)\e_cfb_r2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_r2.c
 
 $(OBJ_D)\e_ofb_r2.obj: $(SRC_D)\crypto\evp\e_ofb_r2.c
-	$(CC) /Fo$(OBJ_D)\e_ofb_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_r2.c
+	$(CC) /Fo$(OBJ_D)\e_ofb_r2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_r2.c
 
 $(OBJ_D)\e_ecb_bf.obj: $(SRC_D)\crypto\evp\e_ecb_bf.c
-	$(CC) /Fo$(OBJ_D)\e_ecb_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_bf.c
+	$(CC) /Fo$(OBJ_D)\e_ecb_bf.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_bf.c
 
 $(OBJ_D)\e_cbc_bf.obj: $(SRC_D)\crypto\evp\e_cbc_bf.c
-	$(CC) /Fo$(OBJ_D)\e_cbc_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_bf.c
+	$(CC) /Fo$(OBJ_D)\e_cbc_bf.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_bf.c
 
 $(OBJ_D)\e_cfb_bf.obj: $(SRC_D)\crypto\evp\e_cfb_bf.c
-	$(CC) /Fo$(OBJ_D)\e_cfb_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_bf.c
+	$(CC) /Fo$(OBJ_D)\e_cfb_bf.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_bf.c
 
 $(OBJ_D)\e_ofb_bf.obj: $(SRC_D)\crypto\evp\e_ofb_bf.c
-	$(CC) /Fo$(OBJ_D)\e_ofb_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_bf.c
+	$(CC) /Fo$(OBJ_D)\e_ofb_bf.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_bf.c
+
+$(OBJ_D)\e_ecb_c.obj: $(SRC_D)\crypto\evp\e_ecb_c.c
+	$(CC) /Fo$(OBJ_D)\e_ecb_c.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_c.c
+
+$(OBJ_D)\e_cbc_c.obj: $(SRC_D)\crypto\evp\e_cbc_c.c
+	$(CC) /Fo$(OBJ_D)\e_cbc_c.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_c.c
+
+$(OBJ_D)\e_cfb_c.obj: $(SRC_D)\crypto\evp\e_cfb_c.c
+	$(CC) /Fo$(OBJ_D)\e_cfb_c.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_c.c
+
+$(OBJ_D)\e_ofb_c.obj: $(SRC_D)\crypto\evp\e_ofb_c.c
+	$(CC) /Fo$(OBJ_D)\e_ofb_c.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_c.c
+
+$(OBJ_D)\e_ecb_r5.obj: $(SRC_D)\crypto\evp\e_ecb_r5.c
+	$(CC) /Fo$(OBJ_D)\e_ecb_r5.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_r5.c
+
+$(OBJ_D)\e_cbc_r5.obj: $(SRC_D)\crypto\evp\e_cbc_r5.c
+	$(CC) /Fo$(OBJ_D)\e_cbc_r5.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_r5.c
+
+$(OBJ_D)\e_cfb_r5.obj: $(SRC_D)\crypto\evp\e_cfb_r5.c
+	$(CC) /Fo$(OBJ_D)\e_cfb_r5.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_r5.c
+
+$(OBJ_D)\e_ofb_r5.obj: $(SRC_D)\crypto\evp\e_ofb_r5.c
+	$(CC) /Fo$(OBJ_D)\e_ofb_r5.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_r5.c
 
 $(OBJ_D)\m_null.obj: $(SRC_D)\crypto\evp\m_null.c
-	$(CC) /Fo$(OBJ_D)\m_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_null.c
+	$(CC) /Fo$(OBJ_D)\m_null.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_null.c
 
 $(OBJ_D)\m_md2.obj: $(SRC_D)\crypto\evp\m_md2.c
-	$(CC) /Fo$(OBJ_D)\m_md2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_md2.c
+	$(CC) /Fo$(OBJ_D)\m_md2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_md2.c
 
 $(OBJ_D)\m_md5.obj: $(SRC_D)\crypto\evp\m_md5.c
-	$(CC) /Fo$(OBJ_D)\m_md5.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_md5.c
+	$(CC) /Fo$(OBJ_D)\m_md5.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_md5.c
 
 $(OBJ_D)\m_sha.obj: $(SRC_D)\crypto\evp\m_sha.c
-	$(CC) /Fo$(OBJ_D)\m_sha.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_sha.c
+	$(CC) /Fo$(OBJ_D)\m_sha.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_sha.c
 
 $(OBJ_D)\m_sha1.obj: $(SRC_D)\crypto\evp\m_sha1.c
-	$(CC) /Fo$(OBJ_D)\m_sha1.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_sha1.c
+	$(CC) /Fo$(OBJ_D)\m_sha1.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_sha1.c
 
 $(OBJ_D)\m_dss.obj: $(SRC_D)\crypto\evp\m_dss.c
-	$(CC) /Fo$(OBJ_D)\m_dss.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_dss.c
+	$(CC) /Fo$(OBJ_D)\m_dss.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_dss.c
 
 $(OBJ_D)\m_dss1.obj: $(SRC_D)\crypto\evp\m_dss1.c
-	$(CC) /Fo$(OBJ_D)\m_dss1.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_dss1.c
+	$(CC) /Fo$(OBJ_D)\m_dss1.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_dss1.c
 
 $(OBJ_D)\m_mdc2.obj: $(SRC_D)\crypto\evp\m_mdc2.c
-	$(CC) /Fo$(OBJ_D)\m_mdc2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_mdc2.c
+	$(CC) /Fo$(OBJ_D)\m_mdc2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_mdc2.c
+
+$(OBJ_D)\m_ripemd.obj: $(SRC_D)\crypto\evp\m_ripemd.c
+	$(CC) /Fo$(OBJ_D)\m_ripemd.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_ripemd.c
 
 $(OBJ_D)\p_open.obj: $(SRC_D)\crypto\evp\p_open.c
-	$(CC) /Fo$(OBJ_D)\p_open.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_open.c
+	$(CC) /Fo$(OBJ_D)\p_open.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_open.c
 
 $(OBJ_D)\p_seal.obj: $(SRC_D)\crypto\evp\p_seal.c
-	$(CC) /Fo$(OBJ_D)\p_seal.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_seal.c
+	$(CC) /Fo$(OBJ_D)\p_seal.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_seal.c
 
 $(OBJ_D)\p_sign.obj: $(SRC_D)\crypto\evp\p_sign.c
-	$(CC) /Fo$(OBJ_D)\p_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_sign.c
+	$(CC) /Fo$(OBJ_D)\p_sign.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_sign.c
 
 $(OBJ_D)\p_verify.obj: $(SRC_D)\crypto\evp\p_verify.c
-	$(CC) /Fo$(OBJ_D)\p_verify.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_verify.c
+	$(CC) /Fo$(OBJ_D)\p_verify.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_verify.c
 
 $(OBJ_D)\p_lib.obj: $(SRC_D)\crypto\evp\p_lib.c
-	$(CC) /Fo$(OBJ_D)\p_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_lib.c
+	$(CC) /Fo$(OBJ_D)\p_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_lib.c
+
+$(OBJ_D)\p_enc.obj: $(SRC_D)\crypto\evp\p_enc.c
+	$(CC) /Fo$(OBJ_D)\p_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_enc.c
+
+$(OBJ_D)\p_dec.obj: $(SRC_D)\crypto\evp\p_dec.c
+	$(CC) /Fo$(OBJ_D)\p_dec.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_dec.c
 
 $(OBJ_D)\bio_md.obj: $(SRC_D)\crypto\evp\bio_md.c
-	$(CC) /Fo$(OBJ_D)\bio_md.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_md.c
+	$(CC) /Fo$(OBJ_D)\bio_md.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_md.c
 
 $(OBJ_D)\bio_b64.obj: $(SRC_D)\crypto\evp\bio_b64.c
-	$(CC) /Fo$(OBJ_D)\bio_b64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_b64.c
+	$(CC) /Fo$(OBJ_D)\bio_b64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_b64.c
 
 $(OBJ_D)\bio_enc.obj: $(SRC_D)\crypto\evp\bio_enc.c
-	$(CC) /Fo$(OBJ_D)\bio_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_enc.c
+	$(CC) /Fo$(OBJ_D)\bio_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_enc.c
 
 $(OBJ_D)\evp_err.obj: $(SRC_D)\crypto\evp\evp_err.c
-	$(CC) /Fo$(OBJ_D)\evp_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_err.c
+	$(CC) /Fo$(OBJ_D)\evp_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_err.c
 
 $(OBJ_D)\e_null.obj: $(SRC_D)\crypto\evp\e_null.c
-	$(CC) /Fo$(OBJ_D)\e_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_null.c
+	$(CC) /Fo$(OBJ_D)\e_null.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_null.c
 
 $(OBJ_D)\c_all.obj: $(SRC_D)\crypto\evp\c_all.c
-	$(CC) /Fo$(OBJ_D)\c_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\c_all.c
+	$(CC) /Fo$(OBJ_D)\c_all.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\c_all.c
+
+$(OBJ_D)\evp_lib.obj: $(SRC_D)\crypto\evp\evp_lib.c
+	$(CC) /Fo$(OBJ_D)\evp_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_lib.c
 
 $(OBJ_D)\pem_sign.obj: $(SRC_D)\crypto\pem\pem_sign.c
-	$(CC) /Fo$(OBJ_D)\pem_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_sign.c
+	$(CC) /Fo$(OBJ_D)\pem_sign.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_sign.c
 
 $(OBJ_D)\pem_seal.obj: $(SRC_D)\crypto\pem\pem_seal.c
-	$(CC) /Fo$(OBJ_D)\pem_seal.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_seal.c
+	$(CC) /Fo$(OBJ_D)\pem_seal.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_seal.c
 
 $(OBJ_D)\pem_info.obj: $(SRC_D)\crypto\pem\pem_info.c
-	$(CC) /Fo$(OBJ_D)\pem_info.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_info.c
+	$(CC) /Fo$(OBJ_D)\pem_info.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_info.c
 
 $(OBJ_D)\pem_lib.obj: $(SRC_D)\crypto\pem\pem_lib.c
-	$(CC) /Fo$(OBJ_D)\pem_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_lib.c
+	$(CC) /Fo$(OBJ_D)\pem_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_lib.c
 
 $(OBJ_D)\pem_all.obj: $(SRC_D)\crypto\pem\pem_all.c
-	$(CC) /Fo$(OBJ_D)\pem_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_all.c
+	$(CC) /Fo$(OBJ_D)\pem_all.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_all.c
 
 $(OBJ_D)\pem_err.obj: $(SRC_D)\crypto\pem\pem_err.c
-	$(CC) /Fo$(OBJ_D)\pem_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_err.c
+	$(CC) /Fo$(OBJ_D)\pem_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_err.c
 
 $(OBJ_D)\a_object.obj: $(SRC_D)\crypto\asn1\a_object.c
-	$(CC) /Fo$(OBJ_D)\a_object.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_object.c
+	$(CC) /Fo$(OBJ_D)\a_object.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_object.c
 
 $(OBJ_D)\a_bitstr.obj: $(SRC_D)\crypto\asn1\a_bitstr.c
-	$(CC) /Fo$(OBJ_D)\a_bitstr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bitstr.c
+	$(CC) /Fo$(OBJ_D)\a_bitstr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bitstr.c
 
 $(OBJ_D)\a_utctm.obj: $(SRC_D)\crypto\asn1\a_utctm.c
-	$(CC) /Fo$(OBJ_D)\a_utctm.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_utctm.c
+	$(CC) /Fo$(OBJ_D)\a_utctm.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_utctm.c
 
 $(OBJ_D)\a_int.obj: $(SRC_D)\crypto\asn1\a_int.c
-	$(CC) /Fo$(OBJ_D)\a_int.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_int.c
+	$(CC) /Fo$(OBJ_D)\a_int.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_int.c
 
 $(OBJ_D)\a_octet.obj: $(SRC_D)\crypto\asn1\a_octet.c
-	$(CC) /Fo$(OBJ_D)\a_octet.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_octet.c
+	$(CC) /Fo$(OBJ_D)\a_octet.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_octet.c
 
 $(OBJ_D)\a_print.obj: $(SRC_D)\crypto\asn1\a_print.c
-	$(CC) /Fo$(OBJ_D)\a_print.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_print.c
+	$(CC) /Fo$(OBJ_D)\a_print.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_print.c
 
 $(OBJ_D)\a_type.obj: $(SRC_D)\crypto\asn1\a_type.c
-	$(CC) /Fo$(OBJ_D)\a_type.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_type.c
+	$(CC) /Fo$(OBJ_D)\a_type.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_type.c
 
 $(OBJ_D)\a_set.obj: $(SRC_D)\crypto\asn1\a_set.c
-	$(CC) /Fo$(OBJ_D)\a_set.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_set.c
+	$(CC) /Fo$(OBJ_D)\a_set.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_set.c
 
 $(OBJ_D)\a_dup.obj: $(SRC_D)\crypto\asn1\a_dup.c
-	$(CC) /Fo$(OBJ_D)\a_dup.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_dup.c
+	$(CC) /Fo$(OBJ_D)\a_dup.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_dup.c
 
 $(OBJ_D)\a_d2i_fp.obj: $(SRC_D)\crypto\asn1\a_d2i_fp.c
-	$(CC) /Fo$(OBJ_D)\a_d2i_fp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_d2i_fp.c
+	$(CC) /Fo$(OBJ_D)\a_d2i_fp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_d2i_fp.c
 
 $(OBJ_D)\a_i2d_fp.obj: $(SRC_D)\crypto\asn1\a_i2d_fp.c
-	$(CC) /Fo$(OBJ_D)\a_i2d_fp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_i2d_fp.c
+	$(CC) /Fo$(OBJ_D)\a_i2d_fp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_i2d_fp.c
 
 $(OBJ_D)\a_sign.obj: $(SRC_D)\crypto\asn1\a_sign.c
-	$(CC) /Fo$(OBJ_D)\a_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_sign.c
+	$(CC) /Fo$(OBJ_D)\a_sign.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_sign.c
 
 $(OBJ_D)\a_digest.obj: $(SRC_D)\crypto\asn1\a_digest.c
-	$(CC) /Fo$(OBJ_D)\a_digest.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_digest.c
+	$(CC) /Fo$(OBJ_D)\a_digest.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_digest.c
 
 $(OBJ_D)\a_verify.obj: $(SRC_D)\crypto\asn1\a_verify.c
-	$(CC) /Fo$(OBJ_D)\a_verify.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_verify.c
+	$(CC) /Fo$(OBJ_D)\a_verify.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_verify.c
 
 $(OBJ_D)\x_algor.obj: $(SRC_D)\crypto\asn1\x_algor.c
-	$(CC) /Fo$(OBJ_D)\x_algor.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_algor.c
+	$(CC) /Fo$(OBJ_D)\x_algor.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_algor.c
 
 $(OBJ_D)\x_val.obj: $(SRC_D)\crypto\asn1\x_val.c
-	$(CC) /Fo$(OBJ_D)\x_val.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_val.c
+	$(CC) /Fo$(OBJ_D)\x_val.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_val.c
 
 $(OBJ_D)\x_pubkey.obj: $(SRC_D)\crypto\asn1\x_pubkey.c
-	$(CC) /Fo$(OBJ_D)\x_pubkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_pubkey.c
+	$(CC) /Fo$(OBJ_D)\x_pubkey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_pubkey.c
 
 $(OBJ_D)\x_sig.obj: $(SRC_D)\crypto\asn1\x_sig.c
-	$(CC) /Fo$(OBJ_D)\x_sig.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_sig.c
+	$(CC) /Fo$(OBJ_D)\x_sig.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_sig.c
 
 $(OBJ_D)\x_req.obj: $(SRC_D)\crypto\asn1\x_req.c
-	$(CC) /Fo$(OBJ_D)\x_req.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_req.c
+	$(CC) /Fo$(OBJ_D)\x_req.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_req.c
 
 $(OBJ_D)\x_attrib.obj: $(SRC_D)\crypto\asn1\x_attrib.c
-	$(CC) /Fo$(OBJ_D)\x_attrib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_attrib.c
+	$(CC) /Fo$(OBJ_D)\x_attrib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_attrib.c
 
 $(OBJ_D)\x_name.obj: $(SRC_D)\crypto\asn1\x_name.c
-	$(CC) /Fo$(OBJ_D)\x_name.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_name.c
+	$(CC) /Fo$(OBJ_D)\x_name.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_name.c
 
 $(OBJ_D)\x_cinf.obj: $(SRC_D)\crypto\asn1\x_cinf.c
-	$(CC) /Fo$(OBJ_D)\x_cinf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_cinf.c
+	$(CC) /Fo$(OBJ_D)\x_cinf.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_cinf.c
 
 $(OBJ_D)\x_x509.obj: $(SRC_D)\crypto\asn1\x_x509.c
-	$(CC) /Fo$(OBJ_D)\x_x509.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_x509.c
+	$(CC) /Fo$(OBJ_D)\x_x509.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_x509.c
 
 $(OBJ_D)\x_crl.obj: $(SRC_D)\crypto\asn1\x_crl.c
-	$(CC) /Fo$(OBJ_D)\x_crl.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_crl.c
+	$(CC) /Fo$(OBJ_D)\x_crl.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_crl.c
 
 $(OBJ_D)\x_info.obj: $(SRC_D)\crypto\asn1\x_info.c
-	$(CC) /Fo$(OBJ_D)\x_info.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_info.c
+	$(CC) /Fo$(OBJ_D)\x_info.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_info.c
 
 $(OBJ_D)\x_spki.obj: $(SRC_D)\crypto\asn1\x_spki.c
-	$(CC) /Fo$(OBJ_D)\x_spki.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_spki.c
+	$(CC) /Fo$(OBJ_D)\x_spki.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_spki.c
 
 $(OBJ_D)\d2i_r_pr.obj: $(SRC_D)\crypto\asn1\d2i_r_pr.c
-	$(CC) /Fo$(OBJ_D)\d2i_r_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_r_pr.c
+	$(CC) /Fo$(OBJ_D)\d2i_r_pr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_r_pr.c
 
 $(OBJ_D)\i2d_r_pr.obj: $(SRC_D)\crypto\asn1\i2d_r_pr.c
-	$(CC) /Fo$(OBJ_D)\i2d_r_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_r_pr.c
+	$(CC) /Fo$(OBJ_D)\i2d_r_pr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_r_pr.c
 
 $(OBJ_D)\d2i_r_pu.obj: $(SRC_D)\crypto\asn1\d2i_r_pu.c
-	$(CC) /Fo$(OBJ_D)\d2i_r_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_r_pu.c
+	$(CC) /Fo$(OBJ_D)\d2i_r_pu.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_r_pu.c
 
 $(OBJ_D)\i2d_r_pu.obj: $(SRC_D)\crypto\asn1\i2d_r_pu.c
-	$(CC) /Fo$(OBJ_D)\i2d_r_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_r_pu.c
+	$(CC) /Fo$(OBJ_D)\i2d_r_pu.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_r_pu.c
 
 $(OBJ_D)\d2i_s_pr.obj: $(SRC_D)\crypto\asn1\d2i_s_pr.c
-	$(CC) /Fo$(OBJ_D)\d2i_s_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_s_pr.c
+	$(CC) /Fo$(OBJ_D)\d2i_s_pr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_s_pr.c
 
 $(OBJ_D)\i2d_s_pr.obj: $(SRC_D)\crypto\asn1\i2d_s_pr.c
-	$(CC) /Fo$(OBJ_D)\i2d_s_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_s_pr.c
+	$(CC) /Fo$(OBJ_D)\i2d_s_pr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_s_pr.c
 
 $(OBJ_D)\d2i_s_pu.obj: $(SRC_D)\crypto\asn1\d2i_s_pu.c
-	$(CC) /Fo$(OBJ_D)\d2i_s_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_s_pu.c
+	$(CC) /Fo$(OBJ_D)\d2i_s_pu.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_s_pu.c
 
 $(OBJ_D)\i2d_s_pu.obj: $(SRC_D)\crypto\asn1\i2d_s_pu.c
-	$(CC) /Fo$(OBJ_D)\i2d_s_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_s_pu.c
+	$(CC) /Fo$(OBJ_D)\i2d_s_pu.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_s_pu.c
 
 $(OBJ_D)\d2i_pu.obj: $(SRC_D)\crypto\asn1\d2i_pu.c
-	$(CC) /Fo$(OBJ_D)\d2i_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_pu.c
+	$(CC) /Fo$(OBJ_D)\d2i_pu.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_pu.c
 
 $(OBJ_D)\d2i_pr.obj: $(SRC_D)\crypto\asn1\d2i_pr.c
-	$(CC) /Fo$(OBJ_D)\d2i_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_pr.c
+	$(CC) /Fo$(OBJ_D)\d2i_pr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_pr.c
 
 $(OBJ_D)\i2d_pu.obj: $(SRC_D)\crypto\asn1\i2d_pu.c
-	$(CC) /Fo$(OBJ_D)\i2d_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_pu.c
+	$(CC) /Fo$(OBJ_D)\i2d_pu.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_pu.c
 
 $(OBJ_D)\i2d_pr.obj: $(SRC_D)\crypto\asn1\i2d_pr.c
-	$(CC) /Fo$(OBJ_D)\i2d_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_pr.c
+	$(CC) /Fo$(OBJ_D)\i2d_pr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_pr.c
 
 $(OBJ_D)\t_req.obj: $(SRC_D)\crypto\asn1\t_req.c
-	$(CC) /Fo$(OBJ_D)\t_req.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_req.c
+	$(CC) /Fo$(OBJ_D)\t_req.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_req.c
 
 $(OBJ_D)\t_x509.obj: $(SRC_D)\crypto\asn1\t_x509.c
-	$(CC) /Fo$(OBJ_D)\t_x509.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_x509.c
+	$(CC) /Fo$(OBJ_D)\t_x509.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_x509.c
 
 $(OBJ_D)\t_pkey.obj: $(SRC_D)\crypto\asn1\t_pkey.c
-	$(CC) /Fo$(OBJ_D)\t_pkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_pkey.c
+	$(CC) /Fo$(OBJ_D)\t_pkey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_pkey.c
 
 $(OBJ_D)\p7_i_s.obj: $(SRC_D)\crypto\asn1\p7_i_s.c
-	$(CC) /Fo$(OBJ_D)\p7_i_s.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_i_s.c
+	$(CC) /Fo$(OBJ_D)\p7_i_s.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_i_s.c
 
 $(OBJ_D)\p7_signi.obj: $(SRC_D)\crypto\asn1\p7_signi.c
-	$(CC) /Fo$(OBJ_D)\p7_signi.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_signi.c
+	$(CC) /Fo$(OBJ_D)\p7_signi.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_signi.c
 
 $(OBJ_D)\p7_signd.obj: $(SRC_D)\crypto\asn1\p7_signd.c
-	$(CC) /Fo$(OBJ_D)\p7_signd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_signd.c
+	$(CC) /Fo$(OBJ_D)\p7_signd.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_signd.c
 
 $(OBJ_D)\p7_recip.obj: $(SRC_D)\crypto\asn1\p7_recip.c
-	$(CC) /Fo$(OBJ_D)\p7_recip.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_recip.c
+	$(CC) /Fo$(OBJ_D)\p7_recip.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_recip.c
 
 $(OBJ_D)\p7_enc_c.obj: $(SRC_D)\crypto\asn1\p7_enc_c.c
-	$(CC) /Fo$(OBJ_D)\p7_enc_c.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_enc_c.c
+	$(CC) /Fo$(OBJ_D)\p7_enc_c.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_enc_c.c
 
 $(OBJ_D)\p7_evp.obj: $(SRC_D)\crypto\asn1\p7_evp.c
-	$(CC) /Fo$(OBJ_D)\p7_evp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_evp.c
+	$(CC) /Fo$(OBJ_D)\p7_evp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_evp.c
 
 $(OBJ_D)\p7_dgst.obj: $(SRC_D)\crypto\asn1\p7_dgst.c
-	$(CC) /Fo$(OBJ_D)\p7_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_dgst.c
+	$(CC) /Fo$(OBJ_D)\p7_dgst.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_dgst.c
 
 $(OBJ_D)\p7_s_e.obj: $(SRC_D)\crypto\asn1\p7_s_e.c
-	$(CC) /Fo$(OBJ_D)\p7_s_e.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_s_e.c
+	$(CC) /Fo$(OBJ_D)\p7_s_e.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_s_e.c
 
 $(OBJ_D)\p7_enc.obj: $(SRC_D)\crypto\asn1\p7_enc.c
-	$(CC) /Fo$(OBJ_D)\p7_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_enc.c
+	$(CC) /Fo$(OBJ_D)\p7_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_enc.c
 
 $(OBJ_D)\p7_lib.obj: $(SRC_D)\crypto\asn1\p7_lib.c
-	$(CC) /Fo$(OBJ_D)\p7_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_lib.c
+	$(CC) /Fo$(OBJ_D)\p7_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_lib.c
 
 $(OBJ_D)\f_int.obj: $(SRC_D)\crypto\asn1\f_int.c
-	$(CC) /Fo$(OBJ_D)\f_int.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\f_int.c
+	$(CC) /Fo$(OBJ_D)\f_int.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\f_int.c
 
 $(OBJ_D)\f_string.obj: $(SRC_D)\crypto\asn1\f_string.c
-	$(CC) /Fo$(OBJ_D)\f_string.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\f_string.c
+	$(CC) /Fo$(OBJ_D)\f_string.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\f_string.c
 
 $(OBJ_D)\i2d_dhp.obj: $(SRC_D)\crypto\asn1\i2d_dhp.c
-	$(CC) /Fo$(OBJ_D)\i2d_dhp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_dhp.c
+	$(CC) /Fo$(OBJ_D)\i2d_dhp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_dhp.c
 
 $(OBJ_D)\i2d_dsap.obj: $(SRC_D)\crypto\asn1\i2d_dsap.c
-	$(CC) /Fo$(OBJ_D)\i2d_dsap.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_dsap.c
+	$(CC) /Fo$(OBJ_D)\i2d_dsap.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_dsap.c
 
 $(OBJ_D)\d2i_dhp.obj: $(SRC_D)\crypto\asn1\d2i_dhp.c
-	$(CC) /Fo$(OBJ_D)\d2i_dhp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_dhp.c
+	$(CC) /Fo$(OBJ_D)\d2i_dhp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_dhp.c
 
 $(OBJ_D)\d2i_dsap.obj: $(SRC_D)\crypto\asn1\d2i_dsap.c
-	$(CC) /Fo$(OBJ_D)\d2i_dsap.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_dsap.c
+	$(CC) /Fo$(OBJ_D)\d2i_dsap.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_dsap.c
 
 $(OBJ_D)\n_pkey.obj: $(SRC_D)\crypto\asn1\n_pkey.c
-	$(CC) /Fo$(OBJ_D)\n_pkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\n_pkey.c
+	$(CC) /Fo$(OBJ_D)\n_pkey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\n_pkey.c
 
 $(OBJ_D)\a_hdr.obj: $(SRC_D)\crypto\asn1\a_hdr.c
-	$(CC) /Fo$(OBJ_D)\a_hdr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_hdr.c
+	$(CC) /Fo$(OBJ_D)\a_hdr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_hdr.c
 
 $(OBJ_D)\x_pkey.obj: $(SRC_D)\crypto\asn1\x_pkey.c
-	$(CC) /Fo$(OBJ_D)\x_pkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_pkey.c
+	$(CC) /Fo$(OBJ_D)\x_pkey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_pkey.c
 
 $(OBJ_D)\a_bool.obj: $(SRC_D)\crypto\asn1\a_bool.c
-	$(CC) /Fo$(OBJ_D)\a_bool.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bool.c
+	$(CC) /Fo$(OBJ_D)\a_bool.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bool.c
 
 $(OBJ_D)\x_exten.obj: $(SRC_D)\crypto\asn1\x_exten.c
-	$(CC) /Fo$(OBJ_D)\x_exten.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_exten.c
+	$(CC) /Fo$(OBJ_D)\x_exten.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_exten.c
 
 $(OBJ_D)\asn1_par.obj: $(SRC_D)\crypto\asn1\asn1_par.c
-	$(CC) /Fo$(OBJ_D)\asn1_par.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_par.c
+	$(CC) /Fo$(OBJ_D)\asn1_par.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_par.c
 
 $(OBJ_D)\asn1_lib.obj: $(SRC_D)\crypto\asn1\asn1_lib.c
-	$(CC) /Fo$(OBJ_D)\asn1_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_lib.c
+	$(CC) /Fo$(OBJ_D)\asn1_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_lib.c
 
 $(OBJ_D)\asn1_err.obj: $(SRC_D)\crypto\asn1\asn1_err.c
-	$(CC) /Fo$(OBJ_D)\asn1_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_err.c
+	$(CC) /Fo$(OBJ_D)\asn1_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_err.c
 
 $(OBJ_D)\a_meth.obj: $(SRC_D)\crypto\asn1\a_meth.c
-	$(CC) /Fo$(OBJ_D)\a_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_meth.c
+	$(CC) /Fo$(OBJ_D)\a_meth.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_meth.c
 
 $(OBJ_D)\a_bytes.obj: $(SRC_D)\crypto\asn1\a_bytes.c
-	$(CC) /Fo$(OBJ_D)\a_bytes.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bytes.c
+	$(CC) /Fo$(OBJ_D)\a_bytes.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bytes.c
+
+$(OBJ_D)\evp_asn1.obj: $(SRC_D)\crypto\asn1\evp_asn1.c
+	$(CC) /Fo$(OBJ_D)\evp_asn1.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\evp_asn1.c
 
 $(OBJ_D)\x509_def.obj: $(SRC_D)\crypto\x509\x509_def.c
-	$(CC) /Fo$(OBJ_D)\x509_def.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_def.c
+	$(CC) /Fo$(OBJ_D)\x509_def.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_def.c
 
 $(OBJ_D)\x509_d2.obj: $(SRC_D)\crypto\x509\x509_d2.c
-	$(CC) /Fo$(OBJ_D)\x509_d2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_d2.c
+	$(CC) /Fo$(OBJ_D)\x509_d2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_d2.c
 
 $(OBJ_D)\x509_r2x.obj: $(SRC_D)\crypto\x509\x509_r2x.c
-	$(CC) /Fo$(OBJ_D)\x509_r2x.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_r2x.c
+	$(CC) /Fo$(OBJ_D)\x509_r2x.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_r2x.c
 
 $(OBJ_D)\x509_cmp.obj: $(SRC_D)\crypto\x509\x509_cmp.c
-	$(CC) /Fo$(OBJ_D)\x509_cmp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_cmp.c
+	$(CC) /Fo$(OBJ_D)\x509_cmp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_cmp.c
 
 $(OBJ_D)\x509_obj.obj: $(SRC_D)\crypto\x509\x509_obj.c
-	$(CC) /Fo$(OBJ_D)\x509_obj.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_obj.c
+	$(CC) /Fo$(OBJ_D)\x509_obj.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_obj.c
 
 $(OBJ_D)\x509_req.obj: $(SRC_D)\crypto\x509\x509_req.c
-	$(CC) /Fo$(OBJ_D)\x509_req.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_req.c
+	$(CC) /Fo$(OBJ_D)\x509_req.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_req.c
 
 $(OBJ_D)\x509_vfy.obj: $(SRC_D)\crypto\x509\x509_vfy.c
-	$(CC) /Fo$(OBJ_D)\x509_vfy.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_vfy.c
+	$(CC) /Fo$(OBJ_D)\x509_vfy.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_vfy.c
 
 $(OBJ_D)\x509_set.obj: $(SRC_D)\crypto\x509\x509_set.c
-	$(CC) /Fo$(OBJ_D)\x509_set.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_set.c
+	$(CC) /Fo$(OBJ_D)\x509_set.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_set.c
 
 $(OBJ_D)\x509rset.obj: $(SRC_D)\crypto\x509\x509rset.c
-	$(CC) /Fo$(OBJ_D)\x509rset.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509rset.c
+	$(CC) /Fo$(OBJ_D)\x509rset.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509rset.c
 
 $(OBJ_D)\x509_err.obj: $(SRC_D)\crypto\x509\x509_err.c
-	$(CC) /Fo$(OBJ_D)\x509_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_err.c
+	$(CC) /Fo$(OBJ_D)\x509_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_err.c
 
 $(OBJ_D)\x509name.obj: $(SRC_D)\crypto\x509\x509name.c
-	$(CC) /Fo$(OBJ_D)\x509name.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509name.c
+	$(CC) /Fo$(OBJ_D)\x509name.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509name.c
 
 $(OBJ_D)\x509_v3.obj: $(SRC_D)\crypto\x509\x509_v3.c
-	$(CC) /Fo$(OBJ_D)\x509_v3.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_v3.c
+	$(CC) /Fo$(OBJ_D)\x509_v3.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_v3.c
 
 $(OBJ_D)\x509_ext.obj: $(SRC_D)\crypto\x509\x509_ext.c
-	$(CC) /Fo$(OBJ_D)\x509_ext.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_ext.c
+	$(CC) /Fo$(OBJ_D)\x509_ext.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_ext.c
 
 $(OBJ_D)\x509pack.obj: $(SRC_D)\crypto\x509\x509pack.c
-	$(CC) /Fo$(OBJ_D)\x509pack.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509pack.c
+	$(CC) /Fo$(OBJ_D)\x509pack.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509pack.c
 
 $(OBJ_D)\x509type.obj: $(SRC_D)\crypto\x509\x509type.c
-	$(CC) /Fo$(OBJ_D)\x509type.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509type.c
+	$(CC) /Fo$(OBJ_D)\x509type.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509type.c
 
 $(OBJ_D)\x509_lu.obj: $(SRC_D)\crypto\x509\x509_lu.c
-	$(CC) /Fo$(OBJ_D)\x509_lu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_lu.c
+	$(CC) /Fo$(OBJ_D)\x509_lu.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_lu.c
 
 $(OBJ_D)\x_all.obj: $(SRC_D)\crypto\x509\x_all.c
-	$(CC) /Fo$(OBJ_D)\x_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x_all.c
+	$(CC) /Fo$(OBJ_D)\x_all.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x_all.c
 
 $(OBJ_D)\x509_txt.obj: $(SRC_D)\crypto\x509\x509_txt.c
-	$(CC) /Fo$(OBJ_D)\x509_txt.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_txt.c
+	$(CC) /Fo$(OBJ_D)\x509_txt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_txt.c
 
 $(OBJ_D)\by_file.obj: $(SRC_D)\crypto\x509\by_file.c
-	$(CC) /Fo$(OBJ_D)\by_file.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\by_file.c
+	$(CC) /Fo$(OBJ_D)\by_file.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\by_file.c
 
 $(OBJ_D)\by_dir.obj: $(SRC_D)\crypto\x509\by_dir.c
-	$(CC) /Fo$(OBJ_D)\by_dir.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\by_dir.c
+	$(CC) /Fo$(OBJ_D)\by_dir.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\by_dir.c
 
 $(OBJ_D)\v3_net.obj: $(SRC_D)\crypto\x509\v3_net.c
-	$(CC) /Fo$(OBJ_D)\v3_net.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_net.c
+	$(CC) /Fo$(OBJ_D)\v3_net.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_net.c
 
 $(OBJ_D)\v3_x509.obj: $(SRC_D)\crypto\x509\v3_x509.c
-	$(CC) /Fo$(OBJ_D)\v3_x509.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_x509.c
+	$(CC) /Fo$(OBJ_D)\v3_x509.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_x509.c
 
 $(OBJ_D)\conf.obj: $(SRC_D)\crypto\conf\conf.c
-	$(CC) /Fo$(OBJ_D)\conf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\conf\conf.c
+	$(CC) /Fo$(OBJ_D)\conf.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\conf\conf.c
 
 $(OBJ_D)\conf_err.obj: $(SRC_D)\crypto\conf\conf_err.c
-	$(CC) /Fo$(OBJ_D)\conf_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\conf\conf_err.c
+	$(CC) /Fo$(OBJ_D)\conf_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\conf\conf_err.c
 
 $(OBJ_D)\txt_db.obj: $(SRC_D)\crypto\txt_db\txt_db.c
-	$(CC) /Fo$(OBJ_D)\txt_db.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\txt_db\txt_db.c
+	$(CC) /Fo$(OBJ_D)\txt_db.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\txt_db\txt_db.c
 
 $(OBJ_D)\pk7_lib.obj: $(SRC_D)\crypto\pkcs7\pk7_lib.c
-	$(CC) /Fo$(OBJ_D)\pk7_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pk7_lib.c
+	$(CC) /Fo$(OBJ_D)\pk7_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pk7_lib.c
 
 $(OBJ_D)\pkcs7err.obj: $(SRC_D)\crypto\pkcs7\pkcs7err.c
-	$(CC) /Fo$(OBJ_D)\pkcs7err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pkcs7err.c
+	$(CC) /Fo$(OBJ_D)\pkcs7err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pkcs7err.c
 
 $(OBJ_D)\pk7_doit.obj: $(SRC_D)\crypto\pkcs7\pk7_doit.c
-	$(CC) /Fo$(OBJ_D)\pk7_doit.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pk7_doit.c
+	$(CC) /Fo$(OBJ_D)\pk7_doit.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pk7_doit.c
 
 $(OBJ_D)\s2_meth.obj: $(SRC_D)\ssl\s2_meth.c
-	$(CC) /Fo$(OBJ_D)\s2_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_meth.c
+	$(CC) /Fo$(OBJ_D)\s2_meth.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s2_meth.c
 
 $(OBJ_D)\s2_srvr.obj: $(SRC_D)\ssl\s2_srvr.c
-	$(CC) /Fo$(OBJ_D)\s2_srvr.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_srvr.c
+	$(CC) /Fo$(OBJ_D)\s2_srvr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s2_srvr.c
 
 $(OBJ_D)\s2_clnt.obj: $(SRC_D)\ssl\s2_clnt.c
-	$(CC) /Fo$(OBJ_D)\s2_clnt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_clnt.c
+	$(CC) /Fo$(OBJ_D)\s2_clnt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s2_clnt.c
 
 $(OBJ_D)\s2_lib.obj: $(SRC_D)\ssl\s2_lib.c
-	$(CC) /Fo$(OBJ_D)\s2_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_lib.c
-
-$(OBJ_D)\s2_pkt.obj: $(SRC_D)\ssl\s2_pkt.c
-	$(CC) /Fo$(OBJ_D)\s2_pkt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_pkt.c
+	$(CC) /Fo$(OBJ_D)\s2_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s2_lib.c
 
 $(OBJ_D)\s2_enc.obj: $(SRC_D)\ssl\s2_enc.c
-	$(CC) /Fo$(OBJ_D)\s2_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_enc.c
+	$(CC) /Fo$(OBJ_D)\s2_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s2_enc.c
+
+$(OBJ_D)\s2_pkt.obj: $(SRC_D)\ssl\s2_pkt.c
+	$(CC) /Fo$(OBJ_D)\s2_pkt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s2_pkt.c
 
 $(OBJ_D)\s3_meth.obj: $(SRC_D)\ssl\s3_meth.c
-	$(CC) /Fo$(OBJ_D)\s3_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_meth.c
+	$(CC) /Fo$(OBJ_D)\s3_meth.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s3_meth.c
 
 $(OBJ_D)\s3_srvr.obj: $(SRC_D)\ssl\s3_srvr.c
-	$(CC) /Fo$(OBJ_D)\s3_srvr.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_srvr.c
+	$(CC) /Fo$(OBJ_D)\s3_srvr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s3_srvr.c
 
 $(OBJ_D)\s3_clnt.obj: $(SRC_D)\ssl\s3_clnt.c
-	$(CC) /Fo$(OBJ_D)\s3_clnt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_clnt.c
+	$(CC) /Fo$(OBJ_D)\s3_clnt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s3_clnt.c
 
 $(OBJ_D)\s3_lib.obj: $(SRC_D)\ssl\s3_lib.c
-	$(CC) /Fo$(OBJ_D)\s3_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_lib.c
-
-$(OBJ_D)\s3_pkt.obj: $(SRC_D)\ssl\s3_pkt.c
-	$(CC) /Fo$(OBJ_D)\s3_pkt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_pkt.c
+	$(CC) /Fo$(OBJ_D)\s3_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s3_lib.c
 
 $(OBJ_D)\s3_enc.obj: $(SRC_D)\ssl\s3_enc.c
-	$(CC) /Fo$(OBJ_D)\s3_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_enc.c
+	$(CC) /Fo$(OBJ_D)\s3_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s3_enc.c
+
+$(OBJ_D)\s3_pkt.obj: $(SRC_D)\ssl\s3_pkt.c
+	$(CC) /Fo$(OBJ_D)\s3_pkt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s3_pkt.c
 
 $(OBJ_D)\s3_both.obj: $(SRC_D)\ssl\s3_both.c
-	$(CC) /Fo$(OBJ_D)\s3_both.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_both.c
+	$(CC) /Fo$(OBJ_D)\s3_both.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s3_both.c
 
 $(OBJ_D)\s23_meth.obj: $(SRC_D)\ssl\s23_meth.c
-	$(CC) /Fo$(OBJ_D)\s23_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_meth.c
+	$(CC) /Fo$(OBJ_D)\s23_meth.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s23_meth.c
 
 $(OBJ_D)\s23_srvr.obj: $(SRC_D)\ssl\s23_srvr.c
-	$(CC) /Fo$(OBJ_D)\s23_srvr.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_srvr.c
+	$(CC) /Fo$(OBJ_D)\s23_srvr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s23_srvr.c
 
 $(OBJ_D)\s23_clnt.obj: $(SRC_D)\ssl\s23_clnt.c
-	$(CC) /Fo$(OBJ_D)\s23_clnt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_clnt.c
+	$(CC) /Fo$(OBJ_D)\s23_clnt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s23_clnt.c
 
 $(OBJ_D)\s23_lib.obj: $(SRC_D)\ssl\s23_lib.c
-	$(CC) /Fo$(OBJ_D)\s23_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_lib.c
+	$(CC) /Fo$(OBJ_D)\s23_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s23_lib.c
 
 $(OBJ_D)\s23_pkt.obj: $(SRC_D)\ssl\s23_pkt.c
-	$(CC) /Fo$(OBJ_D)\s23_pkt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_pkt.c
+	$(CC) /Fo$(OBJ_D)\s23_pkt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s23_pkt.c
+
+$(OBJ_D)\t1_meth.obj: $(SRC_D)\ssl\t1_meth.c
+	$(CC) /Fo$(OBJ_D)\t1_meth.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\t1_meth.c
+
+$(OBJ_D)\t1_srvr.obj: $(SRC_D)\ssl\t1_srvr.c
+	$(CC) /Fo$(OBJ_D)\t1_srvr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\t1_srvr.c
+
+$(OBJ_D)\t1_clnt.obj: $(SRC_D)\ssl\t1_clnt.c
+	$(CC) /Fo$(OBJ_D)\t1_clnt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\t1_clnt.c
+
+$(OBJ_D)\t1_lib.obj: $(SRC_D)\ssl\t1_lib.c
+	$(CC) /Fo$(OBJ_D)\t1_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\t1_lib.c
+
+$(OBJ_D)\t1_enc.obj: $(SRC_D)\ssl\t1_enc.c
+	$(CC) /Fo$(OBJ_D)\t1_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\t1_enc.c
 
 $(OBJ_D)\ssl_lib.obj: $(SRC_D)\ssl\ssl_lib.c
-	$(CC) /Fo$(OBJ_D)\ssl_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_lib.c
+	$(CC) /Fo$(OBJ_D)\ssl_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_lib.c
 
 $(OBJ_D)\ssl_err2.obj: $(SRC_D)\ssl\ssl_err2.c
-	$(CC) /Fo$(OBJ_D)\ssl_err2.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err2.c
+	$(CC) /Fo$(OBJ_D)\ssl_err2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err2.c
 
 $(OBJ_D)\ssl_cert.obj: $(SRC_D)\ssl\ssl_cert.c
-	$(CC) /Fo$(OBJ_D)\ssl_cert.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_cert.c
+	$(CC) /Fo$(OBJ_D)\ssl_cert.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_cert.c
 
 $(OBJ_D)\ssl_sess.obj: $(SRC_D)\ssl\ssl_sess.c
-	$(CC) /Fo$(OBJ_D)\ssl_sess.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_sess.c
+	$(CC) /Fo$(OBJ_D)\ssl_sess.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_sess.c
 
 $(OBJ_D)\ssl_ciph.obj: $(SRC_D)\ssl\ssl_ciph.c
-	$(CC) /Fo$(OBJ_D)\ssl_ciph.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_ciph.c
+	$(CC) /Fo$(OBJ_D)\ssl_ciph.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_ciph.c
 
 $(OBJ_D)\ssl_stat.obj: $(SRC_D)\ssl\ssl_stat.c
-	$(CC) /Fo$(OBJ_D)\ssl_stat.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_stat.c
+	$(CC) /Fo$(OBJ_D)\ssl_stat.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_stat.c
 
 $(OBJ_D)\ssl_rsa.obj: $(SRC_D)\ssl\ssl_rsa.c
-	$(CC) /Fo$(OBJ_D)\ssl_rsa.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_rsa.c
+	$(CC) /Fo$(OBJ_D)\ssl_rsa.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_rsa.c
 
 $(OBJ_D)\ssl_asn1.obj: $(SRC_D)\ssl\ssl_asn1.c
-	$(CC) /Fo$(OBJ_D)\ssl_asn1.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_asn1.c
+	$(CC) /Fo$(OBJ_D)\ssl_asn1.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_asn1.c
 
 $(OBJ_D)\ssl_txt.obj: $(SRC_D)\ssl\ssl_txt.c
-	$(CC) /Fo$(OBJ_D)\ssl_txt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_txt.c
+	$(CC) /Fo$(OBJ_D)\ssl_txt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_txt.c
 
 $(OBJ_D)\ssl_algs.obj: $(SRC_D)\ssl\ssl_algs.c
-	$(CC) /Fo$(OBJ_D)\ssl_algs.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_algs.c
+	$(CC) /Fo$(OBJ_D)\ssl_algs.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_algs.c
 
 $(OBJ_D)\bio_ssl.obj: $(SRC_D)\ssl\bio_ssl.c
-	$(CC) /Fo$(OBJ_D)\bio_ssl.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\bio_ssl.c
+	$(CC) /Fo$(OBJ_D)\bio_ssl.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\bio_ssl.c
 
 $(OBJ_D)\ssl_err.obj: $(SRC_D)\ssl\ssl_err.c
-	$(CC) /Fo$(OBJ_D)\ssl_err.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err.c
+	$(CC) /Fo$(OBJ_D)\ssl_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err.c
 
 $(OBJ_D)\rsaref.obj: $(SRC_D)\rsaref\rsaref.c
-	$(CC) /Fo$(OBJ_D)\rsaref.obj $(LIB_CFLAGS) -c $(SRC_D)\rsaref\rsaref.c
+	$(CC) /Fo$(OBJ_D)\rsaref.obj  $(LIB_CFLAGS) -c $(SRC_D)\rsaref\rsaref.c
 
 $(OBJ_D)\rsar_err.obj: $(SRC_D)\rsaref\rsar_err.c
-	$(CC) /Fo$(OBJ_D)\rsar_err.obj $(LIB_CFLAGS) -c $(SRC_D)\rsaref\rsar_err.c
+	$(CC) /Fo$(OBJ_D)\rsar_err.obj  $(LIB_CFLAGS) -c $(SRC_D)\rsaref\rsar_err.c
 
 $(TEST_D)\md2test.exe: $(OBJ_D)\md2test.obj $(LIBS_DEP)
   $(LINK) $(LFLAGS) /out:$(TEST_D)\md2test.exe @<<
@@ -1544,19 +1756,34 @@ $(TEST_D)\mdc2test.exe: $(OBJ_D)\mdc2test.obj $(LIBS_DEP)
   $(APP_EX_OBJ) $(OBJ_D)\mdc2test.obj $(L_LIBS) $(EX_LIBS)
 <<
 
+$(TEST_D)\hmactest.exe: $(OBJ_D)\hmactest.obj $(LIBS_DEP)
+  $(LINK) $(LFLAGS) /out:$(TEST_D)\hmactest.exe @<<
+  $(APP_EX_OBJ) $(OBJ_D)\hmactest.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\rmdtest.exe: $(OBJ_D)\rmdtest.obj $(LIBS_DEP)
+  $(LINK) $(LFLAGS) /out:$(TEST_D)\rmdtest.exe @<<
+  $(APP_EX_OBJ) $(OBJ_D)\rmdtest.obj $(L_LIBS) $(EX_LIBS)
+<<
+
 $(TEST_D)\destest.exe: $(OBJ_D)\destest.obj $(LIBS_DEP)
   $(LINK) $(LFLAGS) /out:$(TEST_D)\destest.exe @<<
   $(APP_EX_OBJ) $(OBJ_D)\destest.obj $(L_LIBS) $(EX_LIBS)
 <<
 
+$(TEST_D)\rc2test.exe: $(OBJ_D)\rc2test.obj $(LIBS_DEP)
+  $(LINK) $(LFLAGS) /out:$(TEST_D)\rc2test.exe @<<
+  $(APP_EX_OBJ) $(OBJ_D)\rc2test.obj $(L_LIBS) $(EX_LIBS)
+<<
+
 $(TEST_D)\rc4test.exe: $(OBJ_D)\rc4test.obj $(LIBS_DEP)
   $(LINK) $(LFLAGS) /out:$(TEST_D)\rc4test.exe @<<
   $(APP_EX_OBJ) $(OBJ_D)\rc4test.obj $(L_LIBS) $(EX_LIBS)
 <<
 
-$(TEST_D)\rc2test.exe: $(OBJ_D)\rc2test.obj $(LIBS_DEP)
-  $(LINK) $(LFLAGS) /out:$(TEST_D)\rc2test.exe @<<
-  $(APP_EX_OBJ) $(OBJ_D)\rc2test.obj $(L_LIBS) $(EX_LIBS)
+$(TEST_D)\rc5test.exe: $(OBJ_D)\rc5test.obj $(LIBS_DEP)
+  $(LINK) $(LFLAGS) /out:$(TEST_D)\rc5test.exe @<<
+  $(APP_EX_OBJ) $(OBJ_D)\rc5test.obj $(L_LIBS) $(EX_LIBS)
 <<
 
 $(TEST_D)\ideatest.exe: $(OBJ_D)\ideatest.obj $(LIBS_DEP)
@@ -1569,6 +1796,11 @@ $(TEST_D)\bftest.exe: $(OBJ_D)\bftest.obj $(LIBS_DEP)
   $(APP_EX_OBJ) $(OBJ_D)\bftest.obj $(L_LIBS) $(EX_LIBS)
 <<
 
+$(TEST_D)\casttest.exe: $(OBJ_D)\casttest.obj $(LIBS_DEP)
+  $(LINK) $(LFLAGS) /out:$(TEST_D)\casttest.exe @<<
+  $(APP_EX_OBJ) $(OBJ_D)\casttest.obj $(L_LIBS) $(EX_LIBS)
+<<
+
 $(TEST_D)\bntest.exe: $(OBJ_D)\bntest.obj $(LIBS_DEP)
   $(LINK) $(LFLAGS) /out:$(TEST_D)\bntest.exe @<<
   $(APP_EX_OBJ) $(OBJ_D)\bntest.obj $(L_LIBS) $(EX_LIBS)
diff --git a/ms/req2CA.ss b/ms/req2CA.ss
index de8862fe79..6a3dd4e2d0 100644
--- a/ms/req2CA.ss
+++ b/ms/req2CA.ss
@@ -6,24 +6,24 @@ Certificate Request:
             Public Key Algorithm: rsaEncryption
             RSA Public Key: (512 bit)
                 Modulus (512 bit):
-                    00:dd:d5:38:92:02:bf:31:59:eb:ed:0d:e9:f8:d9:
-                    79:cb:54:d1:5c:f9:39:2f:d7:4d:38:9d:01:a0:28:
-                    ca:0b:6c:0b:5d:2c:f0:72:3e:5c:57:1d:97:e5:68:
-                    88:78:30:c7:d8:3b:7b:01:b0:ef:b4:68:41:2d:53:
-                    a2:ab:42:ee:bb
+                    00:c0:e2:84:c5:b7:5f:28:b7:a6:10:c1:8e:29:e0:
+                    60:a8:8d:da:6c:91:3d:cb:37:f7:5a:1a:cf:71:02:
+                    d1:03:23:3c:e5:83:f1:93:40:d0:61:6c:21:12:1f:
+                    62:d8:1c:46:59:80:19:ec:aa:ef:d4:4a:9d:b1:58:
+                    82:40:11:ae:05
                 Exponent: 65537 (0x10001)
         Attributes:
             a0:00
     Signature Algorithm: md5WithRSAEncryption
-        7f:77:9e:b5:10:13:39:99:e5:fd:e1:33:54:05:19:b0:89:b8:
-        2b:21:29:ea:f4:fd:ca:da:62:a7:8a:da:4b:33:91:27:9e:3e:
-        f4:95:46:77:57:8d:dd:fe:83:fe:24:b3:e8:27:65:94:65:d3:
-        c8:44:84:b0:ea:41:35:bb:e7:87
+        12:14:96:c0:0e:ea:5a:08:6f:13:fd:72:84:6a:26:33:29:f9:
+        52:39:4c:fc:ec:da:0d:83:39:2e:27:17:9b:f8:46:03:b5:dd:
+        52:a6:dd:3a:50:8e:73:4f:87:94:59:31:1d:5a:54:24:96:4d:
+        d4:57:95:4c:ca:4c:dc:0b:b8:5f
 -----BEGIN CERTIFICATE REQUEST-----
 MIHzMIGeAgEAMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5Eb2RneSBCcm90aGVy
-czERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA3dU4
-kgK/MVnr7Q3p+Nl5y1TRXPk5L9dNOJ0BoCjKC2wLXSzwcj5cVx2X5WiIeDDH2Dt7
-AbDvtGhBLVOiq0LuuwIDAQABoAAwDQYJKoZIhvcNAQEEBQADQQB/d561EBM5meX9
-4TNUBRmwibgrISnq9P3K2mKnitpLM5Ennj70lUZ3V43d/oP+JLPoJ2WUZdPIRISw
-6kE1u+eH
+czERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAwOKE
+xbdfKLemEMGOKeBgqI3abJE9yzf3WhrPcQLRAyM85YPxk0DQYWwhEh9i2BxGWYAZ
+7Krv1EqdsViCQBGuBQIDAQABoAAwDQYJKoZIhvcNAQEEBQADQQASFJbADupaCG8T
+/XKEaiYzKflSOUz87NoNgzkuJxeb+EYDtd1Spt06UI5zT4eUWTEdWlQklk3UV5VM
+ykzcC7hf
 -----END CERTIFICATE REQUEST-----
diff --git a/ms/reqCA.ss b/ms/reqCA.ss
index fa16d45c5d..be8ca974d0 100644
--- a/ms/reqCA.ss
+++ b/ms/reqCA.ss
@@ -1,8 +1,8 @@
 -----BEGIN CERTIFICATE REQUEST-----
 MIHzMIGeAgEAMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5Eb2RneSBCcm90aGVy
-czERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA3dU4
-kgK/MVnr7Q3p+Nl5y1TRXPk5L9dNOJ0BoCjKC2wLXSzwcj5cVx2X5WiIeDDH2Dt7
-AbDvtGhBLVOiq0LuuwIDAQABoAAwDQYJKoZIhvcNAQEFBQADQQDBNQXXHTOE59tY
-Z6CLBB0MrNHsIypGdGAFXroIXM8AU9Ac3P7XD1ONpqX/Qa0nN033E8bU8xpre3RI
-4/9XgBs5
+czERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAwOKE
+xbdfKLemEMGOKeBgqI3abJE9yzf3WhrPcQLRAyM85YPxk0DQYWwhEh9i2BxGWYAZ
+7Krv1EqdsViCQBGuBQIDAQABoAAwDQYJKoZIhvcNAQEFBQADQQDAvyCzrfhnLH8V
+tldPhV9imEi8Dh8vjRYIIb4AlIq25ku8NJyTHi3zOwvH2iiTUx4oxOV9/++UbU+l
+dmT7y1IS
 -----END CERTIFICATE REQUEST-----
diff --git a/ms/reqU.ss b/ms/reqU.ss
index b63f2e4442..9223897196 100644
--- a/ms/reqU.ss
+++ b/ms/reqU.ss
@@ -1,8 +1,8 @@
 -----BEGIN CERTIFICATE REQUEST-----
 MIIBCDCBswIBADBOMQswCQYDVQQGEwJBVTEXMBUGA1UEChMORG9kZ3kgQnJvdGhl
 cnMxEjAQBgNVBAMTCUJyb3RoZXIgMTESMBAGA1UEAxMJQnJvdGhlciAyMFwwDQYJ
-KoZIhvcNAQEBBQADSwAwSAJBAMXMcxp35YXyIsrf4o3N1r1iimo2Tl58yg5iKPhD
-XN0NeqCS5KJtBXbGMlW2LPSxMh4QKbrq6y1B/6HT8noKnAECAwEAAaAAMA0GCSqG
-SIb3DQEBAgUAA0EApF6ZEr63DAKDwgrr4oh4fWOls9tf6k0tpQ31LyCpDv/3+08O
-l5Ds40cAsSJGuswVBExuvkrDJsxxSE14Z/e1Fg==
+KoZIhvcNAQEBBQADSwAwSAJBAMn4ERwmb5cqvcokIrFpnrZ6Ww2TIWQfh47sUMad
+4BKSOz/KuWebVyFOfjhQHyEZEXTBmv1CvjVYOwCelGMiEd8CAwEAAaAAMA0GCSqG
+SIb3DQEBAgUAA0EAbE4cboaJY3vKmskyPC1cS5Jn4WjFOjaUCNI5MjeTNTZ6AE4o
+h6Sx4PeQomjMA1gRGrHCz+5IyVBcgskY5IYLCw==
 -----END CERTIFICATE REQUEST-----
diff --git a/ms/ssleay16.def b/ms/ssleay16.def
index 74409f7ad5..2c61644308 100644
--- a/ms/ssleay16.def
+++ b/ms/ssleay16.def
@@ -17,7 +17,9 @@ STACKSIZE	8192
 EXPORTS
     _SSLeay_add_ssl_algorithms          @109
     _BIO_f_ssl                          @121
+    _BIO_new_buffer_ssl_connect         @173
     _BIO_new_ssl                        @122
+    _BIO_new_ssl_connect                @174
     _BIO_ssl_copy_session_id            @124
     _BIO_ssl_shutdown                   @131
     _ERR_load_SSL_strings               @1
@@ -32,14 +34,21 @@ EXPORTS
     _SSL_CTX_flush_sessions             @7
     _SSL_CTX_free                       @8
     _SSL_CTX_get_client_CA_list         @9
+    _SSL_CTX_get_ex_data                @138
+    _SSL_CTX_get_ex_new_index           @167
+    _SSL_CTX_get_quiet_shutdown         @140
     _SSL_CTX_get_verify_callback        @10
     _SSL_CTX_get_verify_mode            @11
+    _SSL_CTX_load_verify_locations      @141
     _SSL_CTX_new                        @12
     _SSL_CTX_remove_session             @13
     _SSL_CTX_set_cert_verify_cb         @14
     _SSL_CTX_set_cipher_list            @15
     _SSL_CTX_set_client_CA_list         @16
     _SSL_CTX_set_default_passwd_cb      @17
+    _SSL_CTX_set_default_verify_paths   @142
+    _SSL_CTX_set_ex_data                @143
+    _SSL_CTX_set_quiet_shutdown         @145
     _SSL_CTX_set_ssl_version            @19
     _SSL_CTX_set_verify                 @21
     _SSL_CTX_use_PrivateKey             @22
@@ -51,9 +60,18 @@ EXPORTS
     _SSL_CTX_use_certificate            @28
     _SSL_CTX_use_certificate_ASN1       @29
     _SSL_CTX_use_certificate_file       @30
+    _SSL_SESSION_cmp                    @132
     _SSL_SESSION_free                   @31
+    _SSL_SESSION_get_ex_data            @146
+    _SSL_SESSION_get_ex_new_index       @168
+    _SSL_SESSION_get_time               @134
+    _SSL_SESSION_get_timeout            @136
+    _SSL_SESSION_hash                   @133
     _SSL_SESSION_new                    @32
     _SSL_SESSION_print                  @33
+    _SSL_SESSION_set_ex_data            @148
+    _SSL_SESSION_set_time               @135
+    _SSL_SESSION_set_timeout            @137
     _SSL_accept                         @35
     _SSL_add_client_CA                  @36
     _SSL_alert_desc_string              @37
@@ -69,6 +87,7 @@ EXPORTS
     _SSL_dup                            @46
     _SSL_dup_CA_list                    @47
     _SSL_free                           @48
+    _SSL_get_SSL_CTX                    @150
     _SSL_get_certificate                @49
     _SSL_get_cipher_list                @52
     _SSL_get_ciphers                    @55
@@ -76,17 +95,22 @@ EXPORTS
     _SSL_get_current_cipher             @127
     _SSL_get_default_timeout            @57
     _SSL_get_error                      @58
+    _SSL_get_ex_data                    @151
+    _SSL_get_ex_new_index               @169
     _SSL_get_fd                         @59
+    _SSL_get_info_callback              @165
     _SSL_get_peer_cert_chain            @60
     _SSL_get_peer_certificate           @61
     _SSL_get_privatekey                 @126
+    _SSL_get_quiet_shutdown             @153
     _SSL_get_rbio                       @63
     _SSL_get_read_ahead                 @64
+    _SSL_get_session                    @154
     _SSL_get_shared_ciphers             @65
+    _SSL_get_shutdown                   @155
     _SSL_get_ssl_method                 @66
-    _SSL_get_time                       @67
-    _SSL_get_timeout                    @68
     _SSL_get_verify_mode                @70
+    _SSL_get_verify_result              @157
     _SSL_get_version                    @71
     _SSL_get_wbio                       @72
     _SSL_load_client_CA_file            @73
@@ -103,16 +127,20 @@ EXPORTS
     _SSL_set_cipher_list                @84
     _SSL_set_client_CA_list             @85
     _SSL_set_connect_state              @86
+    _SSL_set_ex_data                    @158
     _SSL_set_fd                         @87
+    _SSL_set_info_callback              @160
+    _SSL_set_quiet_shutdown             @161
     _SSL_set_read_ahead                 @88
     _SSL_set_rfd                        @89
     _SSL_set_session                    @90
+    _SSL_set_shutdown                   @162
     _SSL_set_ssl_method                 @91
-    _SSL_set_time                       @92
-    _SSL_set_timeout                    @93
     _SSL_set_verify                     @94
+    _SSL_set_verify_result              @163
     _SSL_set_wfd                        @95
     _SSL_shutdown                       @96
+    _SSL_state                          @166
     _SSL_state_string                   @97
     _SSL_state_string_long              @98
     _SSL_use_PrivateKey                 @99
@@ -124,6 +152,7 @@ EXPORTS
     _SSL_use_certificate                @105
     _SSL_use_certificate_ASN1           @106
     _SSL_use_certificate_file           @107
+    _SSL_version                        @164
     _SSL_write                          @108
     _SSLv23_client_method               @110
     _SSLv23_method                      @111
@@ -134,6 +163,9 @@ EXPORTS
     _SSLv3_client_method                @116
     _SSLv3_method                       @117
     _SSLv3_server_method                @118
+    _TLSv1_client_method                @172
+    _TLSv1_method                       @170
+    _TLSv1_server_method                @171
     _d2i_SSL_SESSION                    @119
     _i2d_SSL_SESSION                    @120
 
diff --git a/ms/ssleay32.def b/ms/ssleay32.def
index 403d4ec584..aa823b8069 100644
--- a/ms/ssleay32.def
+++ b/ms/ssleay32.def
@@ -9,7 +9,9 @@ DESCRIPTION     'SSLeay SSLEAY32 - eay@cryptsoft.com'
 EXPORTS
     SSLeay_add_ssl_algorithms          @109
     BIO_f_ssl                          @121
+    BIO_new_buffer_ssl_connect         @173
     BIO_new_ssl                        @122
+    BIO_new_ssl_connect                @174
     BIO_ssl_copy_session_id            @124
     BIO_ssl_shutdown                   @131
     ERR_load_SSL_strings               @1
@@ -24,14 +26,21 @@ EXPORTS
     SSL_CTX_flush_sessions             @7
     SSL_CTX_free                       @8
     SSL_CTX_get_client_CA_list         @9
+    SSL_CTX_get_ex_data                @138
+    SSL_CTX_get_ex_new_index           @167
+    SSL_CTX_get_quiet_shutdown         @140
     SSL_CTX_get_verify_callback        @10
     SSL_CTX_get_verify_mode            @11
+    SSL_CTX_load_verify_locations      @141
     SSL_CTX_new                        @12
     SSL_CTX_remove_session             @13
     SSL_CTX_set_cert_verify_cb         @14
     SSL_CTX_set_cipher_list            @15
     SSL_CTX_set_client_CA_list         @16
     SSL_CTX_set_default_passwd_cb      @17
+    SSL_CTX_set_default_verify_paths   @142
+    SSL_CTX_set_ex_data                @143
+    SSL_CTX_set_quiet_shutdown         @145
     SSL_CTX_set_ssl_version            @19
     SSL_CTX_set_verify                 @21
     SSL_CTX_use_PrivateKey             @22
@@ -43,10 +52,19 @@ EXPORTS
     SSL_CTX_use_certificate            @28
     SSL_CTX_use_certificate_ASN1       @29
     SSL_CTX_use_certificate_file       @30
+    SSL_SESSION_cmp                    @132
     SSL_SESSION_free                   @31
+    SSL_SESSION_get_ex_data            @146
+    SSL_SESSION_get_ex_new_index       @168
+    SSL_SESSION_get_time               @134
+    SSL_SESSION_get_timeout            @136
+    SSL_SESSION_hash                   @133
     SSL_SESSION_new                    @32
     SSL_SESSION_print                  @33
     SSL_SESSION_print_fp               @34
+    SSL_SESSION_set_ex_data            @148
+    SSL_SESSION_set_time               @135
+    SSL_SESSION_set_timeout            @137
     SSL_accept                         @35
     SSL_add_client_CA                  @36
     SSL_alert_desc_string              @37
@@ -62,6 +80,7 @@ EXPORTS
     SSL_dup                            @46
     SSL_dup_CA_list                    @47
     SSL_free                           @48
+    SSL_get_SSL_CTX                    @150
     SSL_get_certificate                @49
     SSL_get_cipher_list                @52
     SSL_get_ciphers                    @55
@@ -69,17 +88,22 @@ EXPORTS
     SSL_get_current_cipher             @127
     SSL_get_default_timeout            @57
     SSL_get_error                      @58
+    SSL_get_ex_data                    @151
+    SSL_get_ex_new_index               @169
     SSL_get_fd                         @59
+    SSL_get_info_callback              @165
     SSL_get_peer_cert_chain            @60
     SSL_get_peer_certificate           @61
     SSL_get_privatekey                 @126
+    SSL_get_quiet_shutdown             @153
     SSL_get_rbio                       @63
     SSL_get_read_ahead                 @64
+    SSL_get_session                    @154
     SSL_get_shared_ciphers             @65
+    SSL_get_shutdown                   @155
     SSL_get_ssl_method                 @66
-    SSL_get_time                       @67
-    SSL_get_timeout                    @68
     SSL_get_verify_mode                @70
+    SSL_get_verify_result              @157
     SSL_get_version                    @71
     SSL_get_wbio                       @72
     SSL_load_client_CA_file            @73
@@ -96,16 +120,20 @@ EXPORTS
     SSL_set_cipher_list                @84
     SSL_set_client_CA_list             @85
     SSL_set_connect_state              @86
+    SSL_set_ex_data                    @158
     SSL_set_fd                         @87
+    SSL_set_info_callback              @160
+    SSL_set_quiet_shutdown             @161
     SSL_set_read_ahead                 @88
     SSL_set_rfd                        @89
     SSL_set_session                    @90
+    SSL_set_shutdown                   @162
     SSL_set_ssl_method                 @91
-    SSL_set_time                       @92
-    SSL_set_timeout                    @93
     SSL_set_verify                     @94
+    SSL_set_verify_result              @163
     SSL_set_wfd                        @95
     SSL_shutdown                       @96
+    SSL_state                          @166
     SSL_state_string                   @97
     SSL_state_string_long              @98
     SSL_use_PrivateKey                 @99
@@ -117,6 +145,7 @@ EXPORTS
     SSL_use_certificate                @105
     SSL_use_certificate_ASN1           @106
     SSL_use_certificate_file           @107
+    SSL_version                        @164
     SSL_write                          @108
     SSLv23_client_method               @110
     SSLv23_method                      @111
@@ -127,6 +156,9 @@ EXPORTS
     SSLv3_client_method                @116
     SSLv3_method                       @117
     SSLv3_server_method                @118
+    TLSv1_client_method                @172
+    TLSv1_method                       @170
+    TLSv1_server_method                @171
     d2i_SSL_SESSION                    @119
     i2d_SSL_SESSION                    @120
 
diff --git a/ms/test.bat b/ms/test.bat
index e1862c519a..cffaf46524 100755
--- a/ms/test.bat
+++ b/ms/test.bat
@@ -1,126 +1,127 @@
 @echo=off
 
-set bin=..\out
-set test=.
+set test=..\ms
+
+rem run this from inside the bin directory
 
 echo destest
-%bin%\destest
+destest
 if errorlevel 1 goto done
 
 echo ideatest
-%bin%\ideatest
+ideatest
 if errorlevel 1 goto done
 
 echo bftest
-%bin%\bftest
+bftest
 if errorlevel 1 goto done
 
 echo shatest
-%bin%\shatest
+shatest
 if errorlevel 1 goto done
 
 echo sha1test
-%bin%\sha1test
+sha1test
 if errorlevel 1 goto done
 
 echo md5test
-%bin%\md5test
+md5test
 if errorlevel 1 goto done
 
 echo md2test
-%bin%\md2test
+md2test
 if errorlevel 1 goto done
 
 echo mdc2test
-%bin%\mdc2test
+mdc2test
 if errorlevel 1 goto done
 
 echo rc2test
-%bin%\rc2test
+rc2test
 if errorlevel 1 goto done
 
 echo rc4test
-%bin%\rc4test
+rc4test
 if errorlevel 1 goto done
 
 echo randtest
-%bin%\randtest
+randtest
 if errorlevel 1 goto done
 
 echo dhtest
-%bin%\dhtest
+dhtest
 if errorlevel 1 goto done
 
 echo exptest
-%bin%\exptest
+exptest
 if errorlevel 1 goto done
 
 echo dsatest
-%bin%\dsatest
+dsatest
 if errorlevel 1 goto done
 
 echo testenc
-call %test%\testenc %bin%\ssleay
+call %test%\testenc ssleay
 if errorlevel 1 goto done
 
 echo testpem
-call %test%\testpem %bin%\ssleay
+call %test%\testpem ssleay
 if errorlevel 1 goto done
 
 echo verify
 copy ..\certs\*.pem cert.tmp >nul
-%bin%\ssleay verify -CAfile cert.tmp ..\certs\*.pem
+ssleay verify -CAfile cert.tmp ..\certs\*.pem
 
 echo testss
-call %test%\testss %bin%\ssleay
+call %test%\testss ssleay
 if errorlevel 1 goto done
 
 echo test sslv2
-%bin%\ssltest -ssl2
+ssltest -ssl2
 if errorlevel 1 goto done
 
 echo test sslv2 with server authentication
-%bin%\ssltest -ssl2 -server_auth -CAfile cert.tmp
+ssltest -ssl2 -server_auth -CAfile cert.tmp
 if errorlevel 1 goto done
 
 echo test sslv2 with client authentication 
-%bin%\ssltest -ssl2 -client_auth -CAfile cert.tmp
+ssltest -ssl2 -client_auth -CAfile cert.tmp
 if errorlevel 1 goto done
 
-echo test sslv2 with beoth client and server authentication
-%bin%\ssltest -ssl2 -server_auth -client_auth -CAfile cert.tmp
+echo test sslv2 with both client and server authentication
+ssltest -ssl2 -server_auth -client_auth -CAfile cert.tmp
 if errorlevel 1 goto done
 
 echo test sslv3
-%bin%\ssltest -ssl3
+ssltest -ssl3
 if errorlevel 1 goto done
 
 echo test sslv3 with server authentication
-%bin%\ssltest -ssl3 -server_auth -CAfile cert.tmp
+ssltest -ssl3 -server_auth -CAfile cert.tmp
 if errorlevel 1 goto done
 
 echo test sslv3 with client authentication 
-%bin%\ssltest -ssl3 -client_auth -CAfile cert.tmp
+ssltest -ssl3 -client_auth -CAfile cert.tmp
 if errorlevel 1 goto done
 
-echo test sslv3 with beoth client and server authentication
-%bin%\ssltest -ssl3 -server_auth -client_auth -CAfile cert.tmp
+echo test sslv3 with both client and server authentication
+ssltest -ssl3 -server_auth -client_auth -CAfile cert.tmp
 if errorlevel 1 goto done
 
 echo test sslv2/sslv3
-%bin%\ssltest
+ssltest
 if errorlevel 1 goto done
 
 echo test sslv2/sslv3 with server authentication
-%bin%\ssltest -server_auth -CAfile cert.tmp
+ssltest -server_auth -CAfile cert.tmp
 if errorlevel 1 goto done
 
 echo test sslv2/sslv3 with client authentication 
-%bin%\ssltest -client_auth -CAfile cert.tmp
+ssltest -client_auth -CAfile cert.tmp
 if errorlevel 1 goto done
 
-echo test sslv2/sslv3 with beoth client and server authentication
-%bin%\ssltest -server_auth -client_auth -CAfile cert.tmp
+echo test sslv2/sslv3 with both client and server authentication
+ssltest -server_auth -client_auth -CAfile cert.tmp
 if errorlevel 1 goto done
 
 
diff --git a/ms/testenc.bat b/ms/testenc.bat
index b46af4bd9c..2c73bb7d1c 100755
--- a/ms/testenc.bat
+++ b/ms/testenc.bat
@@ -1,10 +1,12 @@
 echo=off
 
+echo start testenc
+path=..\ms;%path%
 set ssleay=%1%
-set input=testenc.bat
-set tmp1=cipher.out
-set out1=clear.out
-set cmp=perl cmp.pl
+set input=..\ms\testenc.bat
+set tmp1=..\ms\cipher.out
+set out1=..\ms\clear.out
+set cmp=perl ..\ms\cmp.pl
 
 call tenc.bat enc
 if errorlevel 1 goto err
diff --git a/ms/testpem.bat b/ms/testpem.bat
index e1e1a02360..8f6cdd4d04 100755
--- a/ms/testpem.bat
+++ b/ms/testpem.bat
@@ -1,7 +1,7 @@
 echo=off
 set ssleay=%1%
 set tmp1=pem.out
-set cmp=perl cmp.pl
+set cmp=perl ..\ms\cmp.pl
 
 call tpem.bat crl ..\test\testcrl.pem
 if errorlevel 1 goto err
diff --git a/ms/testss.bat b/ms/testss.bat
index d9463bf92b..9a3bf428ce 100755
--- a/ms/testss.bat
+++ b/ms/testss.bat
@@ -1,6 +1,6 @@
 echo=off
 
-set ssleay=..\out\ssleay
+rem set ssleay=..\out\ssleay
 set ssleay=%1
 
 set reqcmd=%ssleay% req
diff --git a/ms/w31dll.mak b/ms/w31dll.mak
index a69570a12d..6821d82604 100644
--- a/ms/w31dll.mak
+++ b/ms/w31dll.mak
@@ -15,9 +15,10 @@ INSTALLTOP=\usr\local\ssl
 
 # Set your compiler options
 CC=cl
-CFLAG=/ALw /Gx- /Gt256 /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DWIN16
+CFLAG=/ALw /Gx- /Gt256 /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DWINDOWS -DWIN16
 APP_CFLAG=/Gw /FPi87
-LIB_CFLAG=/Gw
+LIB_CFLAG=/Gw -D_WINDLL -D_DLL
+SHLIB_CFLAG=
 APP_EX_OBJ=setargv.obj
 SHLIB_EX_OBJ=
 # add extra libraries to this define, for solaris -lsocket -lnsl would
@@ -28,7 +29,7 @@ EX_LIBS=oldnames llibcewq libw winsock
 SRC_D=.
 
 LINK=link
-LFLAGS= /FARCALL /NOLOGO /NOD /SEG:1024 /ONERROR:NOEXE /NOE /PACKC:60000 /PACKD:60000 /STACK:20000 /ALIGN:16
+LFLAGS= /FARCALL /NOLOGO /NOD /SEG:1024 /ONERROR:NOEXE /NOE /PACKC:60000 /PACKD:60000 /STACK:20000 /ALIGN:256
 
 BN_MULW_OBJ=crypto\bn\asm\x86w32.obj
 BN_MULW_SRC=crypto\bn\asm\x86w32.asm
@@ -38,11 +39,25 @@ DES_CRYPT_OBJ=
 DES_CRYPT_SRC=
 BF_ENC_OBJ=
 BF_ENC_SRC=
+CAST_ENC_OBJ=
+CAST_ENC_SRC=
+RC4_ENC_OBJ=
+RC4_ENC_SRC=
+RC5_ENC_OBJ=
+RC5_ENC_SRC=
+MD5_ASM_OBJ=
+MD5_ASM_SRC=
+SHA1_ASM_OBJ=
+SHA1_ASM_SRC=
+RMD160_ASM_OBJ=
+RMD160_ASM_SRC=
 
 # The output directory for everything intersting
-OUT_D=out
+OUT_D=out16dll
 # The output directory for all the temporary muck
-TMP_D=tmp
+TMP_D=tmp16dll
+# The output directory for the header files
+INC_D=inc16
 
 CP=copy
 RM=del
@@ -64,11 +79,9 @@ RSAGLUE=RSAglue
 # BIN_D  - Binary output directory
 # TEST_D - Binary test file output directory
 # LIB_D  - library output directory
-# INC_D  - include directory
 BIN_D=$(OUT_D)
 TEST_D=$(OUT_D)
 LIB_D=$(OUT_D)
-INC_D=$(OUT_D)
 
 # INCL_D - local library directory
 # OBJ_D  - temp object file directory
@@ -78,6 +91,8 @@ INCL_D=$(TMP_D)
 O_SSL=     $(LIB_D)\$(SSL).dll
 O_CRYPTO=  $(LIB_D)\$(CRYPTO).dll
 O_RSAGLUE= $(LIB_D)\$(RSAGLUE).lib
+SO_SSL=    $(SSL)
+SO_CRYPTO= $(CRYPTO)
 L_SSL=     $(LIB_D)\$(SSL).lib
 L_CRYPTO=  $(LIB_D)\$(CRYPTO).lib
 
@@ -88,137 +103,152 @@ L_LIBS= $(L_SSL) $(L_CRYPTO)
 # Don't touch anything below this point
 ######################################################
 
-INC=-DFLAT_INC -I$(INC_D) -I$(INCL_D)
+INC=-I$(INC_D) -I$(INCL_D)
 APP_CFLAGS=$(INC) $(CFLAG) $(APP_CFLAG)
 LIB_CFLAGS=$(INC) $(CFLAG) $(LIB_CFLAG)
+SHLIB_CFLAGS=$(INC) $(CFLAG) $(LIB_CFLAG) $(SHLIB_CFLAG)
 LIBS_DEP=$(O_CRYPTO) $(O_RSAGLUE) $(O_SSL)
 
 #############################################
-HEADER=$(INCL_D)\e_os.h \
-	$(INCL_D)\cryptlib.h $(INCL_D)\date.h $(INCL_D)\md5_locl.h \
-	$(INCL_D)\sha_locl.h $(INCL_D)\des_locl.h $(INCL_D)\rpc_des.h \
-	$(INCL_D)\podd.h $(INCL_D)\sk.h $(INCL_D)\spr.h \
-	$(INCL_D)\des_ver.h $(INCL_D)\rc2_locl.h $(INCL_D)\idea_lcl.h \
-	$(INCL_D)\bf_pi.h $(INCL_D)\bf_locl.h $(INCL_D)\bn_lcl.h \
-	$(INCL_D)\bn_prime.h $(INCL_D)\obj_dat.h $(INCL_D)\conf_lcl.h \
-	$(INCL_D)\ssl_locl.h $(INCL_D)\rsaref.h $(INCL_D)\apps.h \
-	$(INCL_D)\progs.h $(INCL_D)\s_apps.h $(INCL_D)\testdsa.h \
-	$(INCL_D)\testrsa.h
-
-EXHEADER=$(INC_D)\crypto.h \
-	$(INC_D)\cryptall.h $(INC_D)\md2.h $(INC_D)\md5.h \
-	$(INC_D)\sha.h $(INC_D)\mdc2.h $(INC_D)\des.h \
-	$(INC_D)\rc4.h $(INC_D)\rc2.h $(INC_D)\idea.h \
-	$(INC_D)\blowfish.h $(INC_D)\bn.h $(INC_D)\rsa.h \
-	$(INC_D)\dsa.h $(INC_D)\dh.h $(INC_D)\buffer.h \
-	$(INC_D)\bio.h $(INC_D)\stack.h $(INC_D)\lhash.h \
+HEADER=$(INCL_D)\cryptlib.h \
+	$(INCL_D)\date.h $(INCL_D)\md5_locl.h $(INCL_D)\sha_locl.h \
+	$(INCL_D)\rmd_locl.h $(INCL_D)\rmdconst.h $(INCL_D)\des_locl.h \
+	$(INCL_D)\rpc_des.h $(INCL_D)\podd.h $(INCL_D)\sk.h \
+	$(INCL_D)\spr.h $(INCL_D)\des_ver.h $(INCL_D)\rc2_locl.h \
+	$(INCL_D)\rc4_locl.h $(INCL_D)\rc5_locl.h $(INCL_D)\idea_lcl.h \
+	$(INCL_D)\bf_pi.h $(INCL_D)\bf_locl.h $(INCL_D)\cast_s.h \
+	$(INCL_D)\cast_lcl.h $(INCL_D)\bn_lcl.h $(INCL_D)\bn_prime.h \
+	$(INCL_D)\obj_dat.h $(INCL_D)\conf_lcl.h $(INCL_D)\ssl_locl.h \
+	$(INCL_D)\rsaref.h $(INCL_D)\apps.h $(INCL_D)\progs.h \
+	$(INCL_D)\s_apps.h $(INCL_D)\testdsa.h $(INCL_D)\testrsa.h
+
+EXHEADER=$(INC_D)\e_os.h \
+	$(INC_D)\crypto.h $(INC_D)\cryptall.h $(INC_D)\md2.h \
+	$(INC_D)\md5.h $(INC_D)\sha.h $(INC_D)\mdc2.h \
+	$(INC_D)\hmac.h $(INC_D)\ripemd.h $(INC_D)\des.h \
+	$(INC_D)\rc2.h $(INC_D)\rc4.h $(INC_D)\rc5.h \
+	$(INC_D)\idea.h $(INC_D)\blowfish.h $(INC_D)\cast.h \
+	$(INC_D)\bn.h $(INC_D)\rsa.h $(INC_D)\dsa.h \
+	$(INC_D)\dh.h $(INC_D)\buffer.h $(INC_D)\bio.h \
+	$(INC_D)\bss_file.c $(INC_D)\stack.h $(INC_D)\lhash.h \
 	$(INC_D)\rand.h $(INC_D)\err.h $(INC_D)\objects.h \
 	$(INC_D)\evp.h $(INC_D)\pem.h $(INC_D)\asn1.h \
 	$(INC_D)\asn1_mac.h $(INC_D)\x509.h $(INC_D)\x509_vfy.h \
 	$(INC_D)\conf.h $(INC_D)\txt_db.h $(INC_D)\pkcs7.h \
 	$(INC_D)\ssl.h $(INC_D)\ssl2.h $(INC_D)\ssl3.h \
-	$(INC_D)\ssl23.h
+	$(INC_D)\ssl23.h $(INC_D)\tls1.h
 
 T_OBJ=$(OBJ_D)\md2test.obj \
 	$(OBJ_D)\md5test.obj $(OBJ_D)\shatest.obj $(OBJ_D)\sha1test.obj \
-	$(OBJ_D)\mdc2test.obj $(OBJ_D)\destest.obj $(OBJ_D)\rc4test.obj \
-	$(OBJ_D)\rc2test.obj $(OBJ_D)\ideatest.obj $(OBJ_D)\bftest.obj \
-	$(OBJ_D)\bntest.obj $(OBJ_D)\exptest.obj $(OBJ_D)\dsatest.obj \
-	$(OBJ_D)\dhtest.obj $(OBJ_D)\randtest.obj $(OBJ_D)\ssltest.obj
+	$(OBJ_D)\mdc2test.obj $(OBJ_D)\hmactest.obj $(OBJ_D)\rmdtest.obj \
+	$(OBJ_D)\destest.obj $(OBJ_D)\rc2test.obj $(OBJ_D)\rc4test.obj \
+	$(OBJ_D)\rc5test.obj $(OBJ_D)\ideatest.obj $(OBJ_D)\bftest.obj \
+	$(OBJ_D)\casttest.obj $(OBJ_D)\bntest.obj $(OBJ_D)\exptest.obj \
+	$(OBJ_D)\dsatest.obj $(OBJ_D)\dhtest.obj $(OBJ_D)\randtest.obj \
+	$(OBJ_D)\ssltest.obj
 
 E_OBJ=$(OBJ_D)\verify.obj \
 	$(OBJ_D)\asn1pars.obj $(OBJ_D)\req.obj $(OBJ_D)\dgst.obj \
 	$(OBJ_D)\dh.obj $(OBJ_D)\enc.obj $(OBJ_D)\gendh.obj \
-	$(OBJ_D)\errstr.obj $(OBJ_D)\ca.obj $(OBJ_D)\gendsa.obj \
-	$(OBJ_D)\pkcs7.obj $(OBJ_D)\crl2p7.obj $(OBJ_D)\crl.obj \
-	$(OBJ_D)\rsa.obj $(OBJ_D)\dsa.obj $(OBJ_D)\dsaparam.obj \
-	$(OBJ_D)\x509.obj $(OBJ_D)\genrsa.obj $(OBJ_D)\s_server.obj \
-	$(OBJ_D)\s_client.obj $(OBJ_D)\speed.obj $(OBJ_D)\s_time.obj \
-	$(OBJ_D)\apps.obj $(OBJ_D)\s_cb.obj $(OBJ_D)\s_socket.obj \
-	$(OBJ_D)\version.obj $(OBJ_D)\sess_id.obj $(OBJ_D)\ciphers.obj \
-	$(OBJ_D)\ssleay.obj
+	$(OBJ_D)\errstr.obj $(OBJ_D)\ca.obj $(OBJ_D)\pkcs7.obj \
+	$(OBJ_D)\crl2p7.obj $(OBJ_D)\crl.obj $(OBJ_D)\rsa.obj \
+	$(OBJ_D)\dsa.obj $(OBJ_D)\dsaparam.obj $(OBJ_D)\x509.obj \
+	$(OBJ_D)\genrsa.obj $(OBJ_D)\s_server.obj $(OBJ_D)\s_client.obj \
+	$(OBJ_D)\speed.obj $(OBJ_D)\s_time.obj $(OBJ_D)\apps.obj \
+	$(OBJ_D)\s_cb.obj $(OBJ_D)\s_socket.obj $(OBJ_D)\version.obj \
+	$(OBJ_D)\sess_id.obj $(OBJ_D)\ciphers.obj $(OBJ_D)\ssleay.obj
 
 CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
-	$(OBJ_D)\mem.obj $(OBJ_D)\cversion.obj $(OBJ_D)\md2_dgst.obj \
-	$(OBJ_D)\md5_dgst.obj $(OBJ_D)\md2_one.obj $(OBJ_D)\md5_one.obj \
-	$(OBJ_D)\sha_dgst.obj $(OBJ_D)\sha1dgst.obj $(OBJ_D)\sha_one.obj \
-	$(OBJ_D)\sha1_one.obj $(OBJ_D)\mdc2dgst.obj $(OBJ_D)\mdc2_one.obj \
-	$(OBJ_D)\set_key.obj $(OBJ_D)\ecb_enc.obj $(OBJ_D)\ede_enc.obj \
-	$(OBJ_D)\cbc_enc.obj $(OBJ_D)\cbc3_enc.obj $(OBJ_D)\ecb3_enc.obj \
+	$(OBJ_D)\mem.obj $(OBJ_D)\cversion.obj $(OBJ_D)\ex_data.obj \
+	$(OBJ_D)\cpt_err.obj $(OBJ_D)\md2_dgst.obj $(OBJ_D)\md2_one.obj \
+	$(OBJ_D)\md5_dgst.obj $(OBJ_D)\md5_one.obj $(OBJ_D)\sha_dgst.obj \
+	$(OBJ_D)\sha1dgst.obj $(OBJ_D)\sha_one.obj $(OBJ_D)\sha1_one.obj \
+	$(OBJ_D)\mdc2dgst.obj $(OBJ_D)\mdc2_one.obj $(OBJ_D)\hmac.obj \
+	$(OBJ_D)\rmd_dgst.obj $(OBJ_D)\rmd_one.obj $(OBJ_D)\set_key.obj \
+	$(OBJ_D)\ecb_enc.obj $(OBJ_D)\cbc_enc.obj $(OBJ_D)\ecb3_enc.obj \
 	$(OBJ_D)\cfb64enc.obj $(OBJ_D)\cfb64ede.obj $(OBJ_D)\cfb_enc.obj \
 	$(OBJ_D)\ofb64ede.obj $(OBJ_D)\enc_read.obj $(OBJ_D)\enc_writ.obj \
-	$(OBJ_D)\ncbc_enc.obj $(OBJ_D)\ofb64enc.obj $(OBJ_D)\ofb_enc.obj \
-	$(OBJ_D)\str2key.obj $(OBJ_D)\pcbc_enc.obj $(OBJ_D)\qud_cksm.obj \
-	$(OBJ_D)\rand_key.obj $(OBJ_D)\des_enc.obj $(OBJ_D)\fcrypt_b.obj \
-	$(OBJ_D)\read2pwd.obj $(OBJ_D)\fcrypt.obj $(OBJ_D)\xcbc_enc.obj \
-	$(OBJ_D)\read_pwd.obj $(OBJ_D)\rpc_enc.obj $(OBJ_D)\cbc_cksm.obj \
-	$(OBJ_D)\supp.obj $(OBJ_D)\rc4_enc.obj $(OBJ_D)\rc2_ecb.obj \
-	$(OBJ_D)\rc2_skey.obj $(OBJ_D)\rc2_cbc.obj $(OBJ_D)\rc2cfb64.obj \
-	$(OBJ_D)\rc2ofb64.obj $(OBJ_D)\i_cbc.obj $(OBJ_D)\i_cfb64.obj \
-	$(OBJ_D)\i_ofb64.obj $(OBJ_D)\i_ecb.obj $(OBJ_D)\i_skey.obj \
-	$(OBJ_D)\bf_skey.obj $(OBJ_D)\bf_ecb.obj $(OBJ_D)\bf_enc.obj \
-	$(OBJ_D)\bf_cbc.obj $(OBJ_D)\bf_cfb64.obj $(OBJ_D)\bf_ofb64.obj \
+	$(OBJ_D)\ofb64enc.obj $(OBJ_D)\ofb_enc.obj $(OBJ_D)\str2key.obj \
+	$(OBJ_D)\pcbc_enc.obj $(OBJ_D)\qud_cksm.obj $(OBJ_D)\rand_key.obj \
+	$(OBJ_D)\des_enc.obj $(OBJ_D)\fcrypt_b.obj $(OBJ_D)\read2pwd.obj \
+	$(OBJ_D)\fcrypt.obj $(OBJ_D)\xcbc_enc.obj $(OBJ_D)\read_pwd.obj \
+	$(OBJ_D)\rpc_enc.obj $(OBJ_D)\cbc_cksm.obj $(OBJ_D)\supp.obj \
+	$(OBJ_D)\rc2_ecb.obj $(OBJ_D)\rc2_skey.obj $(OBJ_D)\rc2_cbc.obj \
+	$(OBJ_D)\rc2cfb64.obj $(OBJ_D)\rc2ofb64.obj $(OBJ_D)\rc4_skey.obj \
+	$(OBJ_D)\rc4_enc.obj $(OBJ_D)\rc5_skey.obj $(OBJ_D)\rc5_ecb.obj \
+	$(OBJ_D)\rc5_enc.obj $(OBJ_D)\rc5cfb64.obj $(OBJ_D)\rc5ofb64.obj \
+	$(OBJ_D)\i_cbc.obj $(OBJ_D)\i_cfb64.obj $(OBJ_D)\i_ofb64.obj \
+	$(OBJ_D)\i_ecb.obj $(OBJ_D)\i_skey.obj $(OBJ_D)\bf_skey.obj \
+	$(OBJ_D)\bf_ecb.obj $(OBJ_D)\bf_enc.obj $(OBJ_D)\bf_cfb64.obj \
+	$(OBJ_D)\bf_ofb64.obj $(OBJ_D)\c_skey.obj $(OBJ_D)\c_ecb.obj \
+	$(OBJ_D)\c_enc.obj $(OBJ_D)\c_cfb64.obj $(OBJ_D)\c_ofb64.obj \
 	$(OBJ_D)\bn_add.obj $(OBJ_D)\bn_div.obj $(OBJ_D)\bn_exp.obj \
 	$(OBJ_D)\bn_lib.obj $(OBJ_D)\bn_mod.obj $(OBJ_D)\bn_mul.obj \
 	$(OBJ_D)\bn_print.obj $(OBJ_D)\bn_rand.obj $(OBJ_D)\bn_shift.obj \
-	$(OBJ_D)\bn_sub.obj $(OBJ_D)\bn_word.obj $(OBJ_D)\bn_gcd.obj \
-	$(OBJ_D)\bn_prime.obj $(OBJ_D)\bn_err.obj $(OBJ_D)\bn_sqr.obj \
-	$(BN_MULW_OBJ) $(OBJ_D)\bn_recp.obj $(OBJ_D)\bn_mont.obj \
-	$(OBJ_D)\rsa_enc.obj $(OBJ_D)\rsa_gen.obj $(OBJ_D)\rsa_lib.obj \
-	$(OBJ_D)\rsa_sign.obj $(OBJ_D)\rsa_saos.obj $(OBJ_D)\rsa_err.obj \
-	$(OBJ_D)\dsa_gen.obj $(OBJ_D)\dsa_key.obj $(OBJ_D)\dsa_lib.obj \
-	$(OBJ_D)\dsa_vrf.obj $(OBJ_D)\dsa_sign.obj $(OBJ_D)\dsa_err.obj \
-	$(OBJ_D)\dh_gen.obj $(OBJ_D)\dh_key.obj $(OBJ_D)\dh_lib.obj \
-	$(OBJ_D)\dh_check.obj $(OBJ_D)\dh_err.obj $(OBJ_D)\buffer.obj \
-	$(OBJ_D)\buf_err.obj $(OBJ_D)\bio_lib.obj $(OBJ_D)\bio_cb.obj \
-	$(OBJ_D)\bio_err.obj $(OBJ_D)\bss_mem.obj $(OBJ_D)\bss_null.obj \
-	$(OBJ_D)\bss_fd.obj $(OBJ_D)\bss_file.obj $(OBJ_D)\bss_sock.obj \
-	$(OBJ_D)\bss_conn.obj $(OBJ_D)\bf_null.obj $(OBJ_D)\bf_buff.obj \
-	$(OBJ_D)\b_print.obj $(OBJ_D)\b_dump.obj $(OBJ_D)\b_sock.obj \
-	$(OBJ_D)\bss_acpt.obj $(OBJ_D)\bf_nbio.obj $(OBJ_D)\stack.obj \
-	$(OBJ_D)\lhash.obj $(OBJ_D)\lh_stats.obj $(OBJ_D)\md_rand.obj \
-	$(OBJ_D)\randfile.obj $(OBJ_D)\err.obj $(OBJ_D)\err_all.obj \
-	$(OBJ_D)\err_prn.obj $(OBJ_D)\obj_dat.obj $(OBJ_D)\obj_lib.obj \
-	$(OBJ_D)\obj_err.obj $(OBJ_D)\encode.obj $(OBJ_D)\digest.obj \
-	$(OBJ_D)\evp_enc.obj $(OBJ_D)\evp_key.obj $(OBJ_D)\e_ecb_d.obj \
-	$(OBJ_D)\e_cbc_d.obj $(OBJ_D)\e_cfb_d.obj $(OBJ_D)\e_ofb_d.obj \
-	$(OBJ_D)\e_ecb_i.obj $(OBJ_D)\e_cbc_i.obj $(OBJ_D)\e_cfb_i.obj \
-	$(OBJ_D)\e_ofb_i.obj $(OBJ_D)\e_ecb_3d.obj $(OBJ_D)\e_cbc_3d.obj \
-	$(OBJ_D)\e_rc4.obj $(OBJ_D)\names.obj $(OBJ_D)\e_cfb_3d.obj \
-	$(OBJ_D)\e_ofb_3d.obj $(OBJ_D)\e_xcbc_d.obj $(OBJ_D)\e_ecb_r2.obj \
-	$(OBJ_D)\e_cbc_r2.obj $(OBJ_D)\e_cfb_r2.obj $(OBJ_D)\e_ofb_r2.obj \
-	$(OBJ_D)\e_ecb_bf.obj $(OBJ_D)\e_cbc_bf.obj $(OBJ_D)\e_cfb_bf.obj \
-	$(OBJ_D)\e_ofb_bf.obj $(OBJ_D)\m_null.obj $(OBJ_D)\m_md2.obj \
-	$(OBJ_D)\m_md5.obj $(OBJ_D)\m_sha.obj $(OBJ_D)\m_sha1.obj \
-	$(OBJ_D)\m_dss.obj $(OBJ_D)\m_dss1.obj $(OBJ_D)\m_mdc2.obj \
-	$(OBJ_D)\p_open.obj $(OBJ_D)\p_seal.obj $(OBJ_D)\p_sign.obj \
-	$(OBJ_D)\p_verify.obj $(OBJ_D)\p_lib.obj $(OBJ_D)\bio_md.obj \
-	$(OBJ_D)\bio_b64.obj $(OBJ_D)\bio_enc.obj $(OBJ_D)\evp_err.obj \
-	$(OBJ_D)\e_null.obj $(OBJ_D)\c_all.obj $(OBJ_D)\pem_sign.obj \
-	$(OBJ_D)\pem_seal.obj $(OBJ_D)\pem_info.obj $(OBJ_D)\pem_lib.obj \
-	$(OBJ_D)\pem_all.obj $(OBJ_D)\pem_err.obj $(OBJ_D)\a_object.obj \
-	$(OBJ_D)\a_bitstr.obj $(OBJ_D)\a_utctm.obj $(OBJ_D)\a_int.obj \
-	$(OBJ_D)\a_octet.obj $(OBJ_D)\a_print.obj $(OBJ_D)\a_type.obj \
-	$(OBJ_D)\a_set.obj $(OBJ_D)\a_dup.obj $(OBJ_D)\a_d2i_fp.obj \
-	$(OBJ_D)\a_i2d_fp.obj $(OBJ_D)\a_sign.obj $(OBJ_D)\a_digest.obj \
-	$(OBJ_D)\a_verify.obj $(OBJ_D)\x_algor.obj $(OBJ_D)\x_val.obj \
-	$(OBJ_D)\x_pubkey.obj $(OBJ_D)\x_sig.obj $(OBJ_D)\x_req.obj \
-	$(OBJ_D)\x_attrib.obj $(OBJ_D)\x_name.obj $(OBJ_D)\x_cinf.obj \
-	$(OBJ_D)\x_x509.obj $(OBJ_D)\x_crl.obj $(OBJ_D)\x_info.obj \
-	$(OBJ_D)\x_spki.obj $(OBJ_D)\d2i_r_pr.obj $(OBJ_D)\i2d_r_pr.obj \
-	$(OBJ_D)\d2i_r_pu.obj $(OBJ_D)\i2d_r_pu.obj $(OBJ_D)\d2i_s_pr.obj \
-	$(OBJ_D)\i2d_s_pr.obj $(OBJ_D)\d2i_s_pu.obj $(OBJ_D)\i2d_s_pu.obj \
-	$(OBJ_D)\d2i_pu.obj $(OBJ_D)\d2i_pr.obj $(OBJ_D)\i2d_pu.obj \
-	$(OBJ_D)\i2d_pr.obj $(OBJ_D)\t_req.obj $(OBJ_D)\t_x509.obj \
-	$(OBJ_D)\t_pkey.obj $(OBJ_D)\p7_i_s.obj $(OBJ_D)\p7_signi.obj \
-	$(OBJ_D)\p7_signd.obj $(OBJ_D)\p7_recip.obj $(OBJ_D)\p7_enc_c.obj \
-	$(OBJ_D)\p7_evp.obj $(OBJ_D)\p7_dgst.obj $(OBJ_D)\p7_s_e.obj \
-	$(OBJ_D)\p7_enc.obj $(OBJ_D)\p7_lib.obj $(OBJ_D)\f_int.obj \
-	$(OBJ_D)\f_string.obj $(OBJ_D)\i2d_dhp.obj $(OBJ_D)\i2d_dsap.obj \
-	$(OBJ_D)\d2i_dhp.obj $(OBJ_D)\d2i_dsap.obj $(OBJ_D)\n_pkey.obj \
-	$(OBJ_D)\a_hdr.obj $(OBJ_D)\x_pkey.obj $(OBJ_D)\a_bool.obj \
-	$(OBJ_D)\x_exten.obj $(OBJ_D)\asn1_par.obj $(OBJ_D)\asn1_lib.obj \
-	$(OBJ_D)\asn1_err.obj $(OBJ_D)\a_meth.obj $(OBJ_D)\a_bytes.obj \
+	$(OBJ_D)\bn_sub.obj $(OBJ_D)\bn_word.obj $(OBJ_D)\bn_blind.obj \
+	$(OBJ_D)\bn_gcd.obj $(OBJ_D)\bn_prime.obj $(OBJ_D)\bn_err.obj \
+	$(OBJ_D)\bn_sqr.obj $(BN_MULW_OBJ) $(OBJ_D)\bn_recp.obj \
+	$(OBJ_D)\bn_mont.obj $(OBJ_D)\bn_mpi.obj $(OBJ_D)\rsa_eay.obj \
+	$(OBJ_D)\rsa_gen.obj $(OBJ_D)\rsa_lib.obj $(OBJ_D)\rsa_sign.obj \
+	$(OBJ_D)\rsa_saos.obj $(OBJ_D)\rsa_err.obj $(OBJ_D)\rsa_pk1.obj \
+	$(OBJ_D)\rsa_ssl.obj $(OBJ_D)\rsa_none.obj $(OBJ_D)\dsa_gen.obj \
+	$(OBJ_D)\dsa_key.obj $(OBJ_D)\dsa_lib.obj $(OBJ_D)\dsa_vrf.obj \
+	$(OBJ_D)\dsa_sign.obj $(OBJ_D)\dsa_err.obj $(OBJ_D)\dh_gen.obj \
+	$(OBJ_D)\dh_key.obj $(OBJ_D)\dh_lib.obj $(OBJ_D)\dh_check.obj \
+	$(OBJ_D)\dh_err.obj $(OBJ_D)\buffer.obj $(OBJ_D)\buf_err.obj \
+	$(OBJ_D)\bio_lib.obj $(OBJ_D)\bio_cb.obj $(OBJ_D)\bio_err.obj \
+	$(OBJ_D)\bss_mem.obj $(OBJ_D)\bss_null.obj $(OBJ_D)\bss_fd.obj \
+	$(OBJ_D)\bss_file.obj $(OBJ_D)\bss_sock.obj $(OBJ_D)\bss_conn.obj \
+	$(OBJ_D)\bf_null.obj $(OBJ_D)\bf_buff.obj $(OBJ_D)\b_print.obj \
+	$(OBJ_D)\b_dump.obj $(OBJ_D)\b_sock.obj $(OBJ_D)\bss_acpt.obj \
+	$(OBJ_D)\bf_nbio.obj $(OBJ_D)\stack.obj $(OBJ_D)\lhash.obj \
+	$(OBJ_D)\lh_stats.obj $(OBJ_D)\md_rand.obj $(OBJ_D)\randfile.obj \
+	$(OBJ_D)\err.obj $(OBJ_D)\err_all.obj $(OBJ_D)\err_prn.obj \
+	$(OBJ_D)\obj_dat.obj $(OBJ_D)\obj_lib.obj $(OBJ_D)\obj_err.obj \
+	$(OBJ_D)\encode.obj $(OBJ_D)\digest.obj $(OBJ_D)\evp_enc.obj \
+	$(OBJ_D)\evp_key.obj $(OBJ_D)\e_ecb_d.obj $(OBJ_D)\e_cbc_d.obj \
+	$(OBJ_D)\e_cfb_d.obj $(OBJ_D)\e_ofb_d.obj $(OBJ_D)\e_ecb_i.obj \
+	$(OBJ_D)\e_cbc_i.obj $(OBJ_D)\e_cfb_i.obj $(OBJ_D)\e_ofb_i.obj \
+	$(OBJ_D)\e_ecb_3d.obj $(OBJ_D)\e_cbc_3d.obj $(OBJ_D)\e_rc4.obj \
+	$(OBJ_D)\names.obj $(OBJ_D)\e_cfb_3d.obj $(OBJ_D)\e_ofb_3d.obj \
+	$(OBJ_D)\e_xcbc_d.obj $(OBJ_D)\e_ecb_r2.obj $(OBJ_D)\e_cbc_r2.obj \
+	$(OBJ_D)\e_cfb_r2.obj $(OBJ_D)\e_ofb_r2.obj $(OBJ_D)\e_ecb_bf.obj \
+	$(OBJ_D)\e_cbc_bf.obj $(OBJ_D)\e_cfb_bf.obj $(OBJ_D)\e_ofb_bf.obj \
+	$(OBJ_D)\e_ecb_c.obj $(OBJ_D)\e_cbc_c.obj $(OBJ_D)\e_cfb_c.obj \
+	$(OBJ_D)\e_ofb_c.obj $(OBJ_D)\e_ecb_r5.obj $(OBJ_D)\e_cbc_r5.obj \
+	$(OBJ_D)\e_cfb_r5.obj $(OBJ_D)\e_ofb_r5.obj $(OBJ_D)\m_null.obj \
+	$(OBJ_D)\m_md2.obj $(OBJ_D)\m_md5.obj $(OBJ_D)\m_sha.obj \
+	$(OBJ_D)\m_sha1.obj $(OBJ_D)\m_dss.obj $(OBJ_D)\m_dss1.obj \
+	$(OBJ_D)\m_mdc2.obj $(OBJ_D)\m_ripemd.obj $(OBJ_D)\p_open.obj \
+	$(OBJ_D)\p_seal.obj $(OBJ_D)\p_sign.obj $(OBJ_D)\p_verify.obj \
+	$(OBJ_D)\p_lib.obj $(OBJ_D)\p_enc.obj $(OBJ_D)\p_dec.obj \
+	$(OBJ_D)\bio_md.obj $(OBJ_D)\bio_b64.obj $(OBJ_D)\bio_enc.obj \
+	$(OBJ_D)\evp_err.obj $(OBJ_D)\e_null.obj $(OBJ_D)\c_all.obj \
+	$(OBJ_D)\evp_lib.obj $(OBJ_D)\pem_sign.obj $(OBJ_D)\pem_seal.obj \
+	$(OBJ_D)\pem_info.obj $(OBJ_D)\pem_lib.obj $(OBJ_D)\pem_all.obj \
+	$(OBJ_D)\pem_err.obj $(OBJ_D)\a_object.obj $(OBJ_D)\a_bitstr.obj \
+	$(OBJ_D)\a_utctm.obj $(OBJ_D)\a_int.obj $(OBJ_D)\a_octet.obj \
+	$(OBJ_D)\a_print.obj $(OBJ_D)\a_type.obj $(OBJ_D)\a_set.obj \
+	$(OBJ_D)\a_dup.obj $(OBJ_D)\a_d2i_fp.obj $(OBJ_D)\a_i2d_fp.obj \
+	$(OBJ_D)\a_sign.obj $(OBJ_D)\a_digest.obj $(OBJ_D)\a_verify.obj \
+	$(OBJ_D)\x_algor.obj $(OBJ_D)\x_val.obj $(OBJ_D)\x_pubkey.obj \
+	$(OBJ_D)\x_sig.obj $(OBJ_D)\x_req.obj $(OBJ_D)\x_attrib.obj \
+	$(OBJ_D)\x_name.obj $(OBJ_D)\x_cinf.obj $(OBJ_D)\x_x509.obj \
+	$(OBJ_D)\x_crl.obj $(OBJ_D)\x_info.obj $(OBJ_D)\x_spki.obj \
+	$(OBJ_D)\d2i_r_pr.obj $(OBJ_D)\i2d_r_pr.obj $(OBJ_D)\d2i_r_pu.obj \
+	$(OBJ_D)\i2d_r_pu.obj $(OBJ_D)\d2i_s_pr.obj $(OBJ_D)\i2d_s_pr.obj \
+	$(OBJ_D)\d2i_s_pu.obj $(OBJ_D)\i2d_s_pu.obj $(OBJ_D)\d2i_pu.obj \
+	$(OBJ_D)\d2i_pr.obj $(OBJ_D)\i2d_pu.obj $(OBJ_D)\i2d_pr.obj \
+	$(OBJ_D)\t_req.obj $(OBJ_D)\t_x509.obj $(OBJ_D)\t_pkey.obj \
+	$(OBJ_D)\p7_i_s.obj $(OBJ_D)\p7_signi.obj $(OBJ_D)\p7_signd.obj \
+	$(OBJ_D)\p7_recip.obj $(OBJ_D)\p7_enc_c.obj $(OBJ_D)\p7_evp.obj \
+	$(OBJ_D)\p7_dgst.obj $(OBJ_D)\p7_s_e.obj $(OBJ_D)\p7_enc.obj \
+	$(OBJ_D)\p7_lib.obj $(OBJ_D)\f_int.obj $(OBJ_D)\f_string.obj \
+	$(OBJ_D)\i2d_dhp.obj $(OBJ_D)\i2d_dsap.obj $(OBJ_D)\d2i_dhp.obj \
+	$(OBJ_D)\d2i_dsap.obj $(OBJ_D)\n_pkey.obj $(OBJ_D)\a_hdr.obj \
+	$(OBJ_D)\x_pkey.obj $(OBJ_D)\a_bool.obj $(OBJ_D)\x_exten.obj \
+	$(OBJ_D)\asn1_par.obj $(OBJ_D)\asn1_lib.obj $(OBJ_D)\asn1_err.obj \
+	$(OBJ_D)\a_meth.obj $(OBJ_D)\a_bytes.obj $(OBJ_D)\evp_asn1.obj \
 	$(OBJ_D)\x509_def.obj $(OBJ_D)\x509_d2.obj $(OBJ_D)\x509_r2x.obj \
 	$(OBJ_D)\x509_cmp.obj $(OBJ_D)\x509_obj.obj $(OBJ_D)\x509_req.obj \
 	$(OBJ_D)\x509_vfy.obj $(OBJ_D)\x509_set.obj $(OBJ_D)\x509rset.obj \
@@ -232,42 +262,55 @@ CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
 
 SSLOBJ=$(OBJ_D)\s2_meth.obj \
 	$(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
-	$(OBJ_D)\s2_pkt.obj $(OBJ_D)\s2_enc.obj $(OBJ_D)\s3_meth.obj \
+	$(OBJ_D)\s2_enc.obj $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s3_meth.obj \
 	$(OBJ_D)\s3_srvr.obj $(OBJ_D)\s3_clnt.obj $(OBJ_D)\s3_lib.obj \
-	$(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_both.obj \
+	$(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_both.obj \
 	$(OBJ_D)\s23_meth.obj $(OBJ_D)\s23_srvr.obj $(OBJ_D)\s23_clnt.obj \
-	$(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj $(OBJ_D)\ssl_lib.obj \
-	$(OBJ_D)\ssl_err2.obj $(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj \
-	$(OBJ_D)\ssl_ciph.obj $(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj \
-	$(OBJ_D)\ssl_asn1.obj $(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj \
-	$(OBJ_D)\bio_ssl.obj $(OBJ_D)\ssl_err.obj
+	$(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj $(OBJ_D)\t1_meth.obj \
+	$(OBJ_D)\t1_srvr.obj $(OBJ_D)\t1_clnt.obj $(OBJ_D)\t1_lib.obj \
+	$(OBJ_D)\t1_enc.obj $(OBJ_D)\ssl_lib.obj $(OBJ_D)\ssl_err2.obj \
+	$(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj $(OBJ_D)\ssl_ciph.obj \
+	$(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj $(OBJ_D)\ssl_asn1.obj \
+	$(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj $(OBJ_D)\bio_ssl.obj \
+	$(OBJ_D)\ssl_err.obj
 
 RSAGLUEOBJ=$(OBJ_D)\rsaref.obj \
 	$(OBJ_D)\rsar_err.obj
 
 T_EXE=$(TEST_D)\md2test.exe \
 	$(TEST_D)\md5test.exe $(TEST_D)\shatest.exe $(TEST_D)\sha1test.exe \
-	$(TEST_D)\mdc2test.exe $(TEST_D)\destest.exe $(TEST_D)\rc4test.exe \
-	$(TEST_D)\rc2test.exe $(TEST_D)\ideatest.exe $(TEST_D)\bftest.exe \
-	$(TEST_D)\bntest.exe $(TEST_D)\exptest.exe $(TEST_D)\dsatest.exe \
-	$(TEST_D)\dhtest.exe $(TEST_D)\randtest.exe $(TEST_D)\ssltest.exe
+	$(TEST_D)\mdc2test.exe $(TEST_D)\hmactest.exe $(TEST_D)\rmdtest.exe \
+	$(TEST_D)\destest.exe $(TEST_D)\rc2test.exe $(TEST_D)\rc4test.exe \
+	$(TEST_D)\rc5test.exe $(TEST_D)\ideatest.exe $(TEST_D)\bftest.exe \
+	$(TEST_D)\casttest.exe $(TEST_D)\bntest.exe $(TEST_D)\exptest.exe \
+	$(TEST_D)\dsatest.exe $(TEST_D)\dhtest.exe $(TEST_D)\randtest.exe \
+	$(TEST_D)\ssltest.exe
 
 ###################################################################
-all: banner $(OUT_D) $(TMP_D) headers lib exe
+all: banner $(TMP_D) $(BIN_D) $(TEST_D) $(LIB_D) $(INC_D) headers lib exe
 
 banner:
-	@echo Make sure you have run 'perl Configure VC-W31-32' in the
+	@echo Make sure you have run 'perl Configure VC-WIN16' in the
 	@echo top level directory, if you don't have perl, you will
 	@echo need to probably edit crypto/bn/bn.h, check the
 	@echo documentation for details.
 
 
-$(OUT_D):
-	$(MKDIR) $(OUT_D)
-
 $(TMP_D):
 	$(MKDIR) $(TMP_D)
 
+$(BIN_D):
+	$(MKDIR) $(BIN_D)
+
+$(TEST_D):
+	$(MKDIR) $(TEST_D)
+
+$(LIB_D):
+	$(MKDIR) $(LIB_D)
+
+$(INC_D):
+	$(MKDIR) $(INC_D)
+
 headers: $(HEADER) $(EXHEADER)
 
 lib: $(LIBS_DEP)
@@ -279,10 +322,10 @@ install:
 	$(MKDIR) $(INSTALLTOP)\bin
 	$(MKDIR) $(INSTALLTOP)\include
 	$(MKDIR) $(INSTALLTOP)\lib
-	$(CP) $(INC_D)\*.h $(INSTALLTOP)\include
+	$(CP) $(INC_D)\*.[ch] $(INSTALLTOP)\include
 	$(CP) $(BIN_D)\$(E_EXE).exe $(INSTALLTOP)\bin
-	$(CP) $(LIB_D)\$(O_SSL) $(INSTALLTOP)\lib
-	$(CP) $(LIB_D)\$(O_CRYPTO) $(INSTALLTOP)\lib
+	$(CP) $(O_SSL) $(INSTALLTOP)\lib
+	$(CP) $(O_CRYPTO) $(INSTALLTOP)\lib
 
 clean:
 	$(RM) $(TMP_D)\*.*
@@ -291,21 +334,24 @@ vclean:
 	$(RM) $(TMP_D)\*.*
 	$(RM) $(OUT_D)\*.*
 
-$(INCL_D)\e_os.h: $(SRC_D)\.\e_os.h
-	$(CP) $(SRC_D)\.\e_os.h $(INCL_D)\e_os.h
-
 $(INCL_D)\cryptlib.h: $(SRC_D)\crypto\cryptlib.h
 	$(CP) $(SRC_D)\crypto\cryptlib.h $(INCL_D)\cryptlib.h
 
 $(INCL_D)\date.h: $(SRC_D)\crypto\date.h
 	$(CP) $(SRC_D)\crypto\date.h $(INCL_D)\date.h
 
-$(INCL_D)\md5_locl.h: $(SRC_D)\crypto\md\md5_locl.h
-	$(CP) $(SRC_D)\crypto\md\md5_locl.h $(INCL_D)\md5_locl.h
+$(INCL_D)\md5_locl.h: $(SRC_D)\crypto\md5\md5_locl.h
+	$(CP) $(SRC_D)\crypto\md5\md5_locl.h $(INCL_D)\md5_locl.h
 
 $(INCL_D)\sha_locl.h: $(SRC_D)\crypto\sha\sha_locl.h
 	$(CP) $(SRC_D)\crypto\sha\sha_locl.h $(INCL_D)\sha_locl.h
 
+$(INCL_D)\rmd_locl.h: $(SRC_D)\crypto\ripemd\rmd_locl.h
+	$(CP) $(SRC_D)\crypto\ripemd\rmd_locl.h $(INCL_D)\rmd_locl.h
+
+$(INCL_D)\rmdconst.h: $(SRC_D)\crypto\ripemd\rmdconst.h
+	$(CP) $(SRC_D)\crypto\ripemd\rmdconst.h $(INCL_D)\rmdconst.h
+
 $(INCL_D)\des_locl.h: $(SRC_D)\crypto\des\des_locl.h
 	$(CP) $(SRC_D)\crypto\des\des_locl.h $(INCL_D)\des_locl.h
 
@@ -327,6 +373,12 @@ $(INCL_D)\des_ver.h: $(SRC_D)\crypto\des\des_ver.h
 $(INCL_D)\rc2_locl.h: $(SRC_D)\crypto\rc2\rc2_locl.h
 	$(CP) $(SRC_D)\crypto\rc2\rc2_locl.h $(INCL_D)\rc2_locl.h
 
+$(INCL_D)\rc4_locl.h: $(SRC_D)\crypto\rc4\rc4_locl.h
+	$(CP) $(SRC_D)\crypto\rc4\rc4_locl.h $(INCL_D)\rc4_locl.h
+
+$(INCL_D)\rc5_locl.h: $(SRC_D)\crypto\rc5\rc5_locl.h
+	$(CP) $(SRC_D)\crypto\rc5\rc5_locl.h $(INCL_D)\rc5_locl.h
+
 $(INCL_D)\idea_lcl.h: $(SRC_D)\crypto\idea\idea_lcl.h
 	$(CP) $(SRC_D)\crypto\idea\idea_lcl.h $(INCL_D)\idea_lcl.h
 
@@ -336,6 +388,12 @@ $(INCL_D)\bf_pi.h: $(SRC_D)\crypto\bf\bf_pi.h
 $(INCL_D)\bf_locl.h: $(SRC_D)\crypto\bf\bf_locl.h
 	$(CP) $(SRC_D)\crypto\bf\bf_locl.h $(INCL_D)\bf_locl.h
 
+$(INCL_D)\cast_s.h: $(SRC_D)\crypto\cast\cast_s.h
+	$(CP) $(SRC_D)\crypto\cast\cast_s.h $(INCL_D)\cast_s.h
+
+$(INCL_D)\cast_lcl.h: $(SRC_D)\crypto\cast\cast_lcl.h
+	$(CP) $(SRC_D)\crypto\cast\cast_lcl.h $(INCL_D)\cast_lcl.h
+
 $(INCL_D)\bn_lcl.h: $(SRC_D)\crypto\bn\bn_lcl.h
 	$(CP) $(SRC_D)\crypto\bn\bn_lcl.h $(INCL_D)\bn_lcl.h
 
@@ -369,17 +427,20 @@ $(INCL_D)\testdsa.h: $(SRC_D)\apps\testdsa.h
 $(INCL_D)\testrsa.h: $(SRC_D)\apps\testrsa.h
 	$(CP) $(SRC_D)\apps\testrsa.h $(INCL_D)\testrsa.h
 
+$(INC_D)\e_os.h: $(SRC_D)\.\e_os.h
+	$(CP) $(SRC_D)\.\e_os.h $(INC_D)\e_os.h
+
 $(INC_D)\crypto.h: $(SRC_D)\crypto\crypto.h
 	$(CP) $(SRC_D)\crypto\crypto.h $(INC_D)\crypto.h
 
 $(INC_D)\cryptall.h: $(SRC_D)\crypto\cryptall.h
 	$(CP) $(SRC_D)\crypto\cryptall.h $(INC_D)\cryptall.h
 
-$(INC_D)\md2.h: $(SRC_D)\crypto\md\md2.h
-	$(CP) $(SRC_D)\crypto\md\md2.h $(INC_D)\md2.h
+$(INC_D)\md2.h: $(SRC_D)\crypto\md2\md2.h
+	$(CP) $(SRC_D)\crypto\md2\md2.h $(INC_D)\md2.h
 
-$(INC_D)\md5.h: $(SRC_D)\crypto\md\md5.h
-	$(CP) $(SRC_D)\crypto\md\md5.h $(INC_D)\md5.h
+$(INC_D)\md5.h: $(SRC_D)\crypto\md5\md5.h
+	$(CP) $(SRC_D)\crypto\md5\md5.h $(INC_D)\md5.h
 
 $(INC_D)\sha.h: $(SRC_D)\crypto\sha\sha.h
 	$(CP) $(SRC_D)\crypto\sha\sha.h $(INC_D)\sha.h
@@ -387,14 +448,23 @@ $(INC_D)\sha.h: $(SRC_D)\crypto\sha\sha.h
 $(INC_D)\mdc2.h: $(SRC_D)\crypto\mdc2\mdc2.h
 	$(CP) $(SRC_D)\crypto\mdc2\mdc2.h $(INC_D)\mdc2.h
 
+$(INC_D)\hmac.h: $(SRC_D)\crypto\hmac\hmac.h
+	$(CP) $(SRC_D)\crypto\hmac\hmac.h $(INC_D)\hmac.h
+
+$(INC_D)\ripemd.h: $(SRC_D)\crypto\ripemd\ripemd.h
+	$(CP) $(SRC_D)\crypto\ripemd\ripemd.h $(INC_D)\ripemd.h
+
 $(INC_D)\des.h: $(SRC_D)\crypto\des\des.h
 	$(CP) $(SRC_D)\crypto\des\des.h $(INC_D)\des.h
 
+$(INC_D)\rc2.h: $(SRC_D)\crypto\rc2\rc2.h
+	$(CP) $(SRC_D)\crypto\rc2\rc2.h $(INC_D)\rc2.h
+
 $(INC_D)\rc4.h: $(SRC_D)\crypto\rc4\rc4.h
 	$(CP) $(SRC_D)\crypto\rc4\rc4.h $(INC_D)\rc4.h
 
-$(INC_D)\rc2.h: $(SRC_D)\crypto\rc2\rc2.h
-	$(CP) $(SRC_D)\crypto\rc2\rc2.h $(INC_D)\rc2.h
+$(INC_D)\rc5.h: $(SRC_D)\crypto\rc5\rc5.h
+	$(CP) $(SRC_D)\crypto\rc5\rc5.h $(INC_D)\rc5.h
 
 $(INC_D)\idea.h: $(SRC_D)\crypto\idea\idea.h
 	$(CP) $(SRC_D)\crypto\idea\idea.h $(INC_D)\idea.h
@@ -402,6 +472,9 @@ $(INC_D)\idea.h: $(SRC_D)\crypto\idea\idea.h
 $(INC_D)\blowfish.h: $(SRC_D)\crypto\bf\blowfish.h
 	$(CP) $(SRC_D)\crypto\bf\blowfish.h $(INC_D)\blowfish.h
 
+$(INC_D)\cast.h: $(SRC_D)\crypto\cast\cast.h
+	$(CP) $(SRC_D)\crypto\cast\cast.h $(INC_D)\cast.h
+
 $(INC_D)\bn.h: $(SRC_D)\crypto\bn\bn.h
 	$(CP) $(SRC_D)\crypto\bn\bn.h $(INC_D)\bn.h
 
@@ -420,6 +493,9 @@ $(INC_D)\buffer.h: $(SRC_D)\crypto\buffer\buffer.h
 $(INC_D)\bio.h: $(SRC_D)\crypto\bio\bio.h
 	$(CP) $(SRC_D)\crypto\bio\bio.h $(INC_D)\bio.h
 
+$(INC_D)\bss_file.c: $(SRC_D)\crypto\bio\bss_file.c
+	$(CP) $(SRC_D)\crypto\bio\bss_file.c $(INC_D)\bss_file.c
+
 $(INC_D)\stack.h: $(SRC_D)\crypto\stack\stack.h
 	$(CP) $(SRC_D)\crypto\stack\stack.h $(INC_D)\stack.h
 
@@ -474,11 +550,14 @@ $(INC_D)\ssl3.h: $(SRC_D)\ssl\ssl3.h
 $(INC_D)\ssl23.h: $(SRC_D)\ssl\ssl23.h
 	$(CP) $(SRC_D)\ssl\ssl23.h $(INC_D)\ssl23.h
 
-$(OBJ_D)\md2test.obj: $(SRC_D)\crypto\md\md2test.c
-	$(CC) /Fo$(OBJ_D)\md2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\md\md2test.c
+$(INC_D)\tls1.h: $(SRC_D)\ssl\tls1.h
+	$(CP) $(SRC_D)\ssl\tls1.h $(INC_D)\tls1.h
+
+$(OBJ_D)\md2test.obj: $(SRC_D)\crypto\md2\md2test.c
+	$(CC) /Fo$(OBJ_D)\md2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\md2\md2test.c
 
-$(OBJ_D)\md5test.obj: $(SRC_D)\crypto\md\md5test.c
-	$(CC) /Fo$(OBJ_D)\md5test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\md\md5test.c
+$(OBJ_D)\md5test.obj: $(SRC_D)\crypto\md5\md5test.c
+	$(CC) /Fo$(OBJ_D)\md5test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\md5\md5test.c
 
 $(OBJ_D)\shatest.obj: $(SRC_D)\crypto\sha\shatest.c
 	$(CC) /Fo$(OBJ_D)\shatest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\sha\shatest.c
@@ -489,14 +568,23 @@ $(OBJ_D)\sha1test.obj: $(SRC_D)\crypto\sha\sha1test.c
 $(OBJ_D)\mdc2test.obj: $(SRC_D)\crypto\mdc2\mdc2test.c
 	$(CC) /Fo$(OBJ_D)\mdc2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2test.c
 
+$(OBJ_D)\hmactest.obj: $(SRC_D)\crypto\hmac\hmactest.c
+	$(CC) /Fo$(OBJ_D)\hmactest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\hmac\hmactest.c
+
+$(OBJ_D)\rmdtest.obj: $(SRC_D)\crypto\ripemd\rmdtest.c
+	$(CC) /Fo$(OBJ_D)\rmdtest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\ripemd\rmdtest.c
+
 $(OBJ_D)\destest.obj: $(SRC_D)\crypto\des\destest.c
 	$(CC) /Fo$(OBJ_D)\destest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\des\destest.c
 
+$(OBJ_D)\rc2test.obj: $(SRC_D)\crypto\rc2\rc2test.c
+	$(CC) /Fo$(OBJ_D)\rc2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2test.c
+
 $(OBJ_D)\rc4test.obj: $(SRC_D)\crypto\rc4\rc4test.c
 	$(CC) /Fo$(OBJ_D)\rc4test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\rc4\rc4test.c
 
-$(OBJ_D)\rc2test.obj: $(SRC_D)\crypto\rc2\rc2test.c
-	$(CC) /Fo$(OBJ_D)\rc2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2test.c
+$(OBJ_D)\rc5test.obj: $(SRC_D)\crypto\rc5\rc5test.c
+	$(CC) /Fo$(OBJ_D)\rc5test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\rc5\rc5test.c
 
 $(OBJ_D)\ideatest.obj: $(SRC_D)\crypto\idea\ideatest.c
 	$(CC) /Fo$(OBJ_D)\ideatest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\idea\ideatest.c
@@ -504,6 +592,9 @@ $(OBJ_D)\ideatest.obj: $(SRC_D)\crypto\idea\ideatest.c
 $(OBJ_D)\bftest.obj: $(SRC_D)\crypto\bf\bftest.c
 	$(CC) /Fo$(OBJ_D)\bftest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\bf\bftest.c
 
+$(OBJ_D)\casttest.obj: $(SRC_D)\crypto\cast\casttest.c
+	$(CC) /Fo$(OBJ_D)\casttest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\cast\casttest.c
+
 $(OBJ_D)\bntest.obj: $(SRC_D)\crypto\bn\bntest.c
 	$(CC) /Fo$(OBJ_D)\bntest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\bn\bntest.c
 
@@ -549,9 +640,6 @@ $(OBJ_D)\errstr.obj: $(SRC_D)\apps\errstr.c
 $(OBJ_D)\ca.obj: $(SRC_D)\apps\ca.c
 	$(CC) /Fo$(OBJ_D)\ca.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\ca.c
 
-$(OBJ_D)\gendsa.obj: $(SRC_D)\apps\gendsa.c
-	$(CC) /Fo$(OBJ_D)\gendsa.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\gendsa.c
-
 $(OBJ_D)\pkcs7.obj: $(SRC_D)\apps\pkcs7.c
 	$(CC) /Fo$(OBJ_D)\pkcs7.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\pkcs7.c
 
@@ -613,907 +701,1012 @@ crypto\bn\asm\x86w32.obj: crypto\bn\asm\x86w32.asm
 	$(ASM) /Focrypto\bn\asm\x86w32.obj $(SRC_D)\crypto\bn\asm\x86w32.asm
 
 $(OBJ_D)\cryptlib.obj: $(SRC_D)\crypto\cryptlib.c
-	$(CC) /Fo$(OBJ_D)\cryptlib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\cryptlib.c
+	$(CC) /Fo$(OBJ_D)\cryptlib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cryptlib.c
 
 $(OBJ_D)\mem.obj: $(SRC_D)\crypto\mem.c
-	$(CC) /Fo$(OBJ_D)\mem.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\mem.c
+	$(CC) /Fo$(OBJ_D)\mem.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\mem.c
 
 $(OBJ_D)\cversion.obj: $(SRC_D)\crypto\cversion.c
-	$(CC) /Fo$(OBJ_D)\cversion.obj $(LIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -c $(SRC_D)\crypto\cversion.c
+	$(CC) /Fo$(OBJ_D)\cversion.obj  $(SHLIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -c $(SRC_D)\crypto\cversion.c
+
+$(OBJ_D)\ex_data.obj: $(SRC_D)\crypto\ex_data.c
+	$(CC) /Fo$(OBJ_D)\ex_data.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\ex_data.c
+
+$(OBJ_D)\cpt_err.obj: $(SRC_D)\crypto\cpt_err.c
+	$(CC) /Fo$(OBJ_D)\cpt_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cpt_err.c
 
-$(OBJ_D)\md2_dgst.obj: $(SRC_D)\crypto\md\md2_dgst.c
-	$(CC) /Fo$(OBJ_D)\md2_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md2_dgst.c
+$(OBJ_D)\md2_dgst.obj: $(SRC_D)\crypto\md2\md2_dgst.c
+	$(CC) /Fo$(OBJ_D)\md2_dgst.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\md2\md2_dgst.c
 
-$(OBJ_D)\md5_dgst.obj: $(SRC_D)\crypto\md\md5_dgst.c
-	$(CC) /Fo$(OBJ_D)\md5_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md5_dgst.c
+$(OBJ_D)\md2_one.obj: $(SRC_D)\crypto\md2\md2_one.c
+	$(CC) /Fo$(OBJ_D)\md2_one.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\md2\md2_one.c
 
-$(OBJ_D)\md2_one.obj: $(SRC_D)\crypto\md\md2_one.c
-	$(CC) /Fo$(OBJ_D)\md2_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md2_one.c
+$(OBJ_D)\md5_dgst.obj: $(SRC_D)\crypto\md5\md5_dgst.c
+	$(CC) /Fo$(OBJ_D)\md5_dgst.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\md5\md5_dgst.c
 
-$(OBJ_D)\md5_one.obj: $(SRC_D)\crypto\md\md5_one.c
-	$(CC) /Fo$(OBJ_D)\md5_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md5_one.c
+$(OBJ_D)\md5_one.obj: $(SRC_D)\crypto\md5\md5_one.c
+	$(CC) /Fo$(OBJ_D)\md5_one.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\md5\md5_one.c
 
 $(OBJ_D)\sha_dgst.obj: $(SRC_D)\crypto\sha\sha_dgst.c
-	$(CC) /Fo$(OBJ_D)\sha_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha_dgst.c
+	$(CC) /Fo$(OBJ_D)\sha_dgst.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha_dgst.c
 
 $(OBJ_D)\sha1dgst.obj: $(SRC_D)\crypto\sha\sha1dgst.c
-	$(CC) /Fo$(OBJ_D)\sha1dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha1dgst.c
+	$(CC) /Fo$(OBJ_D)\sha1dgst.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha1dgst.c
 
 $(OBJ_D)\sha_one.obj: $(SRC_D)\crypto\sha\sha_one.c
-	$(CC) /Fo$(OBJ_D)\sha_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha_one.c
+	$(CC) /Fo$(OBJ_D)\sha_one.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha_one.c
 
 $(OBJ_D)\sha1_one.obj: $(SRC_D)\crypto\sha\sha1_one.c
-	$(CC) /Fo$(OBJ_D)\sha1_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha1_one.c
+	$(CC) /Fo$(OBJ_D)\sha1_one.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha1_one.c
 
 $(OBJ_D)\mdc2dgst.obj: $(SRC_D)\crypto\mdc2\mdc2dgst.c
-	$(CC) /Fo$(OBJ_D)\mdc2dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2dgst.c
+	$(CC) /Fo$(OBJ_D)\mdc2dgst.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2dgst.c
 
 $(OBJ_D)\mdc2_one.obj: $(SRC_D)\crypto\mdc2\mdc2_one.c
-	$(CC) /Fo$(OBJ_D)\mdc2_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2_one.c
+	$(CC) /Fo$(OBJ_D)\mdc2_one.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2_one.c
+
+$(OBJ_D)\hmac.obj: $(SRC_D)\crypto\hmac\hmac.c
+	$(CC) /Fo$(OBJ_D)\hmac.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\hmac\hmac.c
+
+$(OBJ_D)\rmd_dgst.obj: $(SRC_D)\crypto\ripemd\rmd_dgst.c
+	$(CC) /Fo$(OBJ_D)\rmd_dgst.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\ripemd\rmd_dgst.c
+
+$(OBJ_D)\rmd_one.obj: $(SRC_D)\crypto\ripemd\rmd_one.c
+	$(CC) /Fo$(OBJ_D)\rmd_one.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\ripemd\rmd_one.c
 
 $(OBJ_D)\set_key.obj: $(SRC_D)\crypto\des\set_key.c
-	$(CC) /Fo$(OBJ_D)\set_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\set_key.c
+	$(CC) /Fo$(OBJ_D)\set_key.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\set_key.c
 
 $(OBJ_D)\ecb_enc.obj: $(SRC_D)\crypto\des\ecb_enc.c
-	$(CC) /Fo$(OBJ_D)\ecb_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ecb_enc.c
-
-$(OBJ_D)\ede_enc.obj: $(SRC_D)\crypto\des\ede_enc.c
-	$(CC) /Fo$(OBJ_D)\ede_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ede_enc.c
+	$(CC) /Fo$(OBJ_D)\ecb_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\ecb_enc.c
 
 $(OBJ_D)\cbc_enc.obj: $(SRC_D)\crypto\des\cbc_enc.c
-	$(CC) /Fo$(OBJ_D)\cbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc_enc.c
-
-$(OBJ_D)\cbc3_enc.obj: $(SRC_D)\crypto\des\cbc3_enc.c
-	$(CC) /Fo$(OBJ_D)\cbc3_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc3_enc.c
+	$(CC) /Fo$(OBJ_D)\cbc_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc_enc.c
 
 $(OBJ_D)\ecb3_enc.obj: $(SRC_D)\crypto\des\ecb3_enc.c
-	$(CC) /Fo$(OBJ_D)\ecb3_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ecb3_enc.c
+	$(CC) /Fo$(OBJ_D)\ecb3_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\ecb3_enc.c
 
 $(OBJ_D)\cfb64enc.obj: $(SRC_D)\crypto\des\cfb64enc.c
-	$(CC) /Fo$(OBJ_D)\cfb64enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb64enc.c
+	$(CC) /Fo$(OBJ_D)\cfb64enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb64enc.c
 
 $(OBJ_D)\cfb64ede.obj: $(SRC_D)\crypto\des\cfb64ede.c
-	$(CC) /Fo$(OBJ_D)\cfb64ede.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb64ede.c
+	$(CC) /Fo$(OBJ_D)\cfb64ede.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb64ede.c
 
 $(OBJ_D)\cfb_enc.obj: $(SRC_D)\crypto\des\cfb_enc.c
-	$(CC) /Fo$(OBJ_D)\cfb_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb_enc.c
+	$(CC) /Fo$(OBJ_D)\cfb_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb_enc.c
 
 $(OBJ_D)\ofb64ede.obj: $(SRC_D)\crypto\des\ofb64ede.c
-	$(CC) /Fo$(OBJ_D)\ofb64ede.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb64ede.c
+	$(CC) /Fo$(OBJ_D)\ofb64ede.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb64ede.c
 
 $(OBJ_D)\enc_read.obj: $(SRC_D)\crypto\des\enc_read.c
-	$(CC) /Fo$(OBJ_D)\enc_read.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\enc_read.c
+	$(CC) /Fo$(OBJ_D)\enc_read.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\enc_read.c
 
 $(OBJ_D)\enc_writ.obj: $(SRC_D)\crypto\des\enc_writ.c
-	$(CC) /Fo$(OBJ_D)\enc_writ.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\enc_writ.c
-
-$(OBJ_D)\ncbc_enc.obj: $(SRC_D)\crypto\des\ncbc_enc.c
-	$(CC) /Fo$(OBJ_D)\ncbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ncbc_enc.c
+	$(CC) /Fo$(OBJ_D)\enc_writ.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\enc_writ.c
 
 $(OBJ_D)\ofb64enc.obj: $(SRC_D)\crypto\des\ofb64enc.c
-	$(CC) /Fo$(OBJ_D)\ofb64enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb64enc.c
+	$(CC) /Fo$(OBJ_D)\ofb64enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb64enc.c
 
 $(OBJ_D)\ofb_enc.obj: $(SRC_D)\crypto\des\ofb_enc.c
-	$(CC) /Fo$(OBJ_D)\ofb_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb_enc.c
+	$(CC) /Fo$(OBJ_D)\ofb_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb_enc.c
 
 $(OBJ_D)\str2key.obj: $(SRC_D)\crypto\des\str2key.c
-	$(CC) /Fo$(OBJ_D)\str2key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\str2key.c
+	$(CC) /Fo$(OBJ_D)\str2key.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\str2key.c
 
 $(OBJ_D)\pcbc_enc.obj: $(SRC_D)\crypto\des\pcbc_enc.c
-	$(CC) /Fo$(OBJ_D)\pcbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\pcbc_enc.c
+	$(CC) /Fo$(OBJ_D)\pcbc_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\pcbc_enc.c
 
 $(OBJ_D)\qud_cksm.obj: $(SRC_D)\crypto\des\qud_cksm.c
-	$(CC) /Fo$(OBJ_D)\qud_cksm.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\qud_cksm.c
+	$(CC) /Fo$(OBJ_D)\qud_cksm.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\qud_cksm.c
 
 $(OBJ_D)\rand_key.obj: $(SRC_D)\crypto\des\rand_key.c
-	$(CC) /Fo$(OBJ_D)\rand_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\rand_key.c
+	$(CC) /Fo$(OBJ_D)\rand_key.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\rand_key.c
 
 $(OBJ_D)\des_enc.obj: $(SRC_D)\crypto\des\des_enc.c
-	$(CC) /Fo$(OBJ_D)\des_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\des_enc.c
+	$(CC) /Fo$(OBJ_D)\des_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\des_enc.c
 
 $(OBJ_D)\fcrypt_b.obj: $(SRC_D)\crypto\des\fcrypt_b.c
-	$(CC) /Fo$(OBJ_D)\fcrypt_b.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\fcrypt_b.c
+	$(CC) /Fo$(OBJ_D)\fcrypt_b.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\fcrypt_b.c
 
 $(OBJ_D)\read2pwd.obj: $(SRC_D)\crypto\des\read2pwd.c
-	$(CC) /Fo$(OBJ_D)\read2pwd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\read2pwd.c
+	$(CC) /Fo$(OBJ_D)\read2pwd.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\read2pwd.c
 
 $(OBJ_D)\fcrypt.obj: $(SRC_D)\crypto\des\fcrypt.c
-	$(CC) /Fo$(OBJ_D)\fcrypt.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\fcrypt.c
+	$(CC) /Fo$(OBJ_D)\fcrypt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\fcrypt.c
 
 $(OBJ_D)\xcbc_enc.obj: $(SRC_D)\crypto\des\xcbc_enc.c
-	$(CC) /Fo$(OBJ_D)\xcbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\xcbc_enc.c
+	$(CC) /Fo$(OBJ_D)\xcbc_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\xcbc_enc.c
 
 $(OBJ_D)\read_pwd.obj: $(SRC_D)\crypto\des\read_pwd.c
-	$(CC) /Fo$(OBJ_D)\read_pwd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\read_pwd.c
+	$(CC) /Fo$(OBJ_D)\read_pwd.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\read_pwd.c
 
 $(OBJ_D)\rpc_enc.obj: $(SRC_D)\crypto\des\rpc_enc.c
-	$(CC) /Fo$(OBJ_D)\rpc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\rpc_enc.c
+	$(CC) /Fo$(OBJ_D)\rpc_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\rpc_enc.c
 
 $(OBJ_D)\cbc_cksm.obj: $(SRC_D)\crypto\des\cbc_cksm.c
-	$(CC) /Fo$(OBJ_D)\cbc_cksm.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc_cksm.c
+	$(CC) /Fo$(OBJ_D)\cbc_cksm.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc_cksm.c
 
 $(OBJ_D)\supp.obj: $(SRC_D)\crypto\des\supp.c
-	$(CC) /Fo$(OBJ_D)\supp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\supp.c
-
-$(OBJ_D)\rc4_enc.obj: $(SRC_D)\crypto\rc4\rc4_enc.c
-	$(CC) /Fo$(OBJ_D)\rc4_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc4\rc4_enc.c
+	$(CC) /Fo$(OBJ_D)\supp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\des\supp.c
 
 $(OBJ_D)\rc2_ecb.obj: $(SRC_D)\crypto\rc2\rc2_ecb.c
-	$(CC) /Fo$(OBJ_D)\rc2_ecb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_ecb.c
+	$(CC) /Fo$(OBJ_D)\rc2_ecb.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_ecb.c
 
 $(OBJ_D)\rc2_skey.obj: $(SRC_D)\crypto\rc2\rc2_skey.c
-	$(CC) /Fo$(OBJ_D)\rc2_skey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_skey.c
+	$(CC) /Fo$(OBJ_D)\rc2_skey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_skey.c
 
 $(OBJ_D)\rc2_cbc.obj: $(SRC_D)\crypto\rc2\rc2_cbc.c
-	$(CC) /Fo$(OBJ_D)\rc2_cbc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_cbc.c
+	$(CC) /Fo$(OBJ_D)\rc2_cbc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_cbc.c
 
 $(OBJ_D)\rc2cfb64.obj: $(SRC_D)\crypto\rc2\rc2cfb64.c
-	$(CC) /Fo$(OBJ_D)\rc2cfb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2cfb64.c
+	$(CC) /Fo$(OBJ_D)\rc2cfb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2cfb64.c
 
 $(OBJ_D)\rc2ofb64.obj: $(SRC_D)\crypto\rc2\rc2ofb64.c
-	$(CC) /Fo$(OBJ_D)\rc2ofb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2ofb64.c
+	$(CC) /Fo$(OBJ_D)\rc2ofb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2ofb64.c
+
+$(OBJ_D)\rc4_skey.obj: $(SRC_D)\crypto\rc4\rc4_skey.c
+	$(CC) /Fo$(OBJ_D)\rc4_skey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc4\rc4_skey.c
+
+$(OBJ_D)\rc4_enc.obj: $(SRC_D)\crypto\rc4\rc4_enc.c
+	$(CC) /Fo$(OBJ_D)\rc4_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc4\rc4_enc.c
+
+$(OBJ_D)\rc5_skey.obj: $(SRC_D)\crypto\rc5\rc5_skey.c
+	$(CC) /Fo$(OBJ_D)\rc5_skey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc5\rc5_skey.c
+
+$(OBJ_D)\rc5_ecb.obj: $(SRC_D)\crypto\rc5\rc5_ecb.c
+	$(CC) /Fo$(OBJ_D)\rc5_ecb.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc5\rc5_ecb.c
+
+$(OBJ_D)\rc5_enc.obj: $(SRC_D)\crypto\rc5\rc5_enc.c
+	$(CC) /Fo$(OBJ_D)\rc5_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc5\rc5_enc.c
+
+$(OBJ_D)\rc5cfb64.obj: $(SRC_D)\crypto\rc5\rc5cfb64.c
+	$(CC) /Fo$(OBJ_D)\rc5cfb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc5\rc5cfb64.c
+
+$(OBJ_D)\rc5ofb64.obj: $(SRC_D)\crypto\rc5\rc5ofb64.c
+	$(CC) /Fo$(OBJ_D)\rc5ofb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rc5\rc5ofb64.c
 
 $(OBJ_D)\i_cbc.obj: $(SRC_D)\crypto\idea\i_cbc.c
-	$(CC) /Fo$(OBJ_D)\i_cbc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_cbc.c
+	$(CC) /Fo$(OBJ_D)\i_cbc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_cbc.c
 
 $(OBJ_D)\i_cfb64.obj: $(SRC_D)\crypto\idea\i_cfb64.c
-	$(CC) /Fo$(OBJ_D)\i_cfb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_cfb64.c
+	$(CC) /Fo$(OBJ_D)\i_cfb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_cfb64.c
 
 $(OBJ_D)\i_ofb64.obj: $(SRC_D)\crypto\idea\i_ofb64.c
-	$(CC) /Fo$(OBJ_D)\i_ofb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_ofb64.c
+	$(CC) /Fo$(OBJ_D)\i_ofb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_ofb64.c
 
 $(OBJ_D)\i_ecb.obj: $(SRC_D)\crypto\idea\i_ecb.c
-	$(CC) /Fo$(OBJ_D)\i_ecb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_ecb.c
+	$(CC) /Fo$(OBJ_D)\i_ecb.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_ecb.c
 
 $(OBJ_D)\i_skey.obj: $(SRC_D)\crypto\idea\i_skey.c
-	$(CC) /Fo$(OBJ_D)\i_skey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_skey.c
+	$(CC) /Fo$(OBJ_D)\i_skey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_skey.c
 
 $(OBJ_D)\bf_skey.obj: $(SRC_D)\crypto\bf\bf_skey.c
-	$(CC) /Fo$(OBJ_D)\bf_skey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_skey.c
+	$(CC) /Fo$(OBJ_D)\bf_skey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_skey.c
 
 $(OBJ_D)\bf_ecb.obj: $(SRC_D)\crypto\bf\bf_ecb.c
-	$(CC) /Fo$(OBJ_D)\bf_ecb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_ecb.c
+	$(CC) /Fo$(OBJ_D)\bf_ecb.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_ecb.c
 
 $(OBJ_D)\bf_enc.obj: $(SRC_D)\crypto\bf\bf_enc.c
-	$(CC) /Fo$(OBJ_D)\bf_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_enc.c
-
-$(OBJ_D)\bf_cbc.obj: $(SRC_D)\crypto\bf\bf_cbc.c
-	$(CC) /Fo$(OBJ_D)\bf_cbc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_cbc.c
+	$(CC) /Fo$(OBJ_D)\bf_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_enc.c
 
 $(OBJ_D)\bf_cfb64.obj: $(SRC_D)\crypto\bf\bf_cfb64.c
-	$(CC) /Fo$(OBJ_D)\bf_cfb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_cfb64.c
+	$(CC) /Fo$(OBJ_D)\bf_cfb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_cfb64.c
 
 $(OBJ_D)\bf_ofb64.obj: $(SRC_D)\crypto\bf\bf_ofb64.c
-	$(CC) /Fo$(OBJ_D)\bf_ofb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_ofb64.c
+	$(CC) /Fo$(OBJ_D)\bf_ofb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_ofb64.c
+
+$(OBJ_D)\c_skey.obj: $(SRC_D)\crypto\cast\c_skey.c
+	$(CC) /Fo$(OBJ_D)\c_skey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cast\c_skey.c
+
+$(OBJ_D)\c_ecb.obj: $(SRC_D)\crypto\cast\c_ecb.c
+	$(CC) /Fo$(OBJ_D)\c_ecb.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cast\c_ecb.c
+
+$(OBJ_D)\c_enc.obj: $(SRC_D)\crypto\cast\c_enc.c
+	$(CC) /Fo$(OBJ_D)\c_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cast\c_enc.c
+
+$(OBJ_D)\c_cfb64.obj: $(SRC_D)\crypto\cast\c_cfb64.c
+	$(CC) /Fo$(OBJ_D)\c_cfb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cast\c_cfb64.c
+
+$(OBJ_D)\c_ofb64.obj: $(SRC_D)\crypto\cast\c_ofb64.c
+	$(CC) /Fo$(OBJ_D)\c_ofb64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\cast\c_ofb64.c
 
 $(OBJ_D)\bn_add.obj: $(SRC_D)\crypto\bn\bn_add.c
-	$(CC) /Fo$(OBJ_D)\bn_add.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_add.c
+	$(CC) /Fo$(OBJ_D)\bn_add.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_add.c
 
 $(OBJ_D)\bn_div.obj: $(SRC_D)\crypto\bn\bn_div.c
-	$(CC) /Fo$(OBJ_D)\bn_div.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_div.c
+	$(CC) /Fo$(OBJ_D)\bn_div.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_div.c
 
 $(OBJ_D)\bn_exp.obj: $(SRC_D)\crypto\bn\bn_exp.c
-	$(CC) /Fo$(OBJ_D)\bn_exp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_exp.c
+	$(CC) /Fo$(OBJ_D)\bn_exp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_exp.c
 
 $(OBJ_D)\bn_lib.obj: $(SRC_D)\crypto\bn\bn_lib.c
-	$(CC) /Fo$(OBJ_D)\bn_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_lib.c
+	$(CC) /Fo$(OBJ_D)\bn_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_lib.c
 
 $(OBJ_D)\bn_mod.obj: $(SRC_D)\crypto\bn\bn_mod.c
-	$(CC) /Fo$(OBJ_D)\bn_mod.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mod.c
+	$(CC) /Fo$(OBJ_D)\bn_mod.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mod.c
 
 $(OBJ_D)\bn_mul.obj: $(SRC_D)\crypto\bn\bn_mul.c
-	$(CC) /Fo$(OBJ_D)\bn_mul.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mul.c
+	$(CC) /Fo$(OBJ_D)\bn_mul.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mul.c
 
 $(OBJ_D)\bn_print.obj: $(SRC_D)\crypto\bn\bn_print.c
-	$(CC) /Fo$(OBJ_D)\bn_print.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_print.c
+	$(CC) /Fo$(OBJ_D)\bn_print.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_print.c
 
 $(OBJ_D)\bn_rand.obj: $(SRC_D)\crypto\bn\bn_rand.c
-	$(CC) /Fo$(OBJ_D)\bn_rand.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_rand.c
+	$(CC) /Fo$(OBJ_D)\bn_rand.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_rand.c
 
 $(OBJ_D)\bn_shift.obj: $(SRC_D)\crypto\bn\bn_shift.c
-	$(CC) /Fo$(OBJ_D)\bn_shift.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_shift.c
+	$(CC) /Fo$(OBJ_D)\bn_shift.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_shift.c
 
 $(OBJ_D)\bn_sub.obj: $(SRC_D)\crypto\bn\bn_sub.c
-	$(CC) /Fo$(OBJ_D)\bn_sub.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sub.c
+	$(CC) /Fo$(OBJ_D)\bn_sub.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sub.c
 
 $(OBJ_D)\bn_word.obj: $(SRC_D)\crypto\bn\bn_word.c
-	$(CC) /Fo$(OBJ_D)\bn_word.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_word.c
+	$(CC) /Fo$(OBJ_D)\bn_word.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_word.c
+
+$(OBJ_D)\bn_blind.obj: $(SRC_D)\crypto\bn\bn_blind.c
+	$(CC) /Fo$(OBJ_D)\bn_blind.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_blind.c
 
 $(OBJ_D)\bn_gcd.obj: $(SRC_D)\crypto\bn\bn_gcd.c
-	$(CC) /Fo$(OBJ_D)\bn_gcd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_gcd.c
+	$(CC) /Fo$(OBJ_D)\bn_gcd.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_gcd.c
 
 $(OBJ_D)\bn_prime.obj: $(SRC_D)\crypto\bn\bn_prime.c
-	$(CC) /Fo$(OBJ_D)\bn_prime.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_prime.c
+	$(CC) /Fo$(OBJ_D)\bn_prime.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_prime.c
 
 $(OBJ_D)\bn_err.obj: $(SRC_D)\crypto\bn\bn_err.c
-	$(CC) /Fo$(OBJ_D)\bn_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_err.c
+	$(CC) /Fo$(OBJ_D)\bn_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_err.c
 
 $(OBJ_D)\bn_sqr.obj: $(SRC_D)\crypto\bn\bn_sqr.c
-	$(CC) /Fo$(OBJ_D)\bn_sqr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sqr.c
+	$(CC) /Fo$(OBJ_D)\bn_sqr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sqr.c
 
 $(OBJ_D)\bn_mulw.obj: $(SRC_D)\crypto\bn\bn_mulw.c
-	$(CC) /Fo$(OBJ_D)\bn_mulw.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mulw.c
+	$(CC) /Fo$(OBJ_D)\bn_mulw.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mulw.c
 
 $(OBJ_D)\bn_recp.obj: $(SRC_D)\crypto\bn\bn_recp.c
-	$(CC) /Fo$(OBJ_D)\bn_recp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_recp.c
+	$(CC) /Fo$(OBJ_D)\bn_recp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_recp.c
 
 $(OBJ_D)\bn_mont.obj: $(SRC_D)\crypto\bn\bn_mont.c
-	$(CC) /Fo$(OBJ_D)\bn_mont.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mont.c
+	$(CC) /Fo$(OBJ_D)\bn_mont.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mont.c
+
+$(OBJ_D)\bn_mpi.obj: $(SRC_D)\crypto\bn\bn_mpi.c
+	$(CC) /Fo$(OBJ_D)\bn_mpi.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mpi.c
 
-$(OBJ_D)\rsa_enc.obj: $(SRC_D)\crypto\rsa\rsa_enc.c
-	$(CC) /Fo$(OBJ_D)\rsa_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_enc.c
+$(OBJ_D)\rsa_eay.obj: $(SRC_D)\crypto\rsa\rsa_eay.c
+	$(CC) /Fo$(OBJ_D)\rsa_eay.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_eay.c
 
 $(OBJ_D)\rsa_gen.obj: $(SRC_D)\crypto\rsa\rsa_gen.c
-	$(CC) /Fo$(OBJ_D)\rsa_gen.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_gen.c
+	$(CC) /Fo$(OBJ_D)\rsa_gen.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_gen.c
 
 $(OBJ_D)\rsa_lib.obj: $(SRC_D)\crypto\rsa\rsa_lib.c
-	$(CC) /Fo$(OBJ_D)\rsa_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_lib.c
+	$(CC) /Fo$(OBJ_D)\rsa_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_lib.c
 
 $(OBJ_D)\rsa_sign.obj: $(SRC_D)\crypto\rsa\rsa_sign.c
-	$(CC) /Fo$(OBJ_D)\rsa_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_sign.c
+	$(CC) /Fo$(OBJ_D)\rsa_sign.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_sign.c
 
 $(OBJ_D)\rsa_saos.obj: $(SRC_D)\crypto\rsa\rsa_saos.c
-	$(CC) /Fo$(OBJ_D)\rsa_saos.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_saos.c
+	$(CC) /Fo$(OBJ_D)\rsa_saos.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_saos.c
 
 $(OBJ_D)\rsa_err.obj: $(SRC_D)\crypto\rsa\rsa_err.c
-	$(CC) /Fo$(OBJ_D)\rsa_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_err.c
+	$(CC) /Fo$(OBJ_D)\rsa_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_err.c
+
+$(OBJ_D)\rsa_pk1.obj: $(SRC_D)\crypto\rsa\rsa_pk1.c
+	$(CC) /Fo$(OBJ_D)\rsa_pk1.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_pk1.c
+
+$(OBJ_D)\rsa_ssl.obj: $(SRC_D)\crypto\rsa\rsa_ssl.c
+	$(CC) /Fo$(OBJ_D)\rsa_ssl.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_ssl.c
+
+$(OBJ_D)\rsa_none.obj: $(SRC_D)\crypto\rsa\rsa_none.c
+	$(CC) /Fo$(OBJ_D)\rsa_none.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_none.c
 
 $(OBJ_D)\dsa_gen.obj: $(SRC_D)\crypto\dsa\dsa_gen.c
-	$(CC) /Fo$(OBJ_D)\dsa_gen.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_gen.c
+	$(CC) /Fo$(OBJ_D)\dsa_gen.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_gen.c
 
 $(OBJ_D)\dsa_key.obj: $(SRC_D)\crypto\dsa\dsa_key.c
-	$(CC) /Fo$(OBJ_D)\dsa_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_key.c
+	$(CC) /Fo$(OBJ_D)\dsa_key.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_key.c
 
 $(OBJ_D)\dsa_lib.obj: $(SRC_D)\crypto\dsa\dsa_lib.c
-	$(CC) /Fo$(OBJ_D)\dsa_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_lib.c
+	$(CC) /Fo$(OBJ_D)\dsa_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_lib.c
 
 $(OBJ_D)\dsa_vrf.obj: $(SRC_D)\crypto\dsa\dsa_vrf.c
-	$(CC) /Fo$(OBJ_D)\dsa_vrf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_vrf.c
+	$(CC) /Fo$(OBJ_D)\dsa_vrf.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_vrf.c
 
 $(OBJ_D)\dsa_sign.obj: $(SRC_D)\crypto\dsa\dsa_sign.c
-	$(CC) /Fo$(OBJ_D)\dsa_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_sign.c
+	$(CC) /Fo$(OBJ_D)\dsa_sign.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_sign.c
 
 $(OBJ_D)\dsa_err.obj: $(SRC_D)\crypto\dsa\dsa_err.c
-	$(CC) /Fo$(OBJ_D)\dsa_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_err.c
+	$(CC) /Fo$(OBJ_D)\dsa_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_err.c
 
 $(OBJ_D)\dh_gen.obj: $(SRC_D)\crypto\dh\dh_gen.c
-	$(CC) /Fo$(OBJ_D)\dh_gen.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_gen.c
+	$(CC) /Fo$(OBJ_D)\dh_gen.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_gen.c
 
 $(OBJ_D)\dh_key.obj: $(SRC_D)\crypto\dh\dh_key.c
-	$(CC) /Fo$(OBJ_D)\dh_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_key.c
+	$(CC) /Fo$(OBJ_D)\dh_key.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_key.c
 
 $(OBJ_D)\dh_lib.obj: $(SRC_D)\crypto\dh\dh_lib.c
-	$(CC) /Fo$(OBJ_D)\dh_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_lib.c
+	$(CC) /Fo$(OBJ_D)\dh_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_lib.c
 
 $(OBJ_D)\dh_check.obj: $(SRC_D)\crypto\dh\dh_check.c
-	$(CC) /Fo$(OBJ_D)\dh_check.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_check.c
+	$(CC) /Fo$(OBJ_D)\dh_check.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_check.c
 
 $(OBJ_D)\dh_err.obj: $(SRC_D)\crypto\dh\dh_err.c
-	$(CC) /Fo$(OBJ_D)\dh_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_err.c
+	$(CC) /Fo$(OBJ_D)\dh_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_err.c
 
 $(OBJ_D)\buffer.obj: $(SRC_D)\crypto\buffer\buffer.c
-	$(CC) /Fo$(OBJ_D)\buffer.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\buffer\buffer.c
+	$(CC) /Fo$(OBJ_D)\buffer.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\buffer\buffer.c
 
 $(OBJ_D)\buf_err.obj: $(SRC_D)\crypto\buffer\buf_err.c
-	$(CC) /Fo$(OBJ_D)\buf_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\buffer\buf_err.c
+	$(CC) /Fo$(OBJ_D)\buf_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\buffer\buf_err.c
 
 $(OBJ_D)\bio_lib.obj: $(SRC_D)\crypto\bio\bio_lib.c
-	$(CC) /Fo$(OBJ_D)\bio_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_lib.c
+	$(CC) /Fo$(OBJ_D)\bio_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_lib.c
 
 $(OBJ_D)\bio_cb.obj: $(SRC_D)\crypto\bio\bio_cb.c
-	$(CC) /Fo$(OBJ_D)\bio_cb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_cb.c
+	$(CC) /Fo$(OBJ_D)\bio_cb.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_cb.c
 
 $(OBJ_D)\bio_err.obj: $(SRC_D)\crypto\bio\bio_err.c
-	$(CC) /Fo$(OBJ_D)\bio_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_err.c
+	$(CC) /Fo$(OBJ_D)\bio_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_err.c
 
 $(OBJ_D)\bss_mem.obj: $(SRC_D)\crypto\bio\bss_mem.c
-	$(CC) /Fo$(OBJ_D)\bss_mem.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_mem.c
+	$(CC) /Fo$(OBJ_D)\bss_mem.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_mem.c
 
 $(OBJ_D)\bss_null.obj: $(SRC_D)\crypto\bio\bss_null.c
-	$(CC) /Fo$(OBJ_D)\bss_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_null.c
+	$(CC) /Fo$(OBJ_D)\bss_null.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_null.c
 
 $(OBJ_D)\bss_fd.obj: $(SRC_D)\crypto\bio\bss_fd.c
-	$(CC) /Fo$(OBJ_D)\bss_fd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_fd.c
+	$(CC) /Fo$(OBJ_D)\bss_fd.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_fd.c
 
 $(OBJ_D)\bss_file.obj: $(SRC_D)\crypto\bio\bss_file.c
-	$(CC) /Fo$(OBJ_D)\bss_file.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_file.c
+	$(CC) /Fo$(OBJ_D)\bss_file.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_file.c
 
 $(OBJ_D)\bss_sock.obj: $(SRC_D)\crypto\bio\bss_sock.c
-	$(CC) /Fo$(OBJ_D)\bss_sock.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_sock.c
+	$(CC) /Fo$(OBJ_D)\bss_sock.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_sock.c
 
 $(OBJ_D)\bss_conn.obj: $(SRC_D)\crypto\bio\bss_conn.c
-	$(CC) /Fo$(OBJ_D)\bss_conn.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_conn.c
+	$(CC) /Fo$(OBJ_D)\bss_conn.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_conn.c
 
 $(OBJ_D)\bf_null.obj: $(SRC_D)\crypto\bio\bf_null.c
-	$(CC) /Fo$(OBJ_D)\bf_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_null.c
+	$(CC) /Fo$(OBJ_D)\bf_null.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_null.c
 
 $(OBJ_D)\bf_buff.obj: $(SRC_D)\crypto\bio\bf_buff.c
-	$(CC) /Fo$(OBJ_D)\bf_buff.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_buff.c
+	$(CC) /Fo$(OBJ_D)\bf_buff.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_buff.c
 
 $(OBJ_D)\b_print.obj: $(SRC_D)\crypto\bio\b_print.c
-	$(CC) /Fo$(OBJ_D)\b_print.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_print.c
+	$(CC) /Fo$(OBJ_D)\b_print.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_print.c
 
 $(OBJ_D)\b_dump.obj: $(SRC_D)\crypto\bio\b_dump.c
-	$(CC) /Fo$(OBJ_D)\b_dump.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_dump.c
+	$(CC) /Fo$(OBJ_D)\b_dump.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_dump.c
 
 $(OBJ_D)\b_sock.obj: $(SRC_D)\crypto\bio\b_sock.c
-	$(CC) /Fo$(OBJ_D)\b_sock.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_sock.c
+	$(CC) /Fo$(OBJ_D)\b_sock.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_sock.c
 
 $(OBJ_D)\bss_acpt.obj: $(SRC_D)\crypto\bio\bss_acpt.c
-	$(CC) /Fo$(OBJ_D)\bss_acpt.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_acpt.c
+	$(CC) /Fo$(OBJ_D)\bss_acpt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_acpt.c
 
 $(OBJ_D)\bf_nbio.obj: $(SRC_D)\crypto\bio\bf_nbio.c
-	$(CC) /Fo$(OBJ_D)\bf_nbio.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_nbio.c
+	$(CC) /Fo$(OBJ_D)\bf_nbio.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_nbio.c
 
 $(OBJ_D)\stack.obj: $(SRC_D)\crypto\stack\stack.c
-	$(CC) /Fo$(OBJ_D)\stack.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\stack\stack.c
+	$(CC) /Fo$(OBJ_D)\stack.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\stack\stack.c
 
 $(OBJ_D)\lhash.obj: $(SRC_D)\crypto\lhash\lhash.c
-	$(CC) /Fo$(OBJ_D)\lhash.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\lhash\lhash.c
+	$(CC) /Fo$(OBJ_D)\lhash.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\lhash\lhash.c
 
 $(OBJ_D)\lh_stats.obj: $(SRC_D)\crypto\lhash\lh_stats.c
-	$(CC) /Fo$(OBJ_D)\lh_stats.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\lhash\lh_stats.c
+	$(CC) /Fo$(OBJ_D)\lh_stats.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\lhash\lh_stats.c
 
 $(OBJ_D)\md_rand.obj: $(SRC_D)\crypto\rand\md_rand.c
-	$(CC) /Fo$(OBJ_D)\md_rand.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rand\md_rand.c
+	$(CC) /Fo$(OBJ_D)\md_rand.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rand\md_rand.c
 
 $(OBJ_D)\randfile.obj: $(SRC_D)\crypto\rand\randfile.c
-	$(CC) /Fo$(OBJ_D)\randfile.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rand\randfile.c
+	$(CC) /Fo$(OBJ_D)\randfile.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\rand\randfile.c
 
 $(OBJ_D)\err.obj: $(SRC_D)\crypto\err\err.c
-	$(CC) /Fo$(OBJ_D)\err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err.c
+	$(CC) /Fo$(OBJ_D)\err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\err\err.c
 
 $(OBJ_D)\err_all.obj: $(SRC_D)\crypto\err\err_all.c
-	$(CC) /Fo$(OBJ_D)\err_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err_all.c
+	$(CC) /Fo$(OBJ_D)\err_all.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\err\err_all.c
 
 $(OBJ_D)\err_prn.obj: $(SRC_D)\crypto\err\err_prn.c
-	$(CC) /Fo$(OBJ_D)\err_prn.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err_prn.c
+	$(CC) /Fo$(OBJ_D)\err_prn.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\err\err_prn.c
 
 $(OBJ_D)\obj_dat.obj: $(SRC_D)\crypto\objects\obj_dat.c
-	$(CC) /Fo$(OBJ_D)\obj_dat.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_dat.c
+	$(CC) /Fo$(OBJ_D)\obj_dat.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_dat.c
 
 $(OBJ_D)\obj_lib.obj: $(SRC_D)\crypto\objects\obj_lib.c
-	$(CC) /Fo$(OBJ_D)\obj_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_lib.c
+	$(CC) /Fo$(OBJ_D)\obj_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_lib.c
 
 $(OBJ_D)\obj_err.obj: $(SRC_D)\crypto\objects\obj_err.c
-	$(CC) /Fo$(OBJ_D)\obj_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_err.c
+	$(CC) /Fo$(OBJ_D)\obj_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_err.c
 
 $(OBJ_D)\encode.obj: $(SRC_D)\crypto\evp\encode.c
-	$(CC) /Fo$(OBJ_D)\encode.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\encode.c
+	$(CC) /Fo$(OBJ_D)\encode.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\encode.c
 
 $(OBJ_D)\digest.obj: $(SRC_D)\crypto\evp\digest.c
-	$(CC) /Fo$(OBJ_D)\digest.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\digest.c
+	$(CC) /Fo$(OBJ_D)\digest.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\digest.c
 
 $(OBJ_D)\evp_enc.obj: $(SRC_D)\crypto\evp\evp_enc.c
-	$(CC) /Fo$(OBJ_D)\evp_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_enc.c
+	$(CC) /Fo$(OBJ_D)\evp_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_enc.c
 
 $(OBJ_D)\evp_key.obj: $(SRC_D)\crypto\evp\evp_key.c
-	$(CC) /Fo$(OBJ_D)\evp_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_key.c
+	$(CC) /Fo$(OBJ_D)\evp_key.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_key.c
 
 $(OBJ_D)\e_ecb_d.obj: $(SRC_D)\crypto\evp\e_ecb_d.c
-	$(CC) /Fo$(OBJ_D)\e_ecb_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_d.c
+	$(CC) /Fo$(OBJ_D)\e_ecb_d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_d.c
 
 $(OBJ_D)\e_cbc_d.obj: $(SRC_D)\crypto\evp\e_cbc_d.c
-	$(CC) /Fo$(OBJ_D)\e_cbc_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_d.c
+	$(CC) /Fo$(OBJ_D)\e_cbc_d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_d.c
 
 $(OBJ_D)\e_cfb_d.obj: $(SRC_D)\crypto\evp\e_cfb_d.c
-	$(CC) /Fo$(OBJ_D)\e_cfb_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_d.c
+	$(CC) /Fo$(OBJ_D)\e_cfb_d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_d.c
 
 $(OBJ_D)\e_ofb_d.obj: $(SRC_D)\crypto\evp\e_ofb_d.c
-	$(CC) /Fo$(OBJ_D)\e_ofb_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_d.c
+	$(CC) /Fo$(OBJ_D)\e_ofb_d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_d.c
 
 $(OBJ_D)\e_ecb_i.obj: $(SRC_D)\crypto\evp\e_ecb_i.c
-	$(CC) /Fo$(OBJ_D)\e_ecb_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_i.c
+	$(CC) /Fo$(OBJ_D)\e_ecb_i.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_i.c
 
 $(OBJ_D)\e_cbc_i.obj: $(SRC_D)\crypto\evp\e_cbc_i.c
-	$(CC) /Fo$(OBJ_D)\e_cbc_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_i.c
+	$(CC) /Fo$(OBJ_D)\e_cbc_i.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_i.c
 
 $(OBJ_D)\e_cfb_i.obj: $(SRC_D)\crypto\evp\e_cfb_i.c
-	$(CC) /Fo$(OBJ_D)\e_cfb_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_i.c
+	$(CC) /Fo$(OBJ_D)\e_cfb_i.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_i.c
 
 $(OBJ_D)\e_ofb_i.obj: $(SRC_D)\crypto\evp\e_ofb_i.c
-	$(CC) /Fo$(OBJ_D)\e_ofb_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_i.c
+	$(CC) /Fo$(OBJ_D)\e_ofb_i.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_i.c
 
 $(OBJ_D)\e_ecb_3d.obj: $(SRC_D)\crypto\evp\e_ecb_3d.c
-	$(CC) /Fo$(OBJ_D)\e_ecb_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_3d.c
+	$(CC) /Fo$(OBJ_D)\e_ecb_3d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_3d.c
 
 $(OBJ_D)\e_cbc_3d.obj: $(SRC_D)\crypto\evp\e_cbc_3d.c
-	$(CC) /Fo$(OBJ_D)\e_cbc_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_3d.c
+	$(CC) /Fo$(OBJ_D)\e_cbc_3d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_3d.c
 
 $(OBJ_D)\e_rc4.obj: $(SRC_D)\crypto\evp\e_rc4.c
-	$(CC) /Fo$(OBJ_D)\e_rc4.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_rc4.c
+	$(CC) /Fo$(OBJ_D)\e_rc4.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_rc4.c
 
 $(OBJ_D)\names.obj: $(SRC_D)\crypto\evp\names.c
-	$(CC) /Fo$(OBJ_D)\names.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\names.c
+	$(CC) /Fo$(OBJ_D)\names.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\names.c
 
 $(OBJ_D)\e_cfb_3d.obj: $(SRC_D)\crypto\evp\e_cfb_3d.c
-	$(CC) /Fo$(OBJ_D)\e_cfb_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_3d.c
+	$(CC) /Fo$(OBJ_D)\e_cfb_3d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_3d.c
 
 $(OBJ_D)\e_ofb_3d.obj: $(SRC_D)\crypto\evp\e_ofb_3d.c
-	$(CC) /Fo$(OBJ_D)\e_ofb_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_3d.c
+	$(CC) /Fo$(OBJ_D)\e_ofb_3d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_3d.c
 
 $(OBJ_D)\e_xcbc_d.obj: $(SRC_D)\crypto\evp\e_xcbc_d.c
-	$(CC) /Fo$(OBJ_D)\e_xcbc_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_xcbc_d.c
+	$(CC) /Fo$(OBJ_D)\e_xcbc_d.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_xcbc_d.c
 
 $(OBJ_D)\e_ecb_r2.obj: $(SRC_D)\crypto\evp\e_ecb_r2.c
-	$(CC) /Fo$(OBJ_D)\e_ecb_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_r2.c
+	$(CC) /Fo$(OBJ_D)\e_ecb_r2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_r2.c
 
 $(OBJ_D)\e_cbc_r2.obj: $(SRC_D)\crypto\evp\e_cbc_r2.c
-	$(CC) /Fo$(OBJ_D)\e_cbc_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_r2.c
+	$(CC) /Fo$(OBJ_D)\e_cbc_r2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_r2.c
 
 $(OBJ_D)\e_cfb_r2.obj: $(SRC_D)\crypto\evp\e_cfb_r2.c
-	$(CC) /Fo$(OBJ_D)\e_cfb_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_r2.c
+	$(CC) /Fo$(OBJ_D)\e_cfb_r2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_r2.c
 
 $(OBJ_D)\e_ofb_r2.obj: $(SRC_D)\crypto\evp\e_ofb_r2.c
-	$(CC) /Fo$(OBJ_D)\e_ofb_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_r2.c
+	$(CC) /Fo$(OBJ_D)\e_ofb_r2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_r2.c
 
 $(OBJ_D)\e_ecb_bf.obj: $(SRC_D)\crypto\evp\e_ecb_bf.c
-	$(CC) /Fo$(OBJ_D)\e_ecb_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_bf.c
+	$(CC) /Fo$(OBJ_D)\e_ecb_bf.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_bf.c
 
 $(OBJ_D)\e_cbc_bf.obj: $(SRC_D)\crypto\evp\e_cbc_bf.c
-	$(CC) /Fo$(OBJ_D)\e_cbc_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_bf.c
+	$(CC) /Fo$(OBJ_D)\e_cbc_bf.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_bf.c
 
 $(OBJ_D)\e_cfb_bf.obj: $(SRC_D)\crypto\evp\e_cfb_bf.c
-	$(CC) /Fo$(OBJ_D)\e_cfb_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_bf.c
+	$(CC) /Fo$(OBJ_D)\e_cfb_bf.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_bf.c
 
 $(OBJ_D)\e_ofb_bf.obj: $(SRC_D)\crypto\evp\e_ofb_bf.c
-	$(CC) /Fo$(OBJ_D)\e_ofb_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_bf.c
+	$(CC) /Fo$(OBJ_D)\e_ofb_bf.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_bf.c
+
+$(OBJ_D)\e_ecb_c.obj: $(SRC_D)\crypto\evp\e_ecb_c.c
+	$(CC) /Fo$(OBJ_D)\e_ecb_c.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_c.c
+
+$(OBJ_D)\e_cbc_c.obj: $(SRC_D)\crypto\evp\e_cbc_c.c
+	$(CC) /Fo$(OBJ_D)\e_cbc_c.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_c.c
+
+$(OBJ_D)\e_cfb_c.obj: $(SRC_D)\crypto\evp\e_cfb_c.c
+	$(CC) /Fo$(OBJ_D)\e_cfb_c.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_c.c
+
+$(OBJ_D)\e_ofb_c.obj: $(SRC_D)\crypto\evp\e_ofb_c.c
+	$(CC) /Fo$(OBJ_D)\e_ofb_c.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_c.c
+
+$(OBJ_D)\e_ecb_r5.obj: $(SRC_D)\crypto\evp\e_ecb_r5.c
+	$(CC) /Fo$(OBJ_D)\e_ecb_r5.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_r5.c
+
+$(OBJ_D)\e_cbc_r5.obj: $(SRC_D)\crypto\evp\e_cbc_r5.c
+	$(CC) /Fo$(OBJ_D)\e_cbc_r5.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_r5.c
+
+$(OBJ_D)\e_cfb_r5.obj: $(SRC_D)\crypto\evp\e_cfb_r5.c
+	$(CC) /Fo$(OBJ_D)\e_cfb_r5.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_r5.c
+
+$(OBJ_D)\e_ofb_r5.obj: $(SRC_D)\crypto\evp\e_ofb_r5.c
+	$(CC) /Fo$(OBJ_D)\e_ofb_r5.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_r5.c
 
 $(OBJ_D)\m_null.obj: $(SRC_D)\crypto\evp\m_null.c
-	$(CC) /Fo$(OBJ_D)\m_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_null.c
+	$(CC) /Fo$(OBJ_D)\m_null.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_null.c
 
 $(OBJ_D)\m_md2.obj: $(SRC_D)\crypto\evp\m_md2.c
-	$(CC) /Fo$(OBJ_D)\m_md2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_md2.c
+	$(CC) /Fo$(OBJ_D)\m_md2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_md2.c
 
 $(OBJ_D)\m_md5.obj: $(SRC_D)\crypto\evp\m_md5.c
-	$(CC) /Fo$(OBJ_D)\m_md5.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_md5.c
+	$(CC) /Fo$(OBJ_D)\m_md5.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_md5.c
 
 $(OBJ_D)\m_sha.obj: $(SRC_D)\crypto\evp\m_sha.c
-	$(CC) /Fo$(OBJ_D)\m_sha.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_sha.c
+	$(CC) /Fo$(OBJ_D)\m_sha.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_sha.c
 
 $(OBJ_D)\m_sha1.obj: $(SRC_D)\crypto\evp\m_sha1.c
-	$(CC) /Fo$(OBJ_D)\m_sha1.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_sha1.c
+	$(CC) /Fo$(OBJ_D)\m_sha1.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_sha1.c
 
 $(OBJ_D)\m_dss.obj: $(SRC_D)\crypto\evp\m_dss.c
-	$(CC) /Fo$(OBJ_D)\m_dss.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_dss.c
+	$(CC) /Fo$(OBJ_D)\m_dss.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_dss.c
 
 $(OBJ_D)\m_dss1.obj: $(SRC_D)\crypto\evp\m_dss1.c
-	$(CC) /Fo$(OBJ_D)\m_dss1.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_dss1.c
+	$(CC) /Fo$(OBJ_D)\m_dss1.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_dss1.c
 
 $(OBJ_D)\m_mdc2.obj: $(SRC_D)\crypto\evp\m_mdc2.c
-	$(CC) /Fo$(OBJ_D)\m_mdc2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_mdc2.c
+	$(CC) /Fo$(OBJ_D)\m_mdc2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_mdc2.c
+
+$(OBJ_D)\m_ripemd.obj: $(SRC_D)\crypto\evp\m_ripemd.c
+	$(CC) /Fo$(OBJ_D)\m_ripemd.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_ripemd.c
 
 $(OBJ_D)\p_open.obj: $(SRC_D)\crypto\evp\p_open.c
-	$(CC) /Fo$(OBJ_D)\p_open.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_open.c
+	$(CC) /Fo$(OBJ_D)\p_open.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_open.c
 
 $(OBJ_D)\p_seal.obj: $(SRC_D)\crypto\evp\p_seal.c
-	$(CC) /Fo$(OBJ_D)\p_seal.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_seal.c
+	$(CC) /Fo$(OBJ_D)\p_seal.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_seal.c
 
 $(OBJ_D)\p_sign.obj: $(SRC_D)\crypto\evp\p_sign.c
-	$(CC) /Fo$(OBJ_D)\p_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_sign.c
+	$(CC) /Fo$(OBJ_D)\p_sign.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_sign.c
 
 $(OBJ_D)\p_verify.obj: $(SRC_D)\crypto\evp\p_verify.c
-	$(CC) /Fo$(OBJ_D)\p_verify.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_verify.c
+	$(CC) /Fo$(OBJ_D)\p_verify.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_verify.c
 
 $(OBJ_D)\p_lib.obj: $(SRC_D)\crypto\evp\p_lib.c
-	$(CC) /Fo$(OBJ_D)\p_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_lib.c
+	$(CC) /Fo$(OBJ_D)\p_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_lib.c
+
+$(OBJ_D)\p_enc.obj: $(SRC_D)\crypto\evp\p_enc.c
+	$(CC) /Fo$(OBJ_D)\p_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_enc.c
+
+$(OBJ_D)\p_dec.obj: $(SRC_D)\crypto\evp\p_dec.c
+	$(CC) /Fo$(OBJ_D)\p_dec.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_dec.c
 
 $(OBJ_D)\bio_md.obj: $(SRC_D)\crypto\evp\bio_md.c
-	$(CC) /Fo$(OBJ_D)\bio_md.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_md.c
+	$(CC) /Fo$(OBJ_D)\bio_md.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_md.c
 
 $(OBJ_D)\bio_b64.obj: $(SRC_D)\crypto\evp\bio_b64.c
-	$(CC) /Fo$(OBJ_D)\bio_b64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_b64.c
+	$(CC) /Fo$(OBJ_D)\bio_b64.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_b64.c
 
 $(OBJ_D)\bio_enc.obj: $(SRC_D)\crypto\evp\bio_enc.c
-	$(CC) /Fo$(OBJ_D)\bio_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_enc.c
+	$(CC) /Fo$(OBJ_D)\bio_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_enc.c
 
 $(OBJ_D)\evp_err.obj: $(SRC_D)\crypto\evp\evp_err.c
-	$(CC) /Fo$(OBJ_D)\evp_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_err.c
+	$(CC) /Fo$(OBJ_D)\evp_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_err.c
 
 $(OBJ_D)\e_null.obj: $(SRC_D)\crypto\evp\e_null.c
-	$(CC) /Fo$(OBJ_D)\e_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_null.c
+	$(CC) /Fo$(OBJ_D)\e_null.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_null.c
 
 $(OBJ_D)\c_all.obj: $(SRC_D)\crypto\evp\c_all.c
-	$(CC) /Fo$(OBJ_D)\c_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\c_all.c
+	$(CC) /Fo$(OBJ_D)\c_all.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\c_all.c
+
+$(OBJ_D)\evp_lib.obj: $(SRC_D)\crypto\evp\evp_lib.c
+	$(CC) /Fo$(OBJ_D)\evp_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_lib.c
 
 $(OBJ_D)\pem_sign.obj: $(SRC_D)\crypto\pem\pem_sign.c
-	$(CC) /Fo$(OBJ_D)\pem_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_sign.c
+	$(CC) /Fo$(OBJ_D)\pem_sign.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_sign.c
 
 $(OBJ_D)\pem_seal.obj: $(SRC_D)\crypto\pem\pem_seal.c
-	$(CC) /Fo$(OBJ_D)\pem_seal.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_seal.c
+	$(CC) /Fo$(OBJ_D)\pem_seal.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_seal.c
 
 $(OBJ_D)\pem_info.obj: $(SRC_D)\crypto\pem\pem_info.c
-	$(CC) /Fo$(OBJ_D)\pem_info.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_info.c
+	$(CC) /Fo$(OBJ_D)\pem_info.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_info.c
 
 $(OBJ_D)\pem_lib.obj: $(SRC_D)\crypto\pem\pem_lib.c
-	$(CC) /Fo$(OBJ_D)\pem_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_lib.c
+	$(CC) /Fo$(OBJ_D)\pem_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_lib.c
 
 $(OBJ_D)\pem_all.obj: $(SRC_D)\crypto\pem\pem_all.c
-	$(CC) /Fo$(OBJ_D)\pem_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_all.c
+	$(CC) /Fo$(OBJ_D)\pem_all.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_all.c
 
 $(OBJ_D)\pem_err.obj: $(SRC_D)\crypto\pem\pem_err.c
-	$(CC) /Fo$(OBJ_D)\pem_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_err.c
+	$(CC) /Fo$(OBJ_D)\pem_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_err.c
 
 $(OBJ_D)\a_object.obj: $(SRC_D)\crypto\asn1\a_object.c
-	$(CC) /Fo$(OBJ_D)\a_object.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_object.c
+	$(CC) /Fo$(OBJ_D)\a_object.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_object.c
 
 $(OBJ_D)\a_bitstr.obj: $(SRC_D)\crypto\asn1\a_bitstr.c
-	$(CC) /Fo$(OBJ_D)\a_bitstr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bitstr.c
+	$(CC) /Fo$(OBJ_D)\a_bitstr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bitstr.c
 
 $(OBJ_D)\a_utctm.obj: $(SRC_D)\crypto\asn1\a_utctm.c
-	$(CC) /Fo$(OBJ_D)\a_utctm.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_utctm.c
+	$(CC) /Fo$(OBJ_D)\a_utctm.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_utctm.c
 
 $(OBJ_D)\a_int.obj: $(SRC_D)\crypto\asn1\a_int.c
-	$(CC) /Fo$(OBJ_D)\a_int.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_int.c
+	$(CC) /Fo$(OBJ_D)\a_int.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_int.c
 
 $(OBJ_D)\a_octet.obj: $(SRC_D)\crypto\asn1\a_octet.c
-	$(CC) /Fo$(OBJ_D)\a_octet.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_octet.c
+	$(CC) /Fo$(OBJ_D)\a_octet.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_octet.c
 
 $(OBJ_D)\a_print.obj: $(SRC_D)\crypto\asn1\a_print.c
-	$(CC) /Fo$(OBJ_D)\a_print.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_print.c
+	$(CC) /Fo$(OBJ_D)\a_print.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_print.c
 
 $(OBJ_D)\a_type.obj: $(SRC_D)\crypto\asn1\a_type.c
-	$(CC) /Fo$(OBJ_D)\a_type.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_type.c
+	$(CC) /Fo$(OBJ_D)\a_type.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_type.c
 
 $(OBJ_D)\a_set.obj: $(SRC_D)\crypto\asn1\a_set.c
-	$(CC) /Fo$(OBJ_D)\a_set.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_set.c
+	$(CC) /Fo$(OBJ_D)\a_set.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_set.c
 
 $(OBJ_D)\a_dup.obj: $(SRC_D)\crypto\asn1\a_dup.c
-	$(CC) /Fo$(OBJ_D)\a_dup.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_dup.c
+	$(CC) /Fo$(OBJ_D)\a_dup.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_dup.c
 
 $(OBJ_D)\a_d2i_fp.obj: $(SRC_D)\crypto\asn1\a_d2i_fp.c
-	$(CC) /Fo$(OBJ_D)\a_d2i_fp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_d2i_fp.c
+	$(CC) /Fo$(OBJ_D)\a_d2i_fp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_d2i_fp.c
 
 $(OBJ_D)\a_i2d_fp.obj: $(SRC_D)\crypto\asn1\a_i2d_fp.c
-	$(CC) /Fo$(OBJ_D)\a_i2d_fp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_i2d_fp.c
+	$(CC) /Fo$(OBJ_D)\a_i2d_fp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_i2d_fp.c
 
 $(OBJ_D)\a_sign.obj: $(SRC_D)\crypto\asn1\a_sign.c
-	$(CC) /Fo$(OBJ_D)\a_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_sign.c
+	$(CC) /Fo$(OBJ_D)\a_sign.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_sign.c
 
 $(OBJ_D)\a_digest.obj: $(SRC_D)\crypto\asn1\a_digest.c
-	$(CC) /Fo$(OBJ_D)\a_digest.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_digest.c
+	$(CC) /Fo$(OBJ_D)\a_digest.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_digest.c
 
 $(OBJ_D)\a_verify.obj: $(SRC_D)\crypto\asn1\a_verify.c
-	$(CC) /Fo$(OBJ_D)\a_verify.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_verify.c
+	$(CC) /Fo$(OBJ_D)\a_verify.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_verify.c
 
 $(OBJ_D)\x_algor.obj: $(SRC_D)\crypto\asn1\x_algor.c
-	$(CC) /Fo$(OBJ_D)\x_algor.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_algor.c
+	$(CC) /Fo$(OBJ_D)\x_algor.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_algor.c
 
 $(OBJ_D)\x_val.obj: $(SRC_D)\crypto\asn1\x_val.c
-	$(CC) /Fo$(OBJ_D)\x_val.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_val.c
+	$(CC) /Fo$(OBJ_D)\x_val.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_val.c
 
 $(OBJ_D)\x_pubkey.obj: $(SRC_D)\crypto\asn1\x_pubkey.c
-	$(CC) /Fo$(OBJ_D)\x_pubkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_pubkey.c
+	$(CC) /Fo$(OBJ_D)\x_pubkey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_pubkey.c
 
 $(OBJ_D)\x_sig.obj: $(SRC_D)\crypto\asn1\x_sig.c
-	$(CC) /Fo$(OBJ_D)\x_sig.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_sig.c
+	$(CC) /Fo$(OBJ_D)\x_sig.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_sig.c
 
 $(OBJ_D)\x_req.obj: $(SRC_D)\crypto\asn1\x_req.c
-	$(CC) /Fo$(OBJ_D)\x_req.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_req.c
+	$(CC) /Fo$(OBJ_D)\x_req.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_req.c
 
 $(OBJ_D)\x_attrib.obj: $(SRC_D)\crypto\asn1\x_attrib.c
-	$(CC) /Fo$(OBJ_D)\x_attrib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_attrib.c
+	$(CC) /Fo$(OBJ_D)\x_attrib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_attrib.c
 
 $(OBJ_D)\x_name.obj: $(SRC_D)\crypto\asn1\x_name.c
-	$(CC) /Fo$(OBJ_D)\x_name.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_name.c
+	$(CC) /Fo$(OBJ_D)\x_name.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_name.c
 
 $(OBJ_D)\x_cinf.obj: $(SRC_D)\crypto\asn1\x_cinf.c
-	$(CC) /Fo$(OBJ_D)\x_cinf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_cinf.c
+	$(CC) /Fo$(OBJ_D)\x_cinf.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_cinf.c
 
 $(OBJ_D)\x_x509.obj: $(SRC_D)\crypto\asn1\x_x509.c
-	$(CC) /Fo$(OBJ_D)\x_x509.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_x509.c
+	$(CC) /Fo$(OBJ_D)\x_x509.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_x509.c
 
 $(OBJ_D)\x_crl.obj: $(SRC_D)\crypto\asn1\x_crl.c
-	$(CC) /Fo$(OBJ_D)\x_crl.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_crl.c
+	$(CC) /Fo$(OBJ_D)\x_crl.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_crl.c
 
 $(OBJ_D)\x_info.obj: $(SRC_D)\crypto\asn1\x_info.c
-	$(CC) /Fo$(OBJ_D)\x_info.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_info.c
+	$(CC) /Fo$(OBJ_D)\x_info.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_info.c
 
 $(OBJ_D)\x_spki.obj: $(SRC_D)\crypto\asn1\x_spki.c
-	$(CC) /Fo$(OBJ_D)\x_spki.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_spki.c
+	$(CC) /Fo$(OBJ_D)\x_spki.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_spki.c
 
 $(OBJ_D)\d2i_r_pr.obj: $(SRC_D)\crypto\asn1\d2i_r_pr.c
-	$(CC) /Fo$(OBJ_D)\d2i_r_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_r_pr.c
+	$(CC) /Fo$(OBJ_D)\d2i_r_pr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_r_pr.c
 
 $(OBJ_D)\i2d_r_pr.obj: $(SRC_D)\crypto\asn1\i2d_r_pr.c
-	$(CC) /Fo$(OBJ_D)\i2d_r_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_r_pr.c
+	$(CC) /Fo$(OBJ_D)\i2d_r_pr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_r_pr.c
 
 $(OBJ_D)\d2i_r_pu.obj: $(SRC_D)\crypto\asn1\d2i_r_pu.c
-	$(CC) /Fo$(OBJ_D)\d2i_r_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_r_pu.c
+	$(CC) /Fo$(OBJ_D)\d2i_r_pu.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_r_pu.c
 
 $(OBJ_D)\i2d_r_pu.obj: $(SRC_D)\crypto\asn1\i2d_r_pu.c
-	$(CC) /Fo$(OBJ_D)\i2d_r_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_r_pu.c
+	$(CC) /Fo$(OBJ_D)\i2d_r_pu.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_r_pu.c
 
 $(OBJ_D)\d2i_s_pr.obj: $(SRC_D)\crypto\asn1\d2i_s_pr.c
-	$(CC) /Fo$(OBJ_D)\d2i_s_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_s_pr.c
+	$(CC) /Fo$(OBJ_D)\d2i_s_pr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_s_pr.c
 
 $(OBJ_D)\i2d_s_pr.obj: $(SRC_D)\crypto\asn1\i2d_s_pr.c
-	$(CC) /Fo$(OBJ_D)\i2d_s_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_s_pr.c
+	$(CC) /Fo$(OBJ_D)\i2d_s_pr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_s_pr.c
 
 $(OBJ_D)\d2i_s_pu.obj: $(SRC_D)\crypto\asn1\d2i_s_pu.c
-	$(CC) /Fo$(OBJ_D)\d2i_s_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_s_pu.c
+	$(CC) /Fo$(OBJ_D)\d2i_s_pu.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_s_pu.c
 
 $(OBJ_D)\i2d_s_pu.obj: $(SRC_D)\crypto\asn1\i2d_s_pu.c
-	$(CC) /Fo$(OBJ_D)\i2d_s_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_s_pu.c
+	$(CC) /Fo$(OBJ_D)\i2d_s_pu.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_s_pu.c
 
 $(OBJ_D)\d2i_pu.obj: $(SRC_D)\crypto\asn1\d2i_pu.c
-	$(CC) /Fo$(OBJ_D)\d2i_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_pu.c
+	$(CC) /Fo$(OBJ_D)\d2i_pu.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_pu.c
 
 $(OBJ_D)\d2i_pr.obj: $(SRC_D)\crypto\asn1\d2i_pr.c
-	$(CC) /Fo$(OBJ_D)\d2i_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_pr.c
+	$(CC) /Fo$(OBJ_D)\d2i_pr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_pr.c
 
 $(OBJ_D)\i2d_pu.obj: $(SRC_D)\crypto\asn1\i2d_pu.c
-	$(CC) /Fo$(OBJ_D)\i2d_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_pu.c
+	$(CC) /Fo$(OBJ_D)\i2d_pu.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_pu.c
 
 $(OBJ_D)\i2d_pr.obj: $(SRC_D)\crypto\asn1\i2d_pr.c
-	$(CC) /Fo$(OBJ_D)\i2d_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_pr.c
+	$(CC) /Fo$(OBJ_D)\i2d_pr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_pr.c
 
 $(OBJ_D)\t_req.obj: $(SRC_D)\crypto\asn1\t_req.c
-	$(CC) /Fo$(OBJ_D)\t_req.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_req.c
+	$(CC) /Fo$(OBJ_D)\t_req.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_req.c
 
 $(OBJ_D)\t_x509.obj: $(SRC_D)\crypto\asn1\t_x509.c
-	$(CC) /Fo$(OBJ_D)\t_x509.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_x509.c
+	$(CC) /Fo$(OBJ_D)\t_x509.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_x509.c
 
 $(OBJ_D)\t_pkey.obj: $(SRC_D)\crypto\asn1\t_pkey.c
-	$(CC) /Fo$(OBJ_D)\t_pkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_pkey.c
+	$(CC) /Fo$(OBJ_D)\t_pkey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_pkey.c
 
 $(OBJ_D)\p7_i_s.obj: $(SRC_D)\crypto\asn1\p7_i_s.c
-	$(CC) /Fo$(OBJ_D)\p7_i_s.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_i_s.c
+	$(CC) /Fo$(OBJ_D)\p7_i_s.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_i_s.c
 
 $(OBJ_D)\p7_signi.obj: $(SRC_D)\crypto\asn1\p7_signi.c
-	$(CC) /Fo$(OBJ_D)\p7_signi.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_signi.c
+	$(CC) /Fo$(OBJ_D)\p7_signi.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_signi.c
 
 $(OBJ_D)\p7_signd.obj: $(SRC_D)\crypto\asn1\p7_signd.c
-	$(CC) /Fo$(OBJ_D)\p7_signd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_signd.c
+	$(CC) /Fo$(OBJ_D)\p7_signd.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_signd.c
 
 $(OBJ_D)\p7_recip.obj: $(SRC_D)\crypto\asn1\p7_recip.c
-	$(CC) /Fo$(OBJ_D)\p7_recip.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_recip.c
+	$(CC) /Fo$(OBJ_D)\p7_recip.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_recip.c
 
 $(OBJ_D)\p7_enc_c.obj: $(SRC_D)\crypto\asn1\p7_enc_c.c
-	$(CC) /Fo$(OBJ_D)\p7_enc_c.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_enc_c.c
+	$(CC) /Fo$(OBJ_D)\p7_enc_c.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_enc_c.c
 
 $(OBJ_D)\p7_evp.obj: $(SRC_D)\crypto\asn1\p7_evp.c
-	$(CC) /Fo$(OBJ_D)\p7_evp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_evp.c
+	$(CC) /Fo$(OBJ_D)\p7_evp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_evp.c
 
 $(OBJ_D)\p7_dgst.obj: $(SRC_D)\crypto\asn1\p7_dgst.c
-	$(CC) /Fo$(OBJ_D)\p7_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_dgst.c
+	$(CC) /Fo$(OBJ_D)\p7_dgst.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_dgst.c
 
 $(OBJ_D)\p7_s_e.obj: $(SRC_D)\crypto\asn1\p7_s_e.c
-	$(CC) /Fo$(OBJ_D)\p7_s_e.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_s_e.c
+	$(CC) /Fo$(OBJ_D)\p7_s_e.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_s_e.c
 
 $(OBJ_D)\p7_enc.obj: $(SRC_D)\crypto\asn1\p7_enc.c
-	$(CC) /Fo$(OBJ_D)\p7_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_enc.c
+	$(CC) /Fo$(OBJ_D)\p7_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_enc.c
 
 $(OBJ_D)\p7_lib.obj: $(SRC_D)\crypto\asn1\p7_lib.c
-	$(CC) /Fo$(OBJ_D)\p7_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_lib.c
+	$(CC) /Fo$(OBJ_D)\p7_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_lib.c
 
 $(OBJ_D)\f_int.obj: $(SRC_D)\crypto\asn1\f_int.c
-	$(CC) /Fo$(OBJ_D)\f_int.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\f_int.c
+	$(CC) /Fo$(OBJ_D)\f_int.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\f_int.c
 
 $(OBJ_D)\f_string.obj: $(SRC_D)\crypto\asn1\f_string.c
-	$(CC) /Fo$(OBJ_D)\f_string.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\f_string.c
+	$(CC) /Fo$(OBJ_D)\f_string.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\f_string.c
 
 $(OBJ_D)\i2d_dhp.obj: $(SRC_D)\crypto\asn1\i2d_dhp.c
-	$(CC) /Fo$(OBJ_D)\i2d_dhp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_dhp.c
+	$(CC) /Fo$(OBJ_D)\i2d_dhp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_dhp.c
 
 $(OBJ_D)\i2d_dsap.obj: $(SRC_D)\crypto\asn1\i2d_dsap.c
-	$(CC) /Fo$(OBJ_D)\i2d_dsap.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_dsap.c
+	$(CC) /Fo$(OBJ_D)\i2d_dsap.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_dsap.c
 
 $(OBJ_D)\d2i_dhp.obj: $(SRC_D)\crypto\asn1\d2i_dhp.c
-	$(CC) /Fo$(OBJ_D)\d2i_dhp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_dhp.c
+	$(CC) /Fo$(OBJ_D)\d2i_dhp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_dhp.c
 
 $(OBJ_D)\d2i_dsap.obj: $(SRC_D)\crypto\asn1\d2i_dsap.c
-	$(CC) /Fo$(OBJ_D)\d2i_dsap.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_dsap.c
+	$(CC) /Fo$(OBJ_D)\d2i_dsap.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_dsap.c
 
 $(OBJ_D)\n_pkey.obj: $(SRC_D)\crypto\asn1\n_pkey.c
-	$(CC) /Fo$(OBJ_D)\n_pkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\n_pkey.c
+	$(CC) /Fo$(OBJ_D)\n_pkey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\n_pkey.c
 
 $(OBJ_D)\a_hdr.obj: $(SRC_D)\crypto\asn1\a_hdr.c
-	$(CC) /Fo$(OBJ_D)\a_hdr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_hdr.c
+	$(CC) /Fo$(OBJ_D)\a_hdr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_hdr.c
 
 $(OBJ_D)\x_pkey.obj: $(SRC_D)\crypto\asn1\x_pkey.c
-	$(CC) /Fo$(OBJ_D)\x_pkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_pkey.c
+	$(CC) /Fo$(OBJ_D)\x_pkey.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_pkey.c
 
 $(OBJ_D)\a_bool.obj: $(SRC_D)\crypto\asn1\a_bool.c
-	$(CC) /Fo$(OBJ_D)\a_bool.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bool.c
+	$(CC) /Fo$(OBJ_D)\a_bool.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bool.c
 
 $(OBJ_D)\x_exten.obj: $(SRC_D)\crypto\asn1\x_exten.c
-	$(CC) /Fo$(OBJ_D)\x_exten.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_exten.c
+	$(CC) /Fo$(OBJ_D)\x_exten.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_exten.c
 
 $(OBJ_D)\asn1_par.obj: $(SRC_D)\crypto\asn1\asn1_par.c
-	$(CC) /Fo$(OBJ_D)\asn1_par.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_par.c
+	$(CC) /Fo$(OBJ_D)\asn1_par.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_par.c
 
 $(OBJ_D)\asn1_lib.obj: $(SRC_D)\crypto\asn1\asn1_lib.c
-	$(CC) /Fo$(OBJ_D)\asn1_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_lib.c
+	$(CC) /Fo$(OBJ_D)\asn1_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_lib.c
 
 $(OBJ_D)\asn1_err.obj: $(SRC_D)\crypto\asn1\asn1_err.c
-	$(CC) /Fo$(OBJ_D)\asn1_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_err.c
+	$(CC) /Fo$(OBJ_D)\asn1_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_err.c
 
 $(OBJ_D)\a_meth.obj: $(SRC_D)\crypto\asn1\a_meth.c
-	$(CC) /Fo$(OBJ_D)\a_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_meth.c
+	$(CC) /Fo$(OBJ_D)\a_meth.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_meth.c
 
 $(OBJ_D)\a_bytes.obj: $(SRC_D)\crypto\asn1\a_bytes.c
-	$(CC) /Fo$(OBJ_D)\a_bytes.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bytes.c
+	$(CC) /Fo$(OBJ_D)\a_bytes.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bytes.c
+
+$(OBJ_D)\evp_asn1.obj: $(SRC_D)\crypto\asn1\evp_asn1.c
+	$(CC) /Fo$(OBJ_D)\evp_asn1.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\asn1\evp_asn1.c
 
 $(OBJ_D)\x509_def.obj: $(SRC_D)\crypto\x509\x509_def.c
-	$(CC) /Fo$(OBJ_D)\x509_def.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_def.c
+	$(CC) /Fo$(OBJ_D)\x509_def.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_def.c
 
 $(OBJ_D)\x509_d2.obj: $(SRC_D)\crypto\x509\x509_d2.c
-	$(CC) /Fo$(OBJ_D)\x509_d2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_d2.c
+	$(CC) /Fo$(OBJ_D)\x509_d2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_d2.c
 
 $(OBJ_D)\x509_r2x.obj: $(SRC_D)\crypto\x509\x509_r2x.c
-	$(CC) /Fo$(OBJ_D)\x509_r2x.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_r2x.c
+	$(CC) /Fo$(OBJ_D)\x509_r2x.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_r2x.c
 
 $(OBJ_D)\x509_cmp.obj: $(SRC_D)\crypto\x509\x509_cmp.c
-	$(CC) /Fo$(OBJ_D)\x509_cmp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_cmp.c
+	$(CC) /Fo$(OBJ_D)\x509_cmp.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_cmp.c
 
 $(OBJ_D)\x509_obj.obj: $(SRC_D)\crypto\x509\x509_obj.c
-	$(CC) /Fo$(OBJ_D)\x509_obj.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_obj.c
+	$(CC) /Fo$(OBJ_D)\x509_obj.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_obj.c
 
 $(OBJ_D)\x509_req.obj: $(SRC_D)\crypto\x509\x509_req.c
-	$(CC) /Fo$(OBJ_D)\x509_req.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_req.c
+	$(CC) /Fo$(OBJ_D)\x509_req.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_req.c
 
 $(OBJ_D)\x509_vfy.obj: $(SRC_D)\crypto\x509\x509_vfy.c
-	$(CC) /Fo$(OBJ_D)\x509_vfy.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_vfy.c
+	$(CC) /Fo$(OBJ_D)\x509_vfy.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_vfy.c
 
 $(OBJ_D)\x509_set.obj: $(SRC_D)\crypto\x509\x509_set.c
-	$(CC) /Fo$(OBJ_D)\x509_set.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_set.c
+	$(CC) /Fo$(OBJ_D)\x509_set.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_set.c
 
 $(OBJ_D)\x509rset.obj: $(SRC_D)\crypto\x509\x509rset.c
-	$(CC) /Fo$(OBJ_D)\x509rset.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509rset.c
+	$(CC) /Fo$(OBJ_D)\x509rset.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509rset.c
 
 $(OBJ_D)\x509_err.obj: $(SRC_D)\crypto\x509\x509_err.c
-	$(CC) /Fo$(OBJ_D)\x509_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_err.c
+	$(CC) /Fo$(OBJ_D)\x509_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_err.c
 
 $(OBJ_D)\x509name.obj: $(SRC_D)\crypto\x509\x509name.c
-	$(CC) /Fo$(OBJ_D)\x509name.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509name.c
+	$(CC) /Fo$(OBJ_D)\x509name.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509name.c
 
 $(OBJ_D)\x509_v3.obj: $(SRC_D)\crypto\x509\x509_v3.c
-	$(CC) /Fo$(OBJ_D)\x509_v3.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_v3.c
+	$(CC) /Fo$(OBJ_D)\x509_v3.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_v3.c
 
 $(OBJ_D)\x509_ext.obj: $(SRC_D)\crypto\x509\x509_ext.c
-	$(CC) /Fo$(OBJ_D)\x509_ext.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_ext.c
+	$(CC) /Fo$(OBJ_D)\x509_ext.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_ext.c
 
 $(OBJ_D)\x509pack.obj: $(SRC_D)\crypto\x509\x509pack.c
-	$(CC) /Fo$(OBJ_D)\x509pack.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509pack.c
+	$(CC) /Fo$(OBJ_D)\x509pack.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509pack.c
 
 $(OBJ_D)\x509type.obj: $(SRC_D)\crypto\x509\x509type.c
-	$(CC) /Fo$(OBJ_D)\x509type.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509type.c
+	$(CC) /Fo$(OBJ_D)\x509type.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509type.c
 
 $(OBJ_D)\x509_lu.obj: $(SRC_D)\crypto\x509\x509_lu.c
-	$(CC) /Fo$(OBJ_D)\x509_lu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_lu.c
+	$(CC) /Fo$(OBJ_D)\x509_lu.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_lu.c
 
 $(OBJ_D)\x_all.obj: $(SRC_D)\crypto\x509\x_all.c
-	$(CC) /Fo$(OBJ_D)\x_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x_all.c
+	$(CC) /Fo$(OBJ_D)\x_all.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x_all.c
 
 $(OBJ_D)\x509_txt.obj: $(SRC_D)\crypto\x509\x509_txt.c
-	$(CC) /Fo$(OBJ_D)\x509_txt.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_txt.c
+	$(CC) /Fo$(OBJ_D)\x509_txt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_txt.c
 
 $(OBJ_D)\by_file.obj: $(SRC_D)\crypto\x509\by_file.c
-	$(CC) /Fo$(OBJ_D)\by_file.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\by_file.c
+	$(CC) /Fo$(OBJ_D)\by_file.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\by_file.c
 
 $(OBJ_D)\by_dir.obj: $(SRC_D)\crypto\x509\by_dir.c
-	$(CC) /Fo$(OBJ_D)\by_dir.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\by_dir.c
+	$(CC) /Fo$(OBJ_D)\by_dir.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\by_dir.c
 
 $(OBJ_D)\v3_net.obj: $(SRC_D)\crypto\x509\v3_net.c
-	$(CC) /Fo$(OBJ_D)\v3_net.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_net.c
+	$(CC) /Fo$(OBJ_D)\v3_net.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_net.c
 
 $(OBJ_D)\v3_x509.obj: $(SRC_D)\crypto\x509\v3_x509.c
-	$(CC) /Fo$(OBJ_D)\v3_x509.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_x509.c
+	$(CC) /Fo$(OBJ_D)\v3_x509.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_x509.c
 
 $(OBJ_D)\conf.obj: $(SRC_D)\crypto\conf\conf.c
-	$(CC) /Fo$(OBJ_D)\conf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\conf\conf.c
+	$(CC) /Fo$(OBJ_D)\conf.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\conf\conf.c
 
 $(OBJ_D)\conf_err.obj: $(SRC_D)\crypto\conf\conf_err.c
-	$(CC) /Fo$(OBJ_D)\conf_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\conf\conf_err.c
+	$(CC) /Fo$(OBJ_D)\conf_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\conf\conf_err.c
 
 $(OBJ_D)\txt_db.obj: $(SRC_D)\crypto\txt_db\txt_db.c
-	$(CC) /Fo$(OBJ_D)\txt_db.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\txt_db\txt_db.c
+	$(CC) /Fo$(OBJ_D)\txt_db.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\txt_db\txt_db.c
 
 $(OBJ_D)\pk7_lib.obj: $(SRC_D)\crypto\pkcs7\pk7_lib.c
-	$(CC) /Fo$(OBJ_D)\pk7_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pk7_lib.c
+	$(CC) /Fo$(OBJ_D)\pk7_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pk7_lib.c
 
 $(OBJ_D)\pkcs7err.obj: $(SRC_D)\crypto\pkcs7\pkcs7err.c
-	$(CC) /Fo$(OBJ_D)\pkcs7err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pkcs7err.c
+	$(CC) /Fo$(OBJ_D)\pkcs7err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pkcs7err.c
 
 $(OBJ_D)\pk7_doit.obj: $(SRC_D)\crypto\pkcs7\pk7_doit.c
-	$(CC) /Fo$(OBJ_D)\pk7_doit.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pk7_doit.c
+	$(CC) /Fo$(OBJ_D)\pk7_doit.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pk7_doit.c
 
 $(OBJ_D)\s2_meth.obj: $(SRC_D)\ssl\s2_meth.c
-	$(CC) /Fo$(OBJ_D)\s2_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_meth.c
+	$(CC) /Fo$(OBJ_D)\s2_meth.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s2_meth.c
 
 $(OBJ_D)\s2_srvr.obj: $(SRC_D)\ssl\s2_srvr.c
-	$(CC) /Fo$(OBJ_D)\s2_srvr.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_srvr.c
+	$(CC) /Fo$(OBJ_D)\s2_srvr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s2_srvr.c
 
 $(OBJ_D)\s2_clnt.obj: $(SRC_D)\ssl\s2_clnt.c
-	$(CC) /Fo$(OBJ_D)\s2_clnt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_clnt.c
+	$(CC) /Fo$(OBJ_D)\s2_clnt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s2_clnt.c
 
 $(OBJ_D)\s2_lib.obj: $(SRC_D)\ssl\s2_lib.c
-	$(CC) /Fo$(OBJ_D)\s2_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_lib.c
-
-$(OBJ_D)\s2_pkt.obj: $(SRC_D)\ssl\s2_pkt.c
-	$(CC) /Fo$(OBJ_D)\s2_pkt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_pkt.c
+	$(CC) /Fo$(OBJ_D)\s2_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s2_lib.c
 
 $(OBJ_D)\s2_enc.obj: $(SRC_D)\ssl\s2_enc.c
-	$(CC) /Fo$(OBJ_D)\s2_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_enc.c
+	$(CC) /Fo$(OBJ_D)\s2_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s2_enc.c
+
+$(OBJ_D)\s2_pkt.obj: $(SRC_D)\ssl\s2_pkt.c
+	$(CC) /Fo$(OBJ_D)\s2_pkt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s2_pkt.c
 
 $(OBJ_D)\s3_meth.obj: $(SRC_D)\ssl\s3_meth.c
-	$(CC) /Fo$(OBJ_D)\s3_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_meth.c
+	$(CC) /Fo$(OBJ_D)\s3_meth.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s3_meth.c
 
 $(OBJ_D)\s3_srvr.obj: $(SRC_D)\ssl\s3_srvr.c
-	$(CC) /Fo$(OBJ_D)\s3_srvr.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_srvr.c
+	$(CC) /Fo$(OBJ_D)\s3_srvr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s3_srvr.c
 
 $(OBJ_D)\s3_clnt.obj: $(SRC_D)\ssl\s3_clnt.c
-	$(CC) /Fo$(OBJ_D)\s3_clnt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_clnt.c
+	$(CC) /Fo$(OBJ_D)\s3_clnt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s3_clnt.c
 
 $(OBJ_D)\s3_lib.obj: $(SRC_D)\ssl\s3_lib.c
-	$(CC) /Fo$(OBJ_D)\s3_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_lib.c
-
-$(OBJ_D)\s3_pkt.obj: $(SRC_D)\ssl\s3_pkt.c
-	$(CC) /Fo$(OBJ_D)\s3_pkt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_pkt.c
+	$(CC) /Fo$(OBJ_D)\s3_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s3_lib.c
 
 $(OBJ_D)\s3_enc.obj: $(SRC_D)\ssl\s3_enc.c
-	$(CC) /Fo$(OBJ_D)\s3_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_enc.c
+	$(CC) /Fo$(OBJ_D)\s3_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s3_enc.c
+
+$(OBJ_D)\s3_pkt.obj: $(SRC_D)\ssl\s3_pkt.c
+	$(CC) /Fo$(OBJ_D)\s3_pkt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s3_pkt.c
 
 $(OBJ_D)\s3_both.obj: $(SRC_D)\ssl\s3_both.c
-	$(CC) /Fo$(OBJ_D)\s3_both.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_both.c
+	$(CC) /Fo$(OBJ_D)\s3_both.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s3_both.c
 
 $(OBJ_D)\s23_meth.obj: $(SRC_D)\ssl\s23_meth.c
-	$(CC) /Fo$(OBJ_D)\s23_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_meth.c
+	$(CC) /Fo$(OBJ_D)\s23_meth.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s23_meth.c
 
 $(OBJ_D)\s23_srvr.obj: $(SRC_D)\ssl\s23_srvr.c
-	$(CC) /Fo$(OBJ_D)\s23_srvr.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_srvr.c
+	$(CC) /Fo$(OBJ_D)\s23_srvr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s23_srvr.c
 
 $(OBJ_D)\s23_clnt.obj: $(SRC_D)\ssl\s23_clnt.c
-	$(CC) /Fo$(OBJ_D)\s23_clnt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_clnt.c
+	$(CC) /Fo$(OBJ_D)\s23_clnt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s23_clnt.c
 
 $(OBJ_D)\s23_lib.obj: $(SRC_D)\ssl\s23_lib.c
-	$(CC) /Fo$(OBJ_D)\s23_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_lib.c
+	$(CC) /Fo$(OBJ_D)\s23_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s23_lib.c
 
 $(OBJ_D)\s23_pkt.obj: $(SRC_D)\ssl\s23_pkt.c
-	$(CC) /Fo$(OBJ_D)\s23_pkt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_pkt.c
+	$(CC) /Fo$(OBJ_D)\s23_pkt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\s23_pkt.c
+
+$(OBJ_D)\t1_meth.obj: $(SRC_D)\ssl\t1_meth.c
+	$(CC) /Fo$(OBJ_D)\t1_meth.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\t1_meth.c
+
+$(OBJ_D)\t1_srvr.obj: $(SRC_D)\ssl\t1_srvr.c
+	$(CC) /Fo$(OBJ_D)\t1_srvr.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\t1_srvr.c
+
+$(OBJ_D)\t1_clnt.obj: $(SRC_D)\ssl\t1_clnt.c
+	$(CC) /Fo$(OBJ_D)\t1_clnt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\t1_clnt.c
+
+$(OBJ_D)\t1_lib.obj: $(SRC_D)\ssl\t1_lib.c
+	$(CC) /Fo$(OBJ_D)\t1_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\t1_lib.c
+
+$(OBJ_D)\t1_enc.obj: $(SRC_D)\ssl\t1_enc.c
+	$(CC) /Fo$(OBJ_D)\t1_enc.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\t1_enc.c
 
 $(OBJ_D)\ssl_lib.obj: $(SRC_D)\ssl\ssl_lib.c
-	$(CC) /Fo$(OBJ_D)\ssl_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_lib.c
+	$(CC) /Fo$(OBJ_D)\ssl_lib.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_lib.c
 
 $(OBJ_D)\ssl_err2.obj: $(SRC_D)\ssl\ssl_err2.c
-	$(CC) /Fo$(OBJ_D)\ssl_err2.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err2.c
+	$(CC) /Fo$(OBJ_D)\ssl_err2.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err2.c
 
 $(OBJ_D)\ssl_cert.obj: $(SRC_D)\ssl\ssl_cert.c
-	$(CC) /Fo$(OBJ_D)\ssl_cert.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_cert.c
+	$(CC) /Fo$(OBJ_D)\ssl_cert.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_cert.c
 
 $(OBJ_D)\ssl_sess.obj: $(SRC_D)\ssl\ssl_sess.c
-	$(CC) /Fo$(OBJ_D)\ssl_sess.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_sess.c
+	$(CC) /Fo$(OBJ_D)\ssl_sess.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_sess.c
 
 $(OBJ_D)\ssl_ciph.obj: $(SRC_D)\ssl\ssl_ciph.c
-	$(CC) /Fo$(OBJ_D)\ssl_ciph.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_ciph.c
+	$(CC) /Fo$(OBJ_D)\ssl_ciph.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_ciph.c
 
 $(OBJ_D)\ssl_stat.obj: $(SRC_D)\ssl\ssl_stat.c
-	$(CC) /Fo$(OBJ_D)\ssl_stat.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_stat.c
+	$(CC) /Fo$(OBJ_D)\ssl_stat.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_stat.c
 
 $(OBJ_D)\ssl_rsa.obj: $(SRC_D)\ssl\ssl_rsa.c
-	$(CC) /Fo$(OBJ_D)\ssl_rsa.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_rsa.c
+	$(CC) /Fo$(OBJ_D)\ssl_rsa.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_rsa.c
 
 $(OBJ_D)\ssl_asn1.obj: $(SRC_D)\ssl\ssl_asn1.c
-	$(CC) /Fo$(OBJ_D)\ssl_asn1.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_asn1.c
+	$(CC) /Fo$(OBJ_D)\ssl_asn1.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_asn1.c
 
 $(OBJ_D)\ssl_txt.obj: $(SRC_D)\ssl\ssl_txt.c
-	$(CC) /Fo$(OBJ_D)\ssl_txt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_txt.c
+	$(CC) /Fo$(OBJ_D)\ssl_txt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_txt.c
 
 $(OBJ_D)\ssl_algs.obj: $(SRC_D)\ssl\ssl_algs.c
-	$(CC) /Fo$(OBJ_D)\ssl_algs.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_algs.c
+	$(CC) /Fo$(OBJ_D)\ssl_algs.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_algs.c
 
 $(OBJ_D)\bio_ssl.obj: $(SRC_D)\ssl\bio_ssl.c
-	$(CC) /Fo$(OBJ_D)\bio_ssl.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\bio_ssl.c
+	$(CC) /Fo$(OBJ_D)\bio_ssl.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\bio_ssl.c
 
 $(OBJ_D)\ssl_err.obj: $(SRC_D)\ssl\ssl_err.c
-	$(CC) /Fo$(OBJ_D)\ssl_err.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err.c
+	$(CC) /Fo$(OBJ_D)\ssl_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err.c
 
 $(OBJ_D)\rsaref.obj: $(SRC_D)\rsaref\rsaref.c
-	$(CC) /Fo$(OBJ_D)\rsaref.obj $(LIB_CFLAGS) -c $(SRC_D)\rsaref\rsaref.c
+	$(CC) /Fo$(OBJ_D)\rsaref.obj  $(LIB_CFLAGS) -c $(SRC_D)\rsaref\rsaref.c
 
 $(OBJ_D)\rsar_err.obj: $(SRC_D)\rsaref\rsar_err.c
-	$(CC) /Fo$(OBJ_D)\rsar_err.obj $(LIB_CFLAGS) -c $(SRC_D)\rsaref\rsar_err.c
+	$(CC) /Fo$(OBJ_D)\rsar_err.obj  $(LIB_CFLAGS) -c $(SRC_D)\rsaref\rsar_err.c
 
 $(TEST_D)\md2test.exe: $(OBJ_D)\md2test.obj $(LIBS_DEP)
   $(LINK) $(LFLAGS) @<<
@@ -1560,6 +1753,24 @@ $(TEST_D)\mdc2test.exe: $(OBJ_D)\mdc2test.obj $(LIBS_DEP)
 
 <<
 
+$(TEST_D)\hmactest.exe: $(OBJ_D)\hmactest.obj $(LIBS_DEP)
+  $(LINK) $(LFLAGS) @<<
+  $(APP_EX_OBJ) $(OBJ_D)\hmactest.obj
+  $(TEST_D)\hmactest.exe
+
+  $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\rmdtest.exe: $(OBJ_D)\rmdtest.obj $(LIBS_DEP)
+  $(LINK) $(LFLAGS) @<<
+  $(APP_EX_OBJ) $(OBJ_D)\rmdtest.obj
+  $(TEST_D)\rmdtest.exe
+
+  $(L_LIBS) $(EX_LIBS)
+
+<<
+
 $(TEST_D)\destest.exe: $(OBJ_D)\destest.obj $(LIBS_DEP)
   $(LINK) $(LFLAGS) @<<
   $(APP_EX_OBJ) $(OBJ_D)\destest.obj
@@ -1569,6 +1780,15 @@ $(TEST_D)\destest.exe: $(OBJ_D)\destest.obj $(LIBS_DEP)
 
 <<
 
+$(TEST_D)\rc2test.exe: $(OBJ_D)\rc2test.obj $(LIBS_DEP)
+  $(LINK) $(LFLAGS) @<<
+  $(APP_EX_OBJ) $(OBJ_D)\rc2test.obj
+  $(TEST_D)\rc2test.exe
+
+  $(L_LIBS) $(EX_LIBS)
+
+<<
+
 $(TEST_D)\rc4test.exe: $(OBJ_D)\rc4test.obj $(LIBS_DEP)
   $(LINK) $(LFLAGS) @<<
   $(APP_EX_OBJ) $(OBJ_D)\rc4test.obj
@@ -1578,10 +1798,10 @@ $(TEST_D)\rc4test.exe: $(OBJ_D)\rc4test.obj $(LIBS_DEP)
 
 <<
 
-$(TEST_D)\rc2test.exe: $(OBJ_D)\rc2test.obj $(LIBS_DEP)
+$(TEST_D)\rc5test.exe: $(OBJ_D)\rc5test.obj $(LIBS_DEP)
   $(LINK) $(LFLAGS) @<<
-  $(APP_EX_OBJ) $(OBJ_D)\rc2test.obj
-  $(TEST_D)\rc2test.exe
+  $(APP_EX_OBJ) $(OBJ_D)\rc5test.obj
+  $(TEST_D)\rc5test.exe
 
   $(L_LIBS) $(EX_LIBS)
 
@@ -1605,6 +1825,15 @@ $(TEST_D)\bftest.exe: $(OBJ_D)\bftest.obj $(LIBS_DEP)
 
 <<
 
+$(TEST_D)\casttest.exe: $(OBJ_D)\casttest.obj $(LIBS_DEP)
+  $(LINK) $(LFLAGS) @<<
+  $(APP_EX_OBJ) $(OBJ_D)\casttest.obj
+  $(TEST_D)\casttest.exe
+
+  $(L_LIBS) $(EX_LIBS)
+
+<<
+
 $(TEST_D)\bntest.exe: $(OBJ_D)\bntest.obj $(LIBS_DEP)
   $(LINK) $(LFLAGS) @<<
   $(APP_EX_OBJ) $(OBJ_D)\bntest.obj
@@ -1692,6 +1921,11 @@ $(O_SSL): $(SSLOBJ)
   $(OBJ_D)\ssl_sess.obj +
   $(OBJ_D)\ssl_stat.obj +
   $(OBJ_D)\ssl_txt.obj +
+  $(OBJ_D)\t1_clnt.obj +
+  $(OBJ_D)\t1_enc.obj +
+  $(OBJ_D)\t1_lib.obj +
+  $(OBJ_D)\t1_meth.obj +
+  $(OBJ_D)\t1_srvr.obj +
 
   $(O_SSL)
 
@@ -1740,7 +1974,6 @@ $(O_CRYPTO): $(CRYPTOOBJ)
   $(OBJ_D)\b_print.obj +
   $(OBJ_D)\b_sock.obj +
   $(OBJ_D)\bf_buff.obj +
-  $(OBJ_D)\bf_cbc.obj +
   $(OBJ_D)\bf_cfb64.obj +
   $(OBJ_D)\bf_ecb.obj +
   $(OBJ_D)\bf_enc.obj +
@@ -1755,6 +1988,7 @@ $(O_CRYPTO): $(CRYPTOOBJ)
   $(OBJ_D)\bio_lib.obj +
   $(OBJ_D)\bio_md.obj +
   $(OBJ_D)\bn_add.obj +
+  $(OBJ_D)\bn_blind.obj +
   $(OBJ_D)\bn_div.obj +
   $(OBJ_D)\bn_err.obj +
   $(OBJ_D)\bn_exp.obj +
@@ -1762,6 +1996,7 @@ $(O_CRYPTO): $(CRYPTOOBJ)
   $(OBJ_D)\bn_lib.obj +
   $(OBJ_D)\bn_mod.obj +
   $(OBJ_D)\bn_mont.obj +
+  $(OBJ_D)\bn_mpi.obj +
   $(OBJ_D)\bn_mul.obj +
   $(OBJ_D)\bn_prime.obj +
   $(OBJ_D)\bn_print.obj +
@@ -1783,7 +2018,11 @@ $(O_CRYPTO): $(CRYPTOOBJ)
   $(OBJ_D)\by_dir.obj +
   $(OBJ_D)\by_file.obj +
   $(OBJ_D)\c_all.obj +
-  $(OBJ_D)\cbc3_enc.obj +
+  $(OBJ_D)\c_cfb64.obj +
+  $(OBJ_D)\c_ecb.obj +
+  $(OBJ_D)\c_enc.obj +
+  $(OBJ_D)\c_ofb64.obj +
+  $(OBJ_D)\c_skey.obj +
   $(OBJ_D)\cbc_cksm.obj +
   $(OBJ_D)\cbc_enc.obj +
   $(OBJ_D)\cfb64ede.obj +
@@ -1791,6 +2030,7 @@ $(O_CRYPTO): $(CRYPTOOBJ)
   $(OBJ_D)\cfb_enc.obj +
   $(OBJ_D)\conf.obj +
   $(OBJ_D)\conf_err.obj +
+  $(OBJ_D)\cpt_err.obj +
   $(OBJ_D)\cryptlib.obj +
   $(OBJ_D)\cversion.obj +
   $(OBJ_D)\d2i_dhp.obj +
@@ -1816,43 +2056,54 @@ $(O_CRYPTO): $(CRYPTOOBJ)
   $(OBJ_D)\dsa_vrf.obj +
   $(OBJ_D)\e_cbc_3d.obj +
   $(OBJ_D)\e_cbc_bf.obj +
+  $(OBJ_D)\e_cbc_c.obj +
   $(OBJ_D)\e_cbc_d.obj +
   $(OBJ_D)\e_cbc_i.obj +
   $(OBJ_D)\e_cbc_r2.obj +
+  $(OBJ_D)\e_cbc_r5.obj +
   $(OBJ_D)\e_cfb_3d.obj +
   $(OBJ_D)\e_cfb_bf.obj +
+  $(OBJ_D)\e_cfb_c.obj +
   $(OBJ_D)\e_cfb_d.obj +
   $(OBJ_D)\e_cfb_i.obj +
   $(OBJ_D)\e_cfb_r2.obj +
+  $(OBJ_D)\e_cfb_r5.obj +
   $(OBJ_D)\e_ecb_3d.obj +
   $(OBJ_D)\e_ecb_bf.obj +
+  $(OBJ_D)\e_ecb_c.obj +
   $(OBJ_D)\e_ecb_d.obj +
   $(OBJ_D)\e_ecb_i.obj +
   $(OBJ_D)\e_ecb_r2.obj +
+  $(OBJ_D)\e_ecb_r5.obj +
   $(OBJ_D)\e_null.obj +
   $(OBJ_D)\e_ofb_3d.obj +
   $(OBJ_D)\e_ofb_bf.obj +
+  $(OBJ_D)\e_ofb_c.obj +
   $(OBJ_D)\e_ofb_d.obj +
   $(OBJ_D)\e_ofb_i.obj +
   $(OBJ_D)\e_ofb_r2.obj +
+  $(OBJ_D)\e_ofb_r5.obj +
   $(OBJ_D)\e_rc4.obj +
   $(OBJ_D)\e_xcbc_d.obj +
   $(OBJ_D)\ecb3_enc.obj +
   $(OBJ_D)\ecb_enc.obj +
-  $(OBJ_D)\ede_enc.obj +
   $(OBJ_D)\enc_read.obj +
   $(OBJ_D)\enc_writ.obj +
   $(OBJ_D)\encode.obj +
   $(OBJ_D)\err.obj +
   $(OBJ_D)\err_all.obj +
   $(OBJ_D)\err_prn.obj +
+  $(OBJ_D)\evp_asn1.obj +
   $(OBJ_D)\evp_enc.obj +
   $(OBJ_D)\evp_err.obj +
   $(OBJ_D)\evp_key.obj +
+  $(OBJ_D)\evp_lib.obj +
+  $(OBJ_D)\ex_data.obj +
   $(OBJ_D)\f_int.obj +
   $(OBJ_D)\f_string.obj +
   $(OBJ_D)\fcrypt.obj +
   $(OBJ_D)\fcrypt_b.obj +
+  $(OBJ_D)\hmac.obj +
   $(OBJ_D)\i2d_dhp.obj +
   $(OBJ_D)\i2d_dsap.obj +
   $(OBJ_D)\i2d_pr.obj +
@@ -1874,6 +2125,7 @@ $(O_CRYPTO): $(CRYPTOOBJ)
   $(OBJ_D)\m_md5.obj +
   $(OBJ_D)\m_mdc2.obj +
   $(OBJ_D)\m_null.obj +
+  $(OBJ_D)\m_ripemd.obj +
   $(OBJ_D)\m_sha.obj +
   $(OBJ_D)\m_sha1.obj +
   $(OBJ_D)\md2_dgst.obj +
@@ -1886,7 +2138,6 @@ $(O_CRYPTO): $(CRYPTOOBJ)
   $(OBJ_D)\mem.obj +
   $(OBJ_D)\n_pkey.obj +
   $(OBJ_D)\names.obj +
-  $(OBJ_D)\ncbc_enc.obj +
   $(OBJ_D)\obj_dat.obj +
   $(OBJ_D)\obj_err.obj +
   $(OBJ_D)\obj_lib.obj +
@@ -1903,6 +2154,8 @@ $(O_CRYPTO): $(CRYPTOOBJ)
   $(OBJ_D)\p7_s_e.obj +
   $(OBJ_D)\p7_signd.obj +
   $(OBJ_D)\p7_signi.obj +
+  $(OBJ_D)\p_dec.obj +
+  $(OBJ_D)\p_enc.obj +
   $(OBJ_D)\p_lib.obj +
   $(OBJ_D)\p_open.obj +
   $(OBJ_D)\p_seal.obj +
@@ -1927,15 +2180,26 @@ $(O_CRYPTO): $(CRYPTOOBJ)
   $(OBJ_D)\rc2cfb64.obj +
   $(OBJ_D)\rc2ofb64.obj +
   $(OBJ_D)\rc4_enc.obj +
+  $(OBJ_D)\rc4_skey.obj +
+  $(OBJ_D)\rc5_ecb.obj +
+  $(OBJ_D)\rc5_enc.obj +
+  $(OBJ_D)\rc5_skey.obj +
+  $(OBJ_D)\rc5cfb64.obj +
+  $(OBJ_D)\rc5ofb64.obj +
   $(OBJ_D)\read2pwd.obj +
   $(OBJ_D)\read_pwd.obj +
+  $(OBJ_D)\rmd_dgst.obj +
+  $(OBJ_D)\rmd_one.obj +
   $(OBJ_D)\rpc_enc.obj +
-  $(OBJ_D)\rsa_enc.obj +
+  $(OBJ_D)\rsa_eay.obj +
   $(OBJ_D)\rsa_err.obj +
   $(OBJ_D)\rsa_gen.obj +
   $(OBJ_D)\rsa_lib.obj +
+  $(OBJ_D)\rsa_none.obj +
+  $(OBJ_D)\rsa_pk1.obj +
   $(OBJ_D)\rsa_saos.obj +
   $(OBJ_D)\rsa_sign.obj +
+  $(OBJ_D)\rsa_ssl.obj +
   $(OBJ_D)\set_key.obj +
   $(OBJ_D)\sha1_one.obj +
   $(OBJ_D)\sha1dgst.obj +
@@ -2007,7 +2271,6 @@ $(BIN_D)\$(E_EXE).exe: $(E_OBJ) $(LIBS_DEP)
   $(OBJ_D)\enc.obj +
   $(OBJ_D)\errstr.obj +
   $(OBJ_D)\gendh.obj +
-  $(OBJ_D)\gendsa.obj +
   $(OBJ_D)\genrsa.obj +
   $(OBJ_D)\pkcs7.obj +
   $(OBJ_D)\req.obj +
diff --git a/mt/README b/mt/README
index fc933c31c1..df6b26e146 100644
--- a/mt/README
+++ b/mt/README
@@ -3,8 +3,12 @@ Mutithreading testing area.
 Since this stuff is very very platorm specific, this is not part of the
 normal build.  Have a read of doc/threads.doc.
 
-mttest will do some testing and will currently build under Windows NT/95
-and solaris.  The IRIX stuff is not finished.
+mttest will do some testing and will currently build under Windows NT/95,
+Solaris and Linux.  The IRIX stuff is not finished.
 
 I have tested this program on a 12 CPU ultra sparc box (solaris 2.5.1)
 and things seem to work ok.
+
+The Linux pthreads package can be retrieved from 
+http://www.mit.edu:8001/people/proven/pthreads.html
+
diff --git a/mt/mttest.c b/mt/mttest.c
index 3a927a2937..8651a1131a 100644
--- a/mt/mttest.c
+++ b/mt/mttest.c
@@ -1,5 +1,5 @@
 /* mt/mttest.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -82,7 +82,7 @@
 #include "ssl.h"
 #include "err.h"
 
-#ifdef WIN16
+#ifdef NO_FP_API
 #define APPS_WIN16
 #include "../crypto/buffer/bss_file.c"
 #endif
@@ -98,25 +98,31 @@ int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth,
 void thread_setup(void);
 void thread_cleanup(void);
 void do_threads(SSL_CTX *s_ctx,SSL_CTX *c_ctx);
+
 void irix_locking_callback(int mode,int type,char *file,int line);
 void solaris_locking_callback(int mode,int type,char *file,int line);
 void win32_locking_callback(int mode,int type,char *file,int line);
-void linux_locking_callback(int mode,int type,char *file,int line);
+void pthreads_locking_callback(int mode,int type,char *file,int line);
+
 unsigned long irix_thread_id(void );
 unsigned long solaris_thread_id(void );
-unsigned long linix_thread_id(void );
+unsigned long pthreads_thread_id(void );
+
 #else
 int MS_CALLBACK verify_callback();
 void thread_setup();
 void thread_cleanup();
 void do_threads();
+
 void irix_locking_callback();
 void solaris_locking_callback();
 void win32_locking_callback();
-void linux_locking_callback();
+void pthreads_locking_callback();
+
 unsigned long irix_thread_id();
 unsigned long solaris_thread_id();
-unsigned long linix_thread_id();
+unsigned long pthreads_thread_id();
+
 #endif
 
 BIO *bio_err=NULL;
@@ -700,7 +706,7 @@ char *arg;
 
 #ifdef WIN32
 
-static HANDLE lock_cs[CRYPTO_NUM_LOCKS];
+static PRLOCK lock_cs[CRYPTO_NUM_LOCKS];
 
 void thread_setup()
 	{
@@ -792,7 +798,7 @@ SSL_CTX *s_ctx,*c_ctx;
 	printf("win32 threads done - %.3f seconds\n",ret);
 	}
 
-#endif
+#endif /* WIN32 */
 
 #ifdef SOLARIS
 
@@ -903,7 +909,7 @@ unsigned long solaris_thread_id()
 	ret=(unsigned long)thr_self();
 	return(ret);
 	}
-#endif
+#endif /* SOLARIS */
 
 #ifdef IRIX
 
@@ -1001,5 +1007,109 @@ unsigned long irix_thread_id()
 	ret=(unsigned long)getpid();
 	return(ret);
 	}
+#endif /* IRIX */
+
+#ifdef PTHREADS
+
+static pthread_mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+static long lock_count[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+	{
+	int i;
+
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		lock_count[i]=0;
+		pthread_mutex_init(&(lock_cs[i]),NULL);
+		}
+
+	CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
+	CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
+	}
+
+void thread_cleanup()
+	{
+	int i;
+
+	CRYPTO_set_locking_callback(NULL);
+	fprintf(stderr,"cleanup\n");
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		{
+		pthread_mutex_destroy(&(lock_cs[i]));
+		fprintf(stderr,"%8ld:%s\n",lock_count[i],
+			CRYPTO_get_lock_name(i));
+		}
+	fprintf(stderr,"done cleanup\n");
+	}
+
+void pthreads_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+      {
+#ifdef undef
+	fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+		CRYPTO_thread_id(),
+		(mode&CRYPTO_LOCK)?"l":"u",
+		(type&CRYPTO_READ)?"r":"w",file,line);
 #endif
+/*
+	if (CRYPTO_LOCK_SSL_CERT == type)
+		fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+		CRYPTO_thread_id(),
+		mode,file,line);
+*/
+	if (mode & CRYPTO_LOCK)
+		{
+		pthread_mutex_lock(&(lock_cs[type]));
+		lock_count[type]++;
+		}
+	else
+		{
+		pthread_mutex_unlock(&(lock_cs[type]));
+		}
+	}
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+	{
+	SSL_CTX *ssl_ctx[2];
+	pthread_t thread_ctx[MAX_THREAD_NUMBER];
+	int i;
+
+	ssl_ctx[0]=s_ctx;
+	ssl_ctx[1]=c_ctx;
+
+	/*
+	thr_setconcurrency(thread_number);
+	*/
+	for (i=0; i<thread_number; i++)
+		{
+		pthread_create(&(thread_ctx[i]), NULL,
+			(void *(*)())ndoit, (void *)ssl_ctx);
+		}
+
+	printf("reaping\n");
+	for (i=0; i<thread_number; i++)
+		{
+		pthread_join(thread_ctx[i],NULL);
+		}
+
+	printf("pthreads threads done (%d,%d)\n",
+	s_ctx->references,c_ctx->references);
+	}
+
+unsigned long pthreads_thread_id()
+	{
+	unsigned long ret;
+
+	ret=(unsigned long)pthread_self();
+	return(ret);
+	}
+
+#endif /* PTHREADS */
+
+
 
diff --git a/mt/pthread.sh b/mt/pthread.sh
new file mode 100644
index 0000000000..7d0b6e55f5
--- /dev/null
+++ b/mt/pthread.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# build using pthreads
+#
+# http://www.mit.edu:8001/people/proven/pthreads.html
+#
+/bin/rm -f mttest
+pgcc -DPTHREADS -I../include -g mttest.c -o mttest -L.. -lssl -lcrypto 
+
diff --git a/perl/MANIFEST b/perl/MANIFEST
new file mode 100644
index 0000000000..992db5ed4c
--- /dev/null
+++ b/perl/MANIFEST
@@ -0,0 +1,17 @@
+MANIFEST
+Makefile.PL
+SSLeay.pm
+bio.xs
+bn.xs
+cipher.xs
+digest.xs
+err.xs
+ssl.xs
+x509.xs
+test.pl
+test2.pl
+test3.pl
+test9.pl
+testbn.pl
+testmd.pl
+typemap
diff --git a/perl/Makefile.PL b/perl/Makefile.PL
new file mode 100644
index 0000000000..f9998e0a61
--- /dev/null
+++ b/perl/Makefile.PL
@@ -0,0 +1,25 @@
+use ExtUtils::MakeMaker;
+# See lib/ExtUtils/MakeMaker.pm for details of how to influence
+# the contents of the Makefile that is written.
+WriteMakefile(
+	'OPTIMIZE'	=> '-g',
+	'DISTNAME'	=> 'SSLeay-perl5-0.8.5',
+	'NAME'		=> 'SSLeay',
+	'VERSION_FROM'	=> 'SSLeay.pm',
+	'LIBS'		=> ['-L.. -lssl -lcrypto'],
+	'DEFINE'	=> '',
+	'INC'		=> '-I../include',
+	'C'		=> ['callback.c'],
+	'H'		=> ['p5SSLeay.h'],
+	'OBJECT'	=> "	SSLeay.o bio.o bn.o cipher.o digest.o err.o 
+				ssl.o x509.o",
+	'XS'		=> {	'SSLeay.xs'	=>	'SSLeay.c',
+				'bio.xs'	=>	'bio.c',
+				'bn.xs'		=>	'bn.c',
+				'cipher.xs'	=>	'cipher.c',
+				'digest.xs'	=>	'digest.c',
+				'err.xs'	=>	'err.c',
+				'ssl.xs'	=>	'ssl.c',
+				'x509.xs'	=>	'x509.c',
+				}
+	);
diff --git a/perl/OpenSSL.xs b/perl/OpenSSL.xs
new file mode 100644
index 0000000000..582b5705aa
--- /dev/null
+++ b/perl/OpenSSL.xs
@@ -0,0 +1,63 @@
+#include "p5SSLeay.h"
+
+SV *new_ref(type,obj,mort)
+char *type;
+char *obj;
+	{
+	SV *ret;
+
+	if (mort)
+		ret=sv_newmortal();
+	else
+		ret=newSViv(0);
+	sv_setref_pv(ret,type,(void *)obj);
+	return(ret);
+	}
+
+int ex_new(obj,data,ad,idx,argl,argp)
+char *obj;
+SV *data;
+CRYPTO_EX_DATA *ad;
+int idx;
+long argl;
+char *argp;
+	{
+	SV *sv;
+
+fprintf(stderr,"ex_new %08X %s\n",obj,argp);
+	sv=sv_newmortal();
+	sv_setref_pv(sv,argp,(void *)obj);
+	CRYPTO_set_ex_data(ad,idx,(char *)sv);
+	return(1);
+	}
+
+void ex_cleanup(obj,data,ad,idx,argl,argp)
+char *obj;
+SV *data;
+CRYPTO_EX_DATA *ad;
+int idx;
+long argl;
+char *argp;
+	{
+	pr_name("ex_cleanup");
+fprintf(stderr,"ex_cleanup %08X %s\n",obj,argp);
+	if (data != NULL)
+		SvREFCNT_dec((SV *)data);
+	}
+
+MODULE =  SSLeay        PACKAGE = SSLeay
+
+BOOT:
+	boot_bio();
+	boot_cipher();
+	boot_digest();
+	boot_err();
+	boot_ssl();
+	boot_SSLeay__BN();
+	boot_SSLeay__BIO();
+	boot_SSLeay__Cipher();
+	boot_SSLeay__MD();
+	boot_SSLeay__ERR();
+	boot_SSLeay__SSL();
+	boot_SSLeay__X509();
+
diff --git a/perl/SSLeay.pm b/perl/SSLeay.pm
new file mode 100644
index 0000000000..f7710039d2
--- /dev/null
+++ b/perl/SSLeay.pm
@@ -0,0 +1,78 @@
+package SSLeay;
+
+use Exporter;
+use DynaLoader;
+
+@ISA = qw(Exporter DynaLoader);
+@EXPORT = qw();
+
+$VERSION='0.82';
+$VERSION='0.82';
+bootstrap SSLeay;
+
+@SSLeay::BN::ISA=	qw(SSLeay::ERR);
+@SSLeay::MD::ISA=	qw(SSLeay::ERR);
+@SSLeay::Cipher::ISA=	qw(SSLeay::ERR);
+@SSLeay::SSL::CTX::ISA=	qw(SSLeay::ERR);
+@SSLeay::BIO::ISA=	qw(SSLeay::ERR);
+@SSLeay::SSL::ISA=	qw(SSLeay::ERR);
+
+@BN::ISA=	qw(SSLeay::BN);
+@MD::ISA=	qw(SSLeay::MD);
+@Cipher::ISA=	qw(SSLeay::Cipher);
+@SSL::ISA=	qw(SSLeay::SSL);
+@SSL::CTX::ISA=	qw(SSLeay::SSL::CTX);
+@BIO::ISA=	qw(SSLeay::BIO);
+
+
+@SSLeay::MD::names=qw(md2 md5 sha sha1 ripemd160 mdc2);
+
+@SSLeay::Cipher::names=qw(
+	des-ecb des-cfb des-ofb des-cbc
+	des-ede des-ede-cfb des-ede-ofb des-ede-cbc
+	des-ede3 des-ede3-cfb des-ede3-ofb des-ede3-cbc
+	desx-cbc rc4 rc4-40
+	idea-ecb idea-cfb idea-ofb idea-cbc
+	rc2-ecb rc2-cbc rc2-40-cbc rc2-cfb rc2-ofb
+	bf-ecb bf-cfb bf-ofb bf-cbc
+	cast5-ecb cast5-cfb cast5-ofb cast5-cbc
+	rc5-ecb rc5-cfb rc5-ofb rc5-cbc
+	);
+
+sub SSLeay::SSL::CTX::new_ssl { SSLeay::SSL::new($_[0]); }
+
+sub SSLeay::ERR::error
+	{
+	my($o)=@_;
+	my($s,$ret);
+
+	while (($s=$o->get_error()) != 0)
+		{
+		$ret.=$s."\n";
+		}
+	return($ret);
+	}
+
+@SSLeay::Cipher::aliases=qw(des desx des3 idea rc2 bf cast);
+
+package SSLeay::BN;
+
+sub bnfix { (ref($_[0]) ne "SSLeay::BN")?SSLeay::BN::dec2bn($_[0]):$_[0]; }
+use overload
+"="  => sub { dup($_[0]); },
+"+"  => sub { add($_[0],$_[1]); },
+"-"  => sub {	($_[1],$_[0])=($_[0],$_[1]) if $_[2];
+		SSLeay::BN::sub($_[0],$_[1]); },
+"*"  => sub { mul($_[0],$_[1]); },
+"/"  => sub {  ($_[1],$_[0])=($_[0],$_[1]) if $_[2]; (div($_[0],$_[1]))[0]; },
+"%"  => sub {  ($_[1],$_[0])=($_[0],$_[1]) if $_[2]; mod($_[0],$_[1]); },
+"**" => sub { ($_[1],$_[0])=($_[0],$_[1]) if $_[2]; exp($_[0],$_[1]); },
+"<<" => sub { lshift($_[0],$_[1]); },
+">>" => sub { rshift($_[0],$_[1]); },
+"<=>" => sub { SSLeay::BN::cmp($_[0],$_[1]); },
+'""' => sub { bn2dec($_[0]); },
+'0+' => sub { dec2bn($_[0]); },
+"bool" => sub { ref($_[0]) eq "SSLeay::BN"; };
+
+sub SSLeay::BIO::do_accept { SSLeay::BIO::do_handshake(@_); }
+1;
diff --git a/perl/SSLeay.xs b/perl/SSLeay.xs
new file mode 100644
index 0000000000..582b5705aa
--- /dev/null
+++ b/perl/SSLeay.xs
@@ -0,0 +1,63 @@
+#include "p5SSLeay.h"
+
+SV *new_ref(type,obj,mort)
+char *type;
+char *obj;
+	{
+	SV *ret;
+
+	if (mort)
+		ret=sv_newmortal();
+	else
+		ret=newSViv(0);
+	sv_setref_pv(ret,type,(void *)obj);
+	return(ret);
+	}
+
+int ex_new(obj,data,ad,idx,argl,argp)
+char *obj;
+SV *data;
+CRYPTO_EX_DATA *ad;
+int idx;
+long argl;
+char *argp;
+	{
+	SV *sv;
+
+fprintf(stderr,"ex_new %08X %s\n",obj,argp);
+	sv=sv_newmortal();
+	sv_setref_pv(sv,argp,(void *)obj);
+	CRYPTO_set_ex_data(ad,idx,(char *)sv);
+	return(1);
+	}
+
+void ex_cleanup(obj,data,ad,idx,argl,argp)
+char *obj;
+SV *data;
+CRYPTO_EX_DATA *ad;
+int idx;
+long argl;
+char *argp;
+	{
+	pr_name("ex_cleanup");
+fprintf(stderr,"ex_cleanup %08X %s\n",obj,argp);
+	if (data != NULL)
+		SvREFCNT_dec((SV *)data);
+	}
+
+MODULE =  SSLeay        PACKAGE = SSLeay
+
+BOOT:
+	boot_bio();
+	boot_cipher();
+	boot_digest();
+	boot_err();
+	boot_ssl();
+	boot_SSLeay__BN();
+	boot_SSLeay__BIO();
+	boot_SSLeay__Cipher();
+	boot_SSLeay__MD();
+	boot_SSLeay__ERR();
+	boot_SSLeay__SSL();
+	boot_SSLeay__X509();
+
diff --git a/perl/b.pl b/perl/b.pl
new file mode 100644
index 0000000000..ac1e52de79
--- /dev/null
+++ b/perl/b.pl
@@ -0,0 +1,21 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$cmd=<<"EOF";
+
+EOF
+
+$conn="localhost:4433";
+$conn=$ARGV[0] if $#ARGV >= 0;
+print "X\n";
+$bio=BIO->new("connect");
+print "XX\n";
+$bio->set_callback(sub {print STDERR $_[0]->number_read."\n"; $_[$#_] });
+print "XXX\n";
+$bio->hostname($conn) || die $ssl->error();
+print "XXXX\n";
+
+#$ssl=BIO->new("ssl");
diff --git a/perl/bio.pl b/perl/bio.pl
new file mode 100644
index 0000000000..be27581c02
--- /dev/null
+++ b/perl/bio.pl
@@ -0,0 +1,28 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$cmd=<<"EOF";
+
+EOF
+
+$conn="localhost:4433";
+$conn=$ARGV[0] if $#ARGV >= 0;
+$bio=SSLeay::BIO::new("connect");
+$bio->set_callback(sub {print STDERR $_[0]->number_read."\n"; $_[$#_] });
+$bio->hostname($conn) || die $ssl->error();
+
+
+(($ret=$bio->do_handshake()) > 0) || die $bio->error();
+
+(($ret=$bio->syswrite($cmd)) > 0) || die $bio->error();
+
+while (1)
+	{
+	$ret=$bio->sysread($buf,10240);
+	last if ($ret <= 0);
+	print $buf;
+	}
+
diff --git a/perl/bio.txt b/perl/bio.txt
new file mode 100644
index 0000000000..5b46c9f5ee
--- /dev/null
+++ b/perl/bio.txt
@@ -0,0 +1,36 @@
+BIO::new(type)
+	"connect"
+	"accept"
+	"ssl"
+	"buffer"
+
+"connect"
+	BIO::hostname(name)	host:port to connect to
+
+"accept"
+	BIO::set_accept_port(port)	port to connect too.
+
+"connect", "accept", "ssl"
+	BIO::do_andshake	do protocol
+
+"ssl"
+	BIO::set_ssl(ssl)
+	BIO::get_ssl()
+
+BIO::push(bio)
+BIO::pop;			return BIO
+BIO::number_read()
+BIO::number_written()
+BIO::references()
+
+BIO::sysread(buf,len[,offset])
+BIO::syswrite(in[,len][,offset])
+BIO::getline()
+BIO::puts(in)
+BIO::flush()
+BIO::type()
+BIO::next_bio();
+BIO::set_callback(callback[, args])
+
+BIO::new_buffer_ssl_connect(SSL_CTX)
+BIO::new_ssl_connect(SSL_CTX)
diff --git a/perl/bio.xs b/perl/bio.xs
new file mode 100644
index 0000000000..3782d42062
--- /dev/null
+++ b/perl/bio.xs
@@ -0,0 +1,448 @@
+#include "p5SSLeay.h"
+
+static int p5_bio_ex_bio_ptr=0;
+static int p5_bio_ex_bio_callback=0;
+static int p5_bio_ex_bio_callback_data=0;
+
+static long p5_bio_callback(bio,state,parg,cmd,larg,ret)
+BIO *bio;
+int state;
+char *parg;
+int cmd;
+long larg;
+int ret;
+	{
+	int i;
+	SV *me,*cb;
+
+	me=(SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_ptr);
+	cb=(SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_callback);
+	if (cb != NULL)
+		{
+		dSP;
+
+		ENTER ;
+		SAVETMPS;
+
+		PUSHMARK(sp);
+		XPUSHs(me);
+		XPUSHs(sv_2mortal(newSViv(state)));
+		XPUSHs(sv_2mortal(newSViv(cmd)));
+		if ((state == BIO_CB_READ) || (state == BIO_CB_WRITE))
+			{
+			XPUSHs(sv_2mortal(newSVpv(parg,larg)));
+			}
+		else
+			XPUSHs(&sv_undef);
+		/* ptr one */
+		XPUSHs(sv_2mortal(newSViv(larg)));
+		XPUSHs(sv_2mortal(newSViv(ret)));
+		PUTBACK;
+
+		i=perl_call_sv(cb,G_SCALAR);
+
+		SPAGAIN;
+		if (i == 1)
+			ret=POPi;
+		else
+			ret=1;
+		PUTBACK;
+		FREETMPS;
+		LEAVE;
+		}
+	else
+		{
+		croak("Internal error in SSL p5_ssl_info_callback");
+		}
+	return(ret);
+	}
+
+int boot_bio()
+	{
+	p5_bio_ex_bio_ptr=
+		BIO_get_ex_new_index(0,"SSLeay::BIO",ex_new,NULL,ex_cleanup);
+	p5_bio_ex_bio_callback=	
+		BIO_get_ex_new_index(0,"bio_callback",NULL,NULL,
+			ex_cleanup);
+	p5_bio_ex_bio_callback_data=
+		BIO_get_ex_new_index(0,"bio_callback_data",NULL,NULL,
+			ex_cleanup);
+	return(1);
+	}
+
+MODULE =  SSLeay::BIO	PACKAGE = SSLeay::BIO PREFIX = p5_BIO_
+
+VERSIONCHECK: DISABLE
+
+void
+p5_BIO_new_buffer_ssl_connect(...)
+	PREINIT:
+		SSL_CTX *ctx;
+		BIO *bio;
+		SV *arg;
+	PPCODE:
+		if (items == 1)
+			arg=ST(0);
+		else if (items == 2)
+			arg=ST(1);
+		else
+			arg=NULL;
+
+		if ((arg == NULL) || !(sv_derived_from(arg,"SSLeay::SSL::CTX")))
+			croak("Usage: SSLeay::BIO::new_buffer_ssl_connect(SSL_CTX)");
+		else
+			{
+			IV tmp=SvIV((SV *)SvRV(arg));
+			ctx=(SSL_CTX *)tmp;
+			}
+		EXTEND(sp,1);
+		bio=BIO_new_buffer_ssl_connect(ctx);
+		arg=new_ref("SSLeay::BIO",(char *)bio,0);
+		PUSHs(arg);
+		BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg);
+
+void
+p5_BIO_new_ssl_connect(...)
+	PREINIT:
+		SSL_CTX *ctx;
+		BIO *bio;
+		SV *arg;
+	PPCODE:
+		if (items == 1)
+			arg=ST(0);
+		else if (items == 2)
+			arg=ST(1);
+		else
+			arg=NULL;
+
+		if ((arg == NULL) || !(sv_derived_from(arg,"SSLeay::SSL::CTX")))
+			croak("Usage: SSLeay::BIO::new_ssl_connect(SSL_CTX)");
+		else
+			{
+			IV tmp=SvIV((SV *)SvRV(arg));
+			ctx=(SSL_CTX *)tmp;
+			}
+		EXTEND(sp,1);
+		bio=BIO_new_ssl_connect(ctx);
+		arg=new_ref("SSLeay::BIO",(char *)bio,0);
+		PUSHs(arg);
+		BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg);
+
+void
+p5_BIO_new(...)
+	PREINIT:
+		BIO *bio;
+		char *type;
+		SV *arg;
+	PPCODE:
+		pr_name("p5_BIO_new");
+		if ((items == 1) && SvPOK(ST(0)))
+			type=SvPV(ST(0),na);
+		else if ((items == 2) && SvPOK(ST(1)))
+			type=SvPV(ST(1),na);
+		else
+			croak("Usage: SSLeay::BIO::new(type)");
+
+		EXTEND(sp,1);
+		if (strcmp(type,"connect") == 0)
+			bio=BIO_new(BIO_s_connect());
+		else if (strcmp(type,"accept") == 0)
+			bio=BIO_new(BIO_s_accept());
+		else if (strcmp(type,"ssl") == 0)
+			bio=BIO_new(BIO_f_ssl());
+		else if (strcmp(type,"buffer") == 0)
+			bio=BIO_new(BIO_f_buffer());
+		else
+			croak("unknown BIO type");
+		arg=new_ref("SSLeay::BIO",(char *)bio,0);
+		PUSHs(arg);
+		BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg);
+
+int
+p5_BIO_hostname(bio,name)
+	BIO *bio;
+	char *name;
+	CODE:
+		RETVAL=BIO_set_hostname(bio,name);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BIO_set_accept_port(bio,str)
+	BIO *bio;
+	char *str;
+	CODE:
+		RETVAL=BIO_set_accept_port(bio,str);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BIO_do_handshake(bio)
+	BIO *bio;
+	CODE:
+		RETVAL=BIO_do_handshake(bio);
+	OUTPUT:
+		RETVAL
+
+BIO *
+p5_BIO_push(b,bio)
+	BIO *b;
+	BIO *bio;
+	CODE:
+		/* This reference will be reduced when the reference is
+		 * let go, and then when the BIO_free_all() is called
+		 * inside the SSLeay library by the BIO with this
+		 * pushed into */
+		bio->references++;
+		RETVAL=BIO_push(b,bio);
+	OUTPUT:
+		RETVAL
+
+void
+p5_BIO_pop(b)
+	BIO *b
+	PREINIT:
+		BIO *bio;
+		char *type;
+		SV *arg;
+	PPCODE:
+		bio=BIO_pop(b);
+		if (bio != NULL)
+			{
+			/* This BIO will either be one created in the
+			 * perl library, in which case it will have a perl
+			 * SV, otherwise it will have been created internally,
+			 * inside SSLeay.  For the 'pushed in', it needs
+			 * the reference count decememted. */
+			arg=(SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_ptr);
+			if (arg == NULL)
+				{
+				arg=new_ref("SSLeay::BIO",(char *)bio,0);
+				PUSHs(arg);
+				BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg);
+				}
+			else
+				{
+				/* it was pushed in */
+				SvREFCNT_inc(arg);
+				PUSHs(arg);
+				if (bio->references < 1)
+					abort();
+				/* decrement the reference count */
+				BIO_free(bio);
+				}
+			}
+
+int
+p5_BIO_sysread(bio,in,num, ...)
+	BIO *bio;
+	SV *in;
+	int num;
+	PREINIT:
+		int i,n,olen;
+		int offset;
+		char *p;
+	CODE:
+		offset=0;
+		if (!SvPOK(in))
+			sv_setpvn(in,"",0);
+		SvPV(in,olen);
+		if (items > 3)
+			{
+			offset=SvIV(ST(3));
+			if (offset < 0)
+				{
+				if (-offset > olen)
+					croad("Offset outside string");
+				offset+=olen;
+				}
+			}
+		if ((num+offset) > olen)
+			{
+			SvGROW(in,num+offset+1);
+			p=SvPV(in,i);
+			memset(&(p[olen]),0,(num+offset)-olen+1);
+			}
+		p=SvPV(in,n);
+
+		i=BIO_read(bio,p+offset,num);
+		RETVAL=i;
+		if (i <= 0) i=0;
+		SvCUR_set(in,offset+i);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BIO_syswrite(bio,in, ...)
+	BIO *bio;
+	SV *in;
+	PREINIT:
+		char *ptr;
+		int len,in_len;
+		int offset=0;
+		int n;
+	CODE:
+		ptr=SvPV(in,in_len);
+		if (items > 2)
+			{
+			len=SvOK(ST(2))?SvIV(ST(2)):in_len;
+			if (items > 3)
+				{
+				offset=SvIV(ST(3));
+				if (offset < 0)
+					{
+					if (-offset > in_len)
+						croak("Offset outside string");
+					offset+=in_len;
+					}
+				else if ((offset >= in_len) && (in_len > 0))
+					croak("Offset outside string");
+				}
+			if (len >= (in_len-offset))
+				len=in_len-offset;
+			}
+		else
+			len=in_len;
+
+		RETVAL=BIO_write(bio,ptr+offset,len);
+	OUTPUT:
+		RETVAL
+
+void
+p5_BIO_getline(bio)
+	BIO *bio;
+	PREINIT:
+		int i;
+		char *p;
+	PPCODE:
+		pr_name("p5_BIO_gets");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		sv_setpvn(ST(0),"",0);
+		SvGROW(ST(0),1024);
+		p=SvPV(ST(0),na);
+		i=BIO_gets(bio,p,1024);
+		if (i < 0) i=0;
+		SvCUR_set(ST(0),i);
+
+int
+p5_BIO_flush(bio)
+	BIO *bio;
+	CODE:
+		RETVAL=BIO_flush(bio);
+	OUTPUT:
+		RETVAL
+
+char *
+p5_BIO_type(bio)
+	BIO *bio;
+	CODE:
+		RETVAL=bio->method->name;
+	OUTPUT:
+		RETVAL
+
+void
+p5_BIO_next_bio(b)
+	BIO *b
+	PREINIT:
+		BIO *bio;
+		char *type;
+		SV *arg;
+	PPCODE:
+		bio=b->next_bio;
+		if (bio != NULL)
+			{
+			arg=(SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_ptr);
+			if (arg == NULL)
+				{
+				arg=new_ref("SSLeay::BIO",(char *)bio,0);
+				PUSHs(arg);
+				BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg);
+				}
+			else
+				{
+				SvREFCNT_inc(arg);
+				PUSHs(arg);
+				}
+			}
+
+int
+p5_BIO_puts(bio,in)
+	BIO *bio;
+	SV *in;
+	PREINIT:
+		char *ptr;
+	CODE:
+		ptr=SvPV(in,na);
+		RETVAL=BIO_puts(bio,ptr);
+	OUTPUT:
+		RETVAL
+
+void
+p5_BIO_set_callback(bio,cb,...)
+	BIO *bio;
+	SV *cb;
+	PREINIT:
+		SV *arg=NULL;
+		SV *arg2=NULL;
+	CODE:
+		if (items > 3)
+			croak("Usage: SSLeay::BIO::set_callback(bio,callback[,arg]");
+		if (items == 3)
+			{
+			arg2=sv_mortalcopy(ST(2));
+			SvREFCNT_inc(arg2);
+			BIO_set_ex_data(bio,p5_bio_ex_bio_callback_data,
+				(char *)arg2);
+			}
+		arg=sv_mortalcopy(ST(1));
+		SvREFCNT_inc(arg);
+		BIO_set_ex_data(bio,p5_bio_ex_bio_callback,(char *)arg);
+		BIO_set_callback(bio,p5_bio_callback);
+
+void
+p5_BIO_DESTROY(bio)
+	BIO *bio
+	PREINIT:
+		SV *sv;
+	PPCODE:
+		pr_name_d("p5_BIO_DESTROY",bio->references);
+		printf("p5_BIO_DESTROY <%s> %d\n",bio->method->name,bio->references);
+		BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,NULL);
+		BIO_free_all(bio);
+
+int
+p5_BIO_set_ssl(bio,ssl)
+	BIO *bio;
+	SSL *ssl;
+	CODE:
+		pr_name("p5_BIO_set_ssl");
+		ssl->references++;
+		RETVAL=BIO_set_ssl(bio,ssl,BIO_CLOSE);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BIO_number_read(bio)
+	BIO *bio;
+	CODE:
+		RETVAL=BIO_number_read(bio);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BIO_number_written(bio)
+	BIO *bio;
+	CODE:
+		RETVAL=BIO_number_written(bio);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BIO_references(bio)
+	BIO *bio;
+	CODE:
+		RETVAL=bio->references;	
+	OUTPUT:
+		RETVAL
+
diff --git a/perl/bn.pl b/perl/bn.pl
new file mode 100644
index 0000000000..388e19c6de
--- /dev/null
+++ b/perl/bn.pl
@@ -0,0 +1,23 @@
+#!/usr/local/bin/perl
+use ExtUtils::testlib;
+use SSLeay;
+
+$message=SSLeay::BN::new();
+$e=SSLeay::BN::new();
+$mod=SSLeay::BN::new();
+
+$mod=SSLeay::BN::dec2bn("114381625757888867669235779976146612010218296721242362562561842935706935245733897830597123563958705058989075147599290026879543541");
+$e=5;
+$d=SSLeay::BN::dec2bn("45752650303155547067694311990458644804087318688496945025024737159778909096647814932594914301288138204957467016445183857236173773");
+
+$message=SSLeay::BN::bin2bn("The magic words are squeamish ossifrage");
+
+
+	$cipher_text=	$message->mod_exp($e,$mod);
+print $mod."\n";
+print $mod->num_bits()."\n";
+for (1 .. 1000)
+	{
+	$clear=		$cipher_text->mod_exp($d,$mod);
+	}
+print $clear->bn2bin()."\n";
diff --git a/perl/bn.txt b/perl/bn.txt
new file mode 100644
index 0000000000..784e761558
--- /dev/null
+++ b/perl/bn.txt
@@ -0,0 +1,38 @@
+BN->new()
+BN->dup(a)
+BN->rand(bits[,top][,bottom])
+
+BN->hex2bn(a)
+BN->bn2hex(a)
+BN->dec2bn(a)
+BN->bn2dec(a)
+BN->bin2bn(a)
+BN->bn2bin(a)
+BN->mpi2bn(a)
+BN->bn2mpi(a)
+
+BN->add(a,b)
+BN->sub(a,b)
+BN->mul(a,b)
+(div,mod)=BN->div(a,b)
+BN->mod(a,b)
+BN->exp(a,p)
+BN->mod_mul(a,b,c)
+BN->mod_exp(a,b,c)
+
+BN->is_prime(p,num)
+BN->generate_prime(bits,strong,callback)
+
+BN->num_bits(a)
+BN->cmp(a,b)
+BN->ucmp(a,b)
+BN->is_bit_set(a,pos)
+BN->set_bit(a,pos)
+BN->clear_bit(a,pos)
+BN->lshift(a,num)
+BN->rshift(a,num)
+BN->mask_bits(a,pos)
+BN->clear(a)
+BN->gcd(a,b)
+BN->mod_inverse(a,mod)
+
diff --git a/perl/bn.xs b/perl/bn.xs
new file mode 100644
index 0000000000..c15be3729a
--- /dev/null
+++ b/perl/bn.xs
@@ -0,0 +1,589 @@
+#include "p5SSLeay.h"
+
+int sv_to_BIGNUM(var,arg,name)
+BIGNUM **var;
+SV *arg;
+char *name;
+	{
+	int ret=1;
+
+	if (sv_derived_from(arg,"SSLeay::BN"))
+		{
+		IV tmp = SvIV((SV*)SvRV(arg));
+		*var = (BIGNUM *) tmp;
+		}
+	else if (SvIOK(arg)) {
+		SV *tmp=sv_newmortal();
+		*var=BN_new();
+		BN_set_word(*var,SvIV(arg));
+		sv_setref_pv(tmp,"SSLeay::BN",(void*)*var);
+		}
+	else if (SvPOK(arg)) {
+		char *ptr;
+		STRLEN len;
+		SV *tmp=sv_newmortal();
+		*var=BN_new();
+		sv_setref_pv(tmp,"SSLeay::BN", (void*)*var);
+		ptr=SvPV(arg,len);
+		SvGROW(arg,len+1);
+		ptr[len]='\0';
+		BN_dec2bn(var,ptr);
+		}
+	else
+		{
+		croak(name);
+		ret=0;
+		}
+	return(ret);
+	}
+
+typedef struct gpc_args_st {
+	SV *cb;
+	SV *arg;
+	} GPC_ARGS;
+
+static void generate_prime_callback(pos,num,arg)
+int pos;
+int num;
+char *arg;
+	{
+	dSP ;
+	int i;
+	GPC_ARGS *a=(GPC_ARGS *)arg;
+
+	ENTER ;
+	SAVETMPS ;
+
+	PUSHMARK(sp);
+	XPUSHs(sv_2mortal(newSViv(pos)));
+	XPUSHs(sv_2mortal(newSViv(num)));
+	XPUSHs(sv_2mortal(newSVsv(a->arg)));
+	PUTBACK;
+
+	i=perl_call_sv(a->cb,G_DISCARD);
+
+	SPAGAIN;
+
+	PUTBACK;
+	FREETMPS;
+	LEAVE;
+	}
+
+MODULE =  SSLeay::BN	PACKAGE = SSLeay::BN	PREFIX = p5_BN_
+
+VERSIONCHECK: DISABLE
+
+void
+p5_BN_new(...)
+	PREINIT:
+		BIGNUM *bn;
+		SV *arg;
+	PPCODE:
+		pr_name("p5_BN_new");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		bn=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)bn);
+
+void
+p5_BN_dup(a)
+	BIGNUM *a;
+	PREINIT:
+		BIGNUM *bn;
+	PPCODE:
+		pr_name("p5_BN_dup");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		bn=BN_dup(a);
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)bn);
+
+void
+p5_BN_rand(bits,...)
+	int bits;
+	PREINIT:
+		int top=1;
+		int bottom=0;
+		BIGNUM *ret;
+	PPCODE:	
+		pr_name("p5_BN_rand");
+		if ((items < 1) || (items > 3))
+			croak("Usage: SSLeay::BN::rand(bits[,top_bit][,bottombit]");
+		if (items >= 2) top=(int)SvIV(ST(0));
+		if (items >= 3) bottom=(int)SvIV(ST(1));
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		BN_rand(ret,bits,top,bottom);
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+
+void
+p5_BN_bin2bn(a)
+	datum a;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_bin2bn");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_bin2bn(a.dptr,a.dsize,NULL);
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+
+void
+p5_BN_bn2bin(a)
+	BIGNUM *a;
+	PREINIT:
+		int i;
+	PPCODE:
+		pr_name("p5_BN_bn2bin");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		i=BN_num_bytes(a)+2;
+		sv_setpvn(ST(0),"",1);
+		SvGROW(ST(0),i+1);
+		SvCUR_set(ST(0),BN_bn2bin(a,SvPV(ST(0),na)));
+
+void
+p5_BN_mpi2bn(a)
+	datum a;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_mpi2bn");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_mpi2bn(a.dptr,a.dsize,NULL);
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+
+void
+p5_BN_bn2mpi(a)
+	BIGNUM *a;
+	PREINIT:
+		int i;
+	PPCODE:
+		pr_name("p5_BN_bn2mpi");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		i=BN_bn2mpi(a,NULL);
+		sv_setpvn(ST(0),"",1);
+		SvGROW(ST(0),i+1);
+		SvCUR_set(ST(0),BN_bn2mpi(a,SvPV(ST(0),na)));
+
+void
+p5_BN_hex2bn(a)
+	datum a;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_hex2bn");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_hex2bn(&ret,a.dptr);
+
+void
+p5_BN_dec2bn(a)
+	datum a;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_dec2bn");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_dec2bn(&ret,a.dptr);
+
+SV *
+p5_BN_bn2hex(a)
+	BIGNUM *a;
+	PREINIT:
+		char *ptr;
+		int i;
+	CODE:
+		pr_name("p5_BN_bn2hex");
+		ptr=BN_bn2hex(a);
+		RETVAL=newSVpv("",0);
+		i=strlen(ptr);
+		SvGROW(RETVAL,i+1);
+		memcpy(SvPV(RETVAL,na),ptr,i+1);
+		SvCUR_set(RETVAL,i);
+		Free(ptr);
+	OUTPUT:
+		RETVAL
+
+SV *
+p5_BN_bn2dec(a)
+	BIGNUM *a;
+	PREINIT:
+		char *ptr;
+		int i;
+	CODE:
+		pr_name("p5_BN_bn2dec");
+		ptr=BN_bn2dec(a);
+		RETVAL=newSVpv("",0);
+		i=strlen(ptr);
+		SvGROW(RETVAL,i+1);
+		memcpy(SvPV(RETVAL,na),ptr,i+1);
+		SvCUR_set(RETVAL,i);
+		Free(ptr);
+	OUTPUT:
+		RETVAL
+
+void
+p5_BN_add(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_add");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_add(ret,a,b);
+
+void
+p5_BN_sub(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_sub");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_sub(ret,a,b);
+
+void
+p5_BN_mul(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_mul");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_mul(ret,a,b);
+
+void
+p5_BN_div(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	PREINIT:
+		static BN_CTX *ctx=NULL;
+		BIGNUM *div,*mod;
+	PPCODE:
+		pr_name("p5_BN_div");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		EXTEND(sp,2);
+		PUSHs(sv_newmortal());
+		PUSHs(sv_newmortal());
+		div=BN_new();
+		mod=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)div);
+		sv_setref_pv(ST(1), "SSLeay::BN", (void*)mod);
+		BN_div(div,mod,a,b,ctx);
+
+void
+p5_BN_mod(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	PREINIT:
+		static BN_CTX *ctx=NULL;
+		BIGNUM *rem;
+	PPCODE:
+		pr_name("p5_BN_mod");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		rem=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)rem);
+		BN_mod(rem,a,b,ctx);
+
+void
+p5_BN_exp(a,p)
+	BIGNUM *a;
+	BIGNUM *p;
+	PREINIT:
+		BIGNUM *ret;
+		static BN_CTX *ctx=NULL;
+	PPCODE:
+		pr_name("p5_BN_exp");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_exp(ret,a,p,ctx);
+
+void
+p5_BN_mod_mul(a,b,c)
+	BIGNUM *a;
+	BIGNUM *b;
+	BIGNUM *c;
+	PREINIT:
+		static BN_CTX *ctx=NULL;
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_mod_mul");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_mod_mul(ret,a,b,c,ctx);
+
+void
+p5_BN_mod_exp(a,b,c)
+	BIGNUM *a;
+	BIGNUM *b;
+	BIGNUM *c;
+	PREINIT:
+		static BN_CTX *ctx=NULL;
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_mod_exp");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_mod_exp(ret,a,b,c,ctx);
+
+void
+p5_BN_generate_prime(...)
+	PREINIT:
+		int bits=512;
+		int strong=0;
+		BIGNUM *ret=NULL;
+		SV *callback=NULL;
+		SV *cb_arg=NULL;
+		GPC_ARGS arg;
+		dSP;
+
+	PPCODE:
+		pr_name("p5_BN_generate_prime");
+		if ((items < 0) || (items > 4))
+			croak("Usage: SSLeay::BN::generate_prime(a[,strong][,callback][,cb_arg]");
+		if (items >= 1) bits=(int)SvIV(ST(0));
+		if (items >= 2) strong=(int)SvIV(ST(1));
+		if (items >= 3) callback=ST(2);
+		if (items == 4) cb_arg=ST(3);
+
+		if (callback == NULL)
+			ret=BN_generate_prime(bits,strong,NULL,NULL,NULL,NULL);
+		else
+			{
+			arg.cb=callback;
+			arg.arg=cb_arg;
+
+			ret=BN_generate_prime(bits,strong,NULL,NULL,
+				generate_prime_callback,(char *)&arg);
+			}
+
+		SPAGAIN;
+		sp-=items; /* a bit evil that I do this */
+
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+
+void
+p5_BN_is_prime(p,...)
+	BIGNUM *p;
+	PREINIT:
+	int nchecks=5,ret;
+	SV *callback=NULL;
+	SV *cb_arg=NULL;
+	GPC_ARGS arg;
+	dSP;
+	static BN_CTX *ctx=NULL;
+	PPCODE:
+		pr_name("p5_BN_is_prime");
+		if ((items < 1) || (items > 4))
+			croak("Usage: SSLeay::BN::is_prime(a[,ncheck][,callback][,callback_arg]");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		if (items >= 2) nchecks=(int)SvIV(ST(1));
+		if (items >= 3) callback=ST(2);
+		if (items >= 4) cb_arg=ST(3);
+		arg.arg=cb_arg; 
+		if (callback == NULL)
+			ret=BN_is_prime(p,nchecks,NULL,ctx,NULL);
+		else
+			{
+			arg.cb=callback;
+			arg.arg=cb_arg;
+			ret=BN_is_prime(p,nchecks,generate_prime_callback,
+				ctx,(char *)&arg);
+			}
+		SPAGAIN;
+		sp-=items; /* a bit evil */
+		PUSHs(sv_2mortal(newSViv(ret)));
+
+int
+p5_BN_num_bits(a)
+	BIGNUM *a;
+	CODE:
+		pr_name("p5_BN_num_bits");
+		RETVAL=BN_num_bits(a);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BN_cmp(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	CODE:
+		pr_name("p5_BN_cmp");
+		RETVAL=BN_cmp(a,b);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BN_ucmp(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	CODE:
+		pr_name("p5_BN_ucmp");
+		RETVAL=BN_ucmp(a,b);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BN_is_bit_set(a,b)
+	BIGNUM *a;
+	int b;
+	CODE:
+		pr_name("p5_BN_is_bit_set");
+		RETVAL=BN_is_bit_set(a,b);
+	OUTPUT:
+		RETVAL
+
+void
+p5_BN_set_bit(a,b)
+	BIGNUM *a;
+	int b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_set_bit");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_dup(a);
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_set_bit(ret,b);
+
+void
+p5_BN_clear_bit(a,b)
+	BIGNUM *a;
+	int b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_clear_bit");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_dup(a);
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_clear_bit(ret,b);
+
+void
+p5_BN_lshift(a,b)
+	BIGNUM *a;
+	int b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_lshift");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		if (b == 1)
+			BN_lshift1(ret,a);
+		else
+			BN_lshift(ret,a,b);
+
+void
+p5_BN_rshift(a,b)
+	BIGNUM *a;
+	int b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_rshift");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		if (b == 1)
+			BN_rshift1(ret,a);
+		else
+			BN_rshift(ret,a,b);
+
+void
+p5_BN_mask_bits(a,b)
+	BIGNUM *a;
+	int b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_mask_bits");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_dup(a);
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_mask_bits(ret,b);
+
+void
+p5_BN_clear(a)
+	BIGNUM *a;
+	PPCODE:
+		pr_name("p5_BN_clear");
+		BN_clear(a);
+
+void
+p5_BN_gcd(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	PREINIT:
+		static BN_CTX *ctx=NULL;
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_gcd");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_gcd(ret,a,b,ctx);
+
+void
+p5_BN_mod_inverse(a,mod)
+	BIGNUM *a;
+	BIGNUM *mod;
+	PREINIT:
+		static BN_CTX *ctx=NULL;
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_mod_inverse");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		ret=BN_mod_inverse(a,mod,ctx);
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+
+void
+p5_BN_DESTROY(bn)
+	BIGNUM *bn
+	CODE:
+	pr_name("p5_BN_DESTROY");
+	BN_free(bn);
+
diff --git a/perl/callback.c b/perl/callback.c
new file mode 100644
index 0000000000..01840abc85
--- /dev/null
+++ b/perl/callback.c
@@ -0,0 +1,103 @@
+/* perl/callback.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+SV *new_ref(type,obj,mort)
+char *type;
+char *obj;
+	{
+	SV *ret;
+
+	if (mort)
+		ret=sv_newmortal();
+	else
+		ret=newSViv(0);
+	sv_setref_pv(ret,type,(void *)obj);
+	return(ret);
+	}
+
+int ex_new(obj,data,ad,idx,argl,argp)
+char *obj;
+SV *data;
+CRYPTO_EX_DATA *ad;
+int idx;
+long argl;
+char *argp;
+	{
+	SV *sv;
+
+fprintf(stderr,"ex_new %08X %s\n",obj,argp);
+	sv=sv_newmortal();
+	sv_setref_pv(sv,argp,(void *)obj);
+	CRYPTO_set_ex_data(ad,idx,(char *)sv);
+	return(1);
+	}
+
+void ex_cleanup(obj,data,ad,idx,argl,argp)
+char *obj;
+SV *data;
+CRYPTO_EX_DATA *ad;
+int idx;
+long argl;
+char *argp;
+	{
+	pr_name("ex_cleanup");
+fprintf(stderr,"ex_cleanup %08X %s\n",obj,argp);
+	if (data != NULL)
+		SvREFCNT_dec((SV *)data);
+	}
+
diff --git a/perl/cipher.pl b/perl/cipher.pl
new file mode 100644
index 0000000000..efc712fdf5
--- /dev/null
+++ b/perl/cipher.pl
@@ -0,0 +1,39 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$md=SSLeay::MD::new("md5");
+
+foreach (@SSLeay::Cipher::names)
+	{
+	($c=SSLeay::Cipher::new($_)) ||
+		die "'$_' is an unknown cipher algorithm\n";
+
+
+	$data="012345678abcdefghijklmnopqrstuvwxyz";
+	$c->init("01234567abcdefghABCDEFGH","zyxwvut",1);
+
+	$in =$c->update(substr($data, 0, 5));
+	$in.=$c->update(substr($data, 5,10));
+	$in.=$c->update(substr($data,15,1));
+	$in.=$c->update(substr($data,16));
+
+	$in.=$c->final();
+
+	$c->init("01234567abcdefghABCDEFGH","zyxwvut",0);
+	$out=$c->update($in);
+	$out.=$c->final();
+
+	($out eq $data) || die "decrypt for $_ failed:$!\n";
+
+	$md->init();
+	$md->update($in);
+	$digest=$md->final();
+
+	print unpack("H*",$digest);
+	printf " %2d %2d %2d %s\n", $c->key_length(), $c->iv_length(),
+		$c->block_size(), $c->name();
+	}
+
diff --git a/perl/cipher.txt b/perl/cipher.txt
new file mode 100644
index 0000000000..c47952b5c9
--- /dev/null
+++ b/perl/cipher.txt
@@ -0,0 +1,10 @@
+Cipher::new(name) "des-cbc" etc
+Cipher::name()
+Cipher::key_length()
+Cipher::iv_length()
+Cipher::block_size()
+
+Cipher::init(key,iv,enc)
+Cipher::update(in)
+Cipher::final()
+Cipher::cipher(in)
diff --git a/perl/cipher.xs b/perl/cipher.xs
new file mode 100644
index 0000000000..1044d7a4ef
--- /dev/null
+++ b/perl/cipher.xs
@@ -0,0 +1,152 @@
+#include "p5SSLeay.h"
+
+int boot_cipher()
+	{
+        SSLeay_add_all_ciphers();
+	return(1);
+	}
+
+MODULE =  SSLeay::Cipher	PACKAGE = SSLeay::Cipher PREFIX = p5_EVP_C_
+
+VERSIONCHECK: DISABLE
+
+void
+p5_EVP_C_new(...)
+	PREINIT:
+		EVP_CIPHER_CTX *ctx;
+		EVP_CIPHER *c;
+		char *name;
+	PPCODE:
+		if ((items == 1) && SvPOK(ST(0)))
+			name=SvPV(ST(0),na);
+		else if ((items == 2) && SvPOK(ST(1)))
+			name=SvPV(ST(1),na);
+		else
+			croak("Usage: SSLeay::Cipher::new(type)");
+		PUSHs(sv_newmortal());
+		c=EVP_get_cipherbyname(name);
+		if (c != NULL)
+			{
+			ctx=malloc(sizeof(EVP_CIPHER_CTX));
+			EVP_EncryptInit(ctx,c,NULL,NULL);
+			sv_setref_pv(ST(0), "SSLeay::Cipher", (void*)ctx);
+			}
+
+datum
+p5_EVP_C_name(ctx)
+	EVP_CIPHER_CTX *ctx
+	CODE:
+		RETVAL.dptr=OBJ_nid2ln(EVP_CIPHER_CTX_nid(ctx));
+		RETVAL.dsize=strlen(RETVAL.dptr);
+	OUTPUT:
+		RETVAL
+
+int
+p5_EVP_C_key_length(ctx)
+	EVP_CIPHER_CTX *ctx
+	CODE:
+		RETVAL=EVP_CIPHER_CTX_key_length(ctx);
+	OUTPUT:
+		RETVAL
+
+int
+p5_EVP_C_iv_length(ctx)
+	EVP_CIPHER_CTX *ctx
+	CODE:
+		RETVAL=EVP_CIPHER_CTX_iv_length(ctx);
+	OUTPUT:
+		RETVAL
+	
+int
+p5_EVP_C_block_size(ctx)
+	EVP_CIPHER_CTX *ctx
+	CODE:
+		RETVAL=EVP_CIPHER_CTX_block_size(ctx);
+	OUTPUT:
+		RETVAL
+	
+void
+p5_EVP_C_init(ctx,key,iv,enc)
+	EVP_CIPHER_CTX *ctx
+	datum key
+	datum iv
+	int enc
+	PREINIT:
+		char loc_iv[EVP_MAX_IV_LENGTH];
+		char loc_key[EVP_MAX_KEY_LENGTH];
+		char *ip=loc_iv,*kp=loc_key;
+		int i;
+		memset(loc_iv,0,EVP_MAX_IV_LENGTH);
+		memset(loc_key,0,EVP_MAX_KEY_LENGTH);
+	CODE:
+		i=key.dsize;
+		if (key.dsize > EVP_CIPHER_CTX_key_length(ctx))
+			i=EVP_CIPHER_CTX_key_length(ctx);
+		if (i > 0)
+			{
+			memset(kp,0,EVP_MAX_KEY_LENGTH);
+			memcpy(kp,key.dptr,i);
+			}
+		else
+			kp=NULL;
+		i=iv.dsize;
+		if (iv.dsize > EVP_CIPHER_CTX_iv_length(ctx))
+			i=EVP_CIPHER_CTX_iv_length(ctx);
+		if (i > 0)
+			{
+			memcpy(ip,iv.dptr,i);
+			memset(ip,0,EVP_MAX_IV_LENGTH);
+			}
+		else
+			ip=NULL;
+		EVP_CipherInit(ctx,EVP_CIPHER_CTX_cipher(ctx),kp,ip,enc);
+		memset(loc_key,0,sizeof(loc_key));
+		memset(loc_iv,0,sizeof(loc_iv));
+
+SV *
+p5_EVP_C_cipher(ctx,in)
+	EVP_CIPHER_CTX *ctx;
+	datum in;
+	CODE:
+		RETVAL=newSVpv("",0);
+		SvGROW(RETVAL,in.dsize+EVP_CIPHER_CTX_block_size(ctx)+1);
+		EVP_Cipher(ctx,SvPV(RETVAL,na),in.dptr,in.dsize);
+		SvCUR_set(RETVAL,in.dsize);
+	OUTPUT:
+		RETVAL
+
+SV *
+p5_EVP_C_update(ctx, in)
+	EVP_CIPHER_CTX *ctx
+	datum in
+	PREINIT:
+	int i;
+	CODE:
+		RETVAL=newSVpv("",0);
+		SvGROW(RETVAL,in.dsize+EVP_CIPHER_CTX_block_size(ctx)+1);
+		EVP_CipherUpdate(ctx,SvPV(RETVAL,na),&i,in.dptr,in.dsize);
+		SvCUR_set(RETVAL,i);
+	OUTPUT:
+		RETVAL
+
+SV *
+p5_EVP_C_final(ctx)
+	EVP_CIPHER_CTX *ctx
+	PREINIT:
+	int i;
+	CODE:
+		RETVAL=newSVpv("",0);
+		SvGROW(RETVAL,EVP_CIPHER_CTX_block_size(ctx)+1);
+		if (!EVP_CipherFinal(ctx,SvPV(RETVAL,na),&i))
+			sv_setpv(RETVAL,"BAD DECODE");
+		else
+			SvCUR_set(RETVAL,i);
+	OUTPUT:
+		RETVAL
+
+void
+p5_EVP_C_DESTROY(ctx)
+	EVP_CIPHER_CTX *ctx
+	CODE:
+	free((char *)ctx);
+
diff --git a/perl/dh.pl b/perl/dh.pl
new file mode 100644
index 0000000000..61d2debe73
--- /dev/null
+++ b/perl/dh.pl
@@ -0,0 +1,40 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$g=SSLeay::BN::hex2bn("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"); 
+$p=SSLeay::BN::hex2bn("ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a63a3620ffffffffffffffff");
+$pub=SSLeay::BN::hex2bn("521b5b72d0a23f5f908eff62741b9c43ac65c47ad264a4f8d62d73dfab4938a6e019f81c28d64efd9b47c1b8188566c6184b6064cc42fac2778bd732678148c6cc7601bfe0ed18da76dd7bb976cd2ff0afc7b20f3f81171e2ea6534de061f929");
+$priv=SSLeay::BN::hex2bn("6e15c752af3f4cf6d7425164c451eeba760ec0651d12dc3b0ee5002a95af6191268ca47c0fbb3d836136eee795ae4af3a1adad5e04d0dbb04378cae0406ece23ca3b86839c0fd60064c1019c7d18be4dc0ec4be6c1e9ff6b0f5bd76373585503");
+$his=SSLeay::BN::hex2bn("d0fb51cd44a8578f55eb0822ede90f07504f4720d7367ff4bf76c27fedbce79d9204421ff7e86bd1dd02031bce4ceccd1d3e7c62679b6eb5fda8238fd4fe07bff573d552795f0d46f25753c688300fb9ed396792b59a49fdf89c8429124b668e");
+$sh=SSLeay::BN::hex2bn("66ec34b09bddf86147f6c6efd5ee4e6691e690eb0e90aceda16a742cad0abe531cb61d057aff362001ca19013215140ca2a1dd8966c78105bacbf2161f9cfbd58d351ff87923de77f9c56851037223d48272565416ee769e65a621cefb90b403");
+
+$g2=SSLeay::BN::hex2bn("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002");
+$p2=SSLeay::BN::hex2bn("ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a63a3620ffffffffffffffff");
+$pub2=SSLeay::BN::hex2bn("d0fb51cd44a8578f55eb0822ede90f07504f4720d7367ff4bf76c27fedbce79d9204421ff7e86bd1dd02031bce4ceccd1d3e7c62679b6eb5fda8238fd4fe07bff573d552795f0d46f25753c688300fb9ed396792b59a49fdf89c8429124b668e");
+$priv2=SSLeay::BN::hex2bn("b81d54f52b687669fc8bd8087ac319accc2f94a2feafe09779f4a81e8e01f77290f5bbe84a08003afc4448145be427fad0b9d047889cf361c9dd378b15c1ebd5bda33e051fbd9eba8bf063e2bd836467cddb61f1db5c4b06bea5c9a77fb87b24");
+$his2=SSLeay::BN::hex2bn("521b5b72d0a23f5f908eff62741b9c43ac65c47ad264a4f8d62d73dfab4938a6e019f81c28d64efd9b47c1b8188566c6184b6064cc42fac2778bd732678148c6cc7601bfe0ed18da76dd7bb976cd2ff0afc7b20f3f81171e2ea6534de061f929");
+$sh2=SSLeay::BN::hex2bn("791faba7a6b592cb68a963945229483dc30f80f5cb295b2b5a59ef618a262d22de0845948a34db83d8bde260b940967ff85593a609e53ee6510aea09b776b4704d5e916917f384458d4790b6e0befcb1cb2f112b850e9ed410a091db80e1db2e");
+
+print "g=".$g->bn2hex."\n";
+print "p=".$p->bn2hex."\n";
+print "pub=".$pub->bn2hex."\n";
+print "priv=".$priv->bn2hex."\n";
+print "sh=".$sh->bn2hex."\n";
+
+print "new p - p2 = ".($p-$p2)."\n";
+
+$tmp=$g->mod_exp($priv,$p);
+print "XXXXXXXXXXXXXXXX\n";
+print "new pub - pub = ".($tmp-$pub)."\n";
+$tmp2=$g2->mod_exp($priv2,$p2);
+print "XXXXXXXXXXXXXXXX\n";
+
+print $p." pub\n";
+print $tmp2." calc pub\n";
+print $pub2." txt pub\n";
+
+
+
diff --git a/perl/digest.txt b/perl/digest.txt
new file mode 100644
index 0000000000..6cb3ffedb0
--- /dev/null
+++ b/perl/digest.txt
@@ -0,0 +1,7 @@
+MD::new(name) "md2", "md5" etc
+MD::name()
+MD::init()
+MD::update(in)
+MD::final()
+
+
diff --git a/perl/digest.xs b/perl/digest.xs
new file mode 100644
index 0000000000..5738b09e48
--- /dev/null
+++ b/perl/digest.xs
@@ -0,0 +1,83 @@
+#include "p5SSLeay.h"
+
+int boot_digest()
+	{
+	SSLeay_add_all_digests();
+	return(1);
+	}
+
+MODULE =  SSLeay::MD	PACKAGE = SSLeay::MD	PREFIX = p5_EVP_MD_
+
+PROTOTYPES: ENABLE
+VERSIONCHECK: DISABLE
+
+# SSLeay::MD::new(name) name= md2, md5, sha, sha1, or mdc2
+#	md->name() - returns the name
+#	md->init() - reinitalises the digest
+#	md->update(data) - adds more data to digest
+#	digest=md->final() - returns digest
+#
+
+void
+p5_EVP_MD_new(...)
+	PREINIT:
+		EVP_MD_CTX *ctx;
+		EVP_MD *md;
+		char *name;
+	PPCODE:
+		if ((items == 1) && SvPOK(ST(0)))
+			name=SvPV(ST(0),na);
+		else if ((items == 2) && SvPOK(ST(1)))
+			name=SvPV(ST(1),na);
+		else
+			croak("Usage: SSLeay::MD::new(type)");
+		PUSHs(sv_newmortal());
+		md=EVP_get_digestbyname(name);
+		if (md != NULL)
+			{
+			ctx=malloc(sizeof(EVP_MD_CTX));
+			EVP_DigestInit(ctx,md);
+			sv_setref_pv(ST(0), "SSLeay::MD", (void*)ctx);
+			}
+
+datum
+p5_EVP_MD_name(ctx)
+	EVP_MD_CTX *ctx
+	CODE:
+		RETVAL.dptr=OBJ_nid2ln(EVP_MD_type(EVP_MD_CTX_type(ctx)));
+		RETVAL.dsize=strlen(RETVAL.dptr);
+	OUTPUT:
+		RETVAL
+	
+void
+p5_EVP_MD_init(ctx)
+	EVP_MD_CTX *ctx
+	CODE:
+		EVP_DigestInit(ctx,EVP_MD_CTX_type(ctx));
+
+void
+p5_EVP_MD_update(ctx, in)
+	EVP_MD_CTX *ctx
+	datum in
+	CODE:
+		EVP_DigestUpdate(ctx,in.dptr,in.dsize);
+
+datum
+p5_EVP_MD_final(ctx)
+	EVP_MD_CTX *ctx
+	PREINIT:
+		char md[EVP_MAX_MD_SIZE];
+		int len;
+	CODE:
+		EVP_DigestFinal(ctx,md,&len);
+		RETVAL.dptr=md;
+		RETVAL.dsize=len;
+	OUTPUT:
+		RETVAL
+
+void
+p5_EVP_MD_DESTROY(ctx)
+	EVP_MD_CTX *ctx
+	CODE:
+	free((char *)ctx);
+
diff --git a/perl/err.txt b/perl/err.txt
new file mode 100644
index 0000000000..5e6cdaecdc
--- /dev/null
+++ b/perl/err.txt
@@ -0,0 +1,2 @@
+ERR::get_error()
+ERR::peek_error()
diff --git a/perl/err.xs b/perl/err.xs
new file mode 100644
index 0000000000..6d1aec3ea1
--- /dev/null
+++ b/perl/err.xs
@@ -0,0 +1,46 @@
+#include "p5SSLeay.h"
+
+int boot_err()
+	{
+	SSL_load_error_strings();
+	return(1);
+	}
+
+MODULE =  SSLeay::ERR	PACKAGE = SSLeay::ERR	PREFIX = p5_ERR_
+
+PROTOTYPES: ENABLE
+VERSIONCHECK: DISABLE
+
+#	md->error() - returns the last error in text or numeric context
+
+void
+p5_ERR_get_error(...)
+	PPCODE:
+		char buf[512];
+		unsigned long l;
+
+		pr_name("p5_ERR_get_code");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		l=ERR_get_error();
+		ERR_error_string(l,buf);
+		sv_setiv(ST(0),l);
+		sv_setpv(ST(0),buf);
+		SvIOK_on(ST(0));
+
+void
+p5_ERR_peek_error(...)
+	PPCODE:
+		char buf[512];
+		unsigned long l;
+
+		pr_name("p5_ERR_get_code");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		l=ERR_peek_error();
+		ERR_error_string(l,buf);
+		sv_setiv(ST(0),l);
+		sv_setpv(ST(0),buf);
+		SvIOK_on(ST(0));
+
+
diff --git a/perl/f.pl b/perl/f.pl
new file mode 100644
index 0000000000..a255931864
--- /dev/null
+++ b/perl/f.pl
@@ -0,0 +1,25 @@
+#!/usr/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$data=<>;
+
+#$b=SSLeay::BN::hex2bn($a);
+#$data=$b->bn2bin;
+
+#substr($data,0,8)="";
+#print $data;
+
+$md=SSLeay::MD::new("md5");
+$md->init();
+$md->update("test");
+$key=$md->final();
+
+$rc4=SSLeay::Cipher::new("rc4");
+$rc4->init($key,"",1);
+$out=$rc4->cipher($data);
+
+print $out;
+
diff --git a/perl/g.pl b/perl/g.pl
new file mode 100644
index 0000000000..80b1a422f8
--- /dev/null
+++ b/perl/g.pl
@@ -0,0 +1,18 @@
+#!/usr/local/bin/perl
+use ExtUtils::testlib;
+use SSLeay;
+
+$num=SSLeay::BN::new();
+$shift=SSLeay::BN::new();
+
+print "0\n";
+$num=SSLeay::BN::hex2bn("1234329378209857309429670349760347603497603496398");
+print "1\n";
+$s=SSLeay::BN::hex2bn("59");
+print "a\n";
+$r=$num->lshift(59);
+print "b";
+
+print $num->bn2hex."\n";
+print $s->bn2hex."\n";
+print $r->bn2hex."\n";
diff --git a/perl/gen_rsa.pl b/perl/gen_rsa.pl
new file mode 100644
index 0000000000..6acf043c2a
--- /dev/null
+++ b/perl/gen_rsa.pl
@@ -0,0 +1,49 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$bits=512;
+$bits=$ARGV[0] if $#ARGV >= 0;
+
+$p=SSLeay::BN::generate_prime($bits/2,0,sub {print STDERR $_[0]?"+":"."});
+print "\n";
+$q=SSLeay::BN::generate_prime($bits/2,0,sub {print STDERR $_[0]?"+":"."});
+print "\n";
+
+$e=SSLeay::BN::hex2bn("10001");
+
+$t1=$p-1;
+$t2=$q-1;
+
+($t1->gcd($e) == 1) || die "p failed the gcd test\n";
+($t2->gcd($e) == 1) || die "q failed the gcd test\n";
+
+($q,$p)=($p,$q) if ($p < $q);
+$n=$p*$q;
+$t=($p-1)*($q-1);
+($t->gcd($e) == 1) || die "t failed the gcd test\n";
+
+$d=$e->mod_inverse($t);
+
+$dmp1=$d%($p-1);
+$dmq1=$d%($q-1);
+$iqmp=$q->mod_inverse($p);
+
+print "n   =$n\n";
+print "e   =$e\n";
+print "d   =$d\n";
+print "dmp1=$dmp1\n";
+print "dmq1=$dmq1\n";
+print "iqmp=$iqmp\n";
+
+$a=SSLeay::BN::bin2bn("This is an RSA test");
+print "Test with\n'".$a->bn2bin."' or\n$a\n";
+
+$t1=$a->mod_exp($e,$n);
+print "$t1\n";
+$t2=$t1->mod_exp($d,$n);
+print "'".$t2->bn2bin."'\n";
+
+
diff --git a/perl/mul.pl b/perl/mul.pl
new file mode 100644
index 0000000000..611a760625
--- /dev/null
+++ b/perl/mul.pl
@@ -0,0 +1,56 @@
+#!/usr/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+
+sub mul
+	{
+	my($ab,$cd,$num)=@_;
+
+	if ($num <= 4096)
+		{
+		return($ab*$cd);
+		}
+	else
+		{
+		my($a,$b,$c,$d,$n,$ac,$bd,$m,$t1,$t2);
+
+		$n=$num/2;
+
+		$a=$ab->mask_bits($n);
+		$b=$ab->rshift($n);
+		$c=$cd->mask_bits($n);
+		$d=$cd->rshift($n);
+
+		$t1=($b-$a);
+		$t2=($c-$d);
+		$m= &mul($t1,$t2,$n);
+		$ac=&mul($a,$c,$n);
+		$bd=&mul($b,$d,$n);
+		$m=$m+$ac+$bd;
+		$m=$m->lshift($n);
+		$bd=$bd->lshift($num);
+
+		$r=$ac+$m+$bd;
+		return($r);
+		}
+	}
+
+$num=4096*32;
+$a=SSLeay::BN::rand($num);
+$b=SSLeay::BN::rand($num);
+
+#for (1 .. 10)
+	{
+	$r=&mul($a,$b,$num);
+	}
+
+#for (1 .. 10)
+	{
+	$rr=$a*$b;
+	}
+
+$res=$rr-$r;
+print $res->bn2hex()."\n";
diff --git a/perl/openssl.h b/perl/openssl.h
new file mode 100644
index 0000000000..bcccda7d5f
--- /dev/null
+++ b/perl/openssl.h
@@ -0,0 +1,96 @@
+/* perl/p5SSLeay.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#ifdef __cplusplus
+extern "C" {
+#endif
+#include "EXTERN.h"
+#include "perl.h"
+#include "XSUB.h"
+#ifdef __cplusplus
+}
+#endif
+
+typedef struct datum_st
+	{
+	char *dptr;
+	int dsize;
+	} datum;
+
+#include "crypto.h"
+#include "buffer.h"
+#include "bio.h"
+#include "evp.h"
+#include "err.h"
+#include "x509.h"
+#include "ssl.h"
+
+#if 0
+#define pr_name(name)		printf("%s\n",name)
+#define pr_name_d(name,p2)	printf("%s %d\n",name,p2)
+#define pr_name_dd(name,p2,p3)	printf("%s %d %d\n",name,p2,p3)
+#else
+#define pr_name(name)
+#define pr_name_d(name,p2)
+#define pr_name_dd(name,p2,p3)
+#endif
+
+SV *new_ref(char *type, char *obj, int mort);
+int ex_new(char *obj,SV *data,CRYPTO_EX_DATA *ad,int idx,long argl,char *argp);
+void ex_cleanup(char *obj,SV *data,CRYPTO_EX_DATA *ad,int idx,
+	long argl,char *argp);
+
diff --git a/perl/openssl_bio.xs b/perl/openssl_bio.xs
new file mode 100644
index 0000000000..3782d42062
--- /dev/null
+++ b/perl/openssl_bio.xs
@@ -0,0 +1,448 @@
+#include "p5SSLeay.h"
+
+static int p5_bio_ex_bio_ptr=0;
+static int p5_bio_ex_bio_callback=0;
+static int p5_bio_ex_bio_callback_data=0;
+
+static long p5_bio_callback(bio,state,parg,cmd,larg,ret)
+BIO *bio;
+int state;
+char *parg;
+int cmd;
+long larg;
+int ret;
+	{
+	int i;
+	SV *me,*cb;
+
+	me=(SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_ptr);
+	cb=(SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_callback);
+	if (cb != NULL)
+		{
+		dSP;
+
+		ENTER ;
+		SAVETMPS;
+
+		PUSHMARK(sp);
+		XPUSHs(me);
+		XPUSHs(sv_2mortal(newSViv(state)));
+		XPUSHs(sv_2mortal(newSViv(cmd)));
+		if ((state == BIO_CB_READ) || (state == BIO_CB_WRITE))
+			{
+			XPUSHs(sv_2mortal(newSVpv(parg,larg)));
+			}
+		else
+			XPUSHs(&sv_undef);
+		/* ptr one */
+		XPUSHs(sv_2mortal(newSViv(larg)));
+		XPUSHs(sv_2mortal(newSViv(ret)));
+		PUTBACK;
+
+		i=perl_call_sv(cb,G_SCALAR);
+
+		SPAGAIN;
+		if (i == 1)
+			ret=POPi;
+		else
+			ret=1;
+		PUTBACK;
+		FREETMPS;
+		LEAVE;
+		}
+	else
+		{
+		croak("Internal error in SSL p5_ssl_info_callback");
+		}
+	return(ret);
+	}
+
+int boot_bio()
+	{
+	p5_bio_ex_bio_ptr=
+		BIO_get_ex_new_index(0,"SSLeay::BIO",ex_new,NULL,ex_cleanup);
+	p5_bio_ex_bio_callback=	
+		BIO_get_ex_new_index(0,"bio_callback",NULL,NULL,
+			ex_cleanup);
+	p5_bio_ex_bio_callback_data=
+		BIO_get_ex_new_index(0,"bio_callback_data",NULL,NULL,
+			ex_cleanup);
+	return(1);
+	}
+
+MODULE =  SSLeay::BIO	PACKAGE = SSLeay::BIO PREFIX = p5_BIO_
+
+VERSIONCHECK: DISABLE
+
+void
+p5_BIO_new_buffer_ssl_connect(...)
+	PREINIT:
+		SSL_CTX *ctx;
+		BIO *bio;
+		SV *arg;
+	PPCODE:
+		if (items == 1)
+			arg=ST(0);
+		else if (items == 2)
+			arg=ST(1);
+		else
+			arg=NULL;
+
+		if ((arg == NULL) || !(sv_derived_from(arg,"SSLeay::SSL::CTX")))
+			croak("Usage: SSLeay::BIO::new_buffer_ssl_connect(SSL_CTX)");
+		else
+			{
+			IV tmp=SvIV((SV *)SvRV(arg));
+			ctx=(SSL_CTX *)tmp;
+			}
+		EXTEND(sp,1);
+		bio=BIO_new_buffer_ssl_connect(ctx);
+		arg=new_ref("SSLeay::BIO",(char *)bio,0);
+		PUSHs(arg);
+		BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg);
+
+void
+p5_BIO_new_ssl_connect(...)
+	PREINIT:
+		SSL_CTX *ctx;
+		BIO *bio;
+		SV *arg;
+	PPCODE:
+		if (items == 1)
+			arg=ST(0);
+		else if (items == 2)
+			arg=ST(1);
+		else
+			arg=NULL;
+
+		if ((arg == NULL) || !(sv_derived_from(arg,"SSLeay::SSL::CTX")))
+			croak("Usage: SSLeay::BIO::new_ssl_connect(SSL_CTX)");
+		else
+			{
+			IV tmp=SvIV((SV *)SvRV(arg));
+			ctx=(SSL_CTX *)tmp;
+			}
+		EXTEND(sp,1);
+		bio=BIO_new_ssl_connect(ctx);
+		arg=new_ref("SSLeay::BIO",(char *)bio,0);
+		PUSHs(arg);
+		BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg);
+
+void
+p5_BIO_new(...)
+	PREINIT:
+		BIO *bio;
+		char *type;
+		SV *arg;
+	PPCODE:
+		pr_name("p5_BIO_new");
+		if ((items == 1) && SvPOK(ST(0)))
+			type=SvPV(ST(0),na);
+		else if ((items == 2) && SvPOK(ST(1)))
+			type=SvPV(ST(1),na);
+		else
+			croak("Usage: SSLeay::BIO::new(type)");
+
+		EXTEND(sp,1);
+		if (strcmp(type,"connect") == 0)
+			bio=BIO_new(BIO_s_connect());
+		else if (strcmp(type,"accept") == 0)
+			bio=BIO_new(BIO_s_accept());
+		else if (strcmp(type,"ssl") == 0)
+			bio=BIO_new(BIO_f_ssl());
+		else if (strcmp(type,"buffer") == 0)
+			bio=BIO_new(BIO_f_buffer());
+		else
+			croak("unknown BIO type");
+		arg=new_ref("SSLeay::BIO",(char *)bio,0);
+		PUSHs(arg);
+		BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg);
+
+int
+p5_BIO_hostname(bio,name)
+	BIO *bio;
+	char *name;
+	CODE:
+		RETVAL=BIO_set_hostname(bio,name);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BIO_set_accept_port(bio,str)
+	BIO *bio;
+	char *str;
+	CODE:
+		RETVAL=BIO_set_accept_port(bio,str);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BIO_do_handshake(bio)
+	BIO *bio;
+	CODE:
+		RETVAL=BIO_do_handshake(bio);
+	OUTPUT:
+		RETVAL
+
+BIO *
+p5_BIO_push(b,bio)
+	BIO *b;
+	BIO *bio;
+	CODE:
+		/* This reference will be reduced when the reference is
+		 * let go, and then when the BIO_free_all() is called
+		 * inside the SSLeay library by the BIO with this
+		 * pushed into */
+		bio->references++;
+		RETVAL=BIO_push(b,bio);
+	OUTPUT:
+		RETVAL
+
+void
+p5_BIO_pop(b)
+	BIO *b
+	PREINIT:
+		BIO *bio;
+		char *type;
+		SV *arg;
+	PPCODE:
+		bio=BIO_pop(b);
+		if (bio != NULL)
+			{
+			/* This BIO will either be one created in the
+			 * perl library, in which case it will have a perl
+			 * SV, otherwise it will have been created internally,
+			 * inside SSLeay.  For the 'pushed in', it needs
+			 * the reference count decememted. */
+			arg=(SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_ptr);
+			if (arg == NULL)
+				{
+				arg=new_ref("SSLeay::BIO",(char *)bio,0);
+				PUSHs(arg);
+				BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg);
+				}
+			else
+				{
+				/* it was pushed in */
+				SvREFCNT_inc(arg);
+				PUSHs(arg);
+				if (bio->references < 1)
+					abort();
+				/* decrement the reference count */
+				BIO_free(bio);
+				}
+			}
+
+int
+p5_BIO_sysread(bio,in,num, ...)
+	BIO *bio;
+	SV *in;
+	int num;
+	PREINIT:
+		int i,n,olen;
+		int offset;
+		char *p;
+	CODE:
+		offset=0;
+		if (!SvPOK(in))
+			sv_setpvn(in,"",0);
+		SvPV(in,olen);
+		if (items > 3)
+			{
+			offset=SvIV(ST(3));
+			if (offset < 0)
+				{
+				if (-offset > olen)
+					croad("Offset outside string");
+				offset+=olen;
+				}
+			}
+		if ((num+offset) > olen)
+			{
+			SvGROW(in,num+offset+1);
+			p=SvPV(in,i);
+			memset(&(p[olen]),0,(num+offset)-olen+1);
+			}
+		p=SvPV(in,n);
+
+		i=BIO_read(bio,p+offset,num);
+		RETVAL=i;
+		if (i <= 0) i=0;
+		SvCUR_set(in,offset+i);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BIO_syswrite(bio,in, ...)
+	BIO *bio;
+	SV *in;
+	PREINIT:
+		char *ptr;
+		int len,in_len;
+		int offset=0;
+		int n;
+	CODE:
+		ptr=SvPV(in,in_len);
+		if (items > 2)
+			{
+			len=SvOK(ST(2))?SvIV(ST(2)):in_len;
+			if (items > 3)
+				{
+				offset=SvIV(ST(3));
+				if (offset < 0)
+					{
+					if (-offset > in_len)
+						croak("Offset outside string");
+					offset+=in_len;
+					}
+				else if ((offset >= in_len) && (in_len > 0))
+					croak("Offset outside string");
+				}
+			if (len >= (in_len-offset))
+				len=in_len-offset;
+			}
+		else
+			len=in_len;
+
+		RETVAL=BIO_write(bio,ptr+offset,len);
+	OUTPUT:
+		RETVAL
+
+void
+p5_BIO_getline(bio)
+	BIO *bio;
+	PREINIT:
+		int i;
+		char *p;
+	PPCODE:
+		pr_name("p5_BIO_gets");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		sv_setpvn(ST(0),"",0);
+		SvGROW(ST(0),1024);
+		p=SvPV(ST(0),na);
+		i=BIO_gets(bio,p,1024);
+		if (i < 0) i=0;
+		SvCUR_set(ST(0),i);
+
+int
+p5_BIO_flush(bio)
+	BIO *bio;
+	CODE:
+		RETVAL=BIO_flush(bio);
+	OUTPUT:
+		RETVAL
+
+char *
+p5_BIO_type(bio)
+	BIO *bio;
+	CODE:
+		RETVAL=bio->method->name;
+	OUTPUT:
+		RETVAL
+
+void
+p5_BIO_next_bio(b)
+	BIO *b
+	PREINIT:
+		BIO *bio;
+		char *type;
+		SV *arg;
+	PPCODE:
+		bio=b->next_bio;
+		if (bio != NULL)
+			{
+			arg=(SV *)BIO_get_ex_data(bio,p5_bio_ex_bio_ptr);
+			if (arg == NULL)
+				{
+				arg=new_ref("SSLeay::BIO",(char *)bio,0);
+				PUSHs(arg);
+				BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,(char *)arg);
+				}
+			else
+				{
+				SvREFCNT_inc(arg);
+				PUSHs(arg);
+				}
+			}
+
+int
+p5_BIO_puts(bio,in)
+	BIO *bio;
+	SV *in;
+	PREINIT:
+		char *ptr;
+	CODE:
+		ptr=SvPV(in,na);
+		RETVAL=BIO_puts(bio,ptr);
+	OUTPUT:
+		RETVAL
+
+void
+p5_BIO_set_callback(bio,cb,...)
+	BIO *bio;
+	SV *cb;
+	PREINIT:
+		SV *arg=NULL;
+		SV *arg2=NULL;
+	CODE:
+		if (items > 3)
+			croak("Usage: SSLeay::BIO::set_callback(bio,callback[,arg]");
+		if (items == 3)
+			{
+			arg2=sv_mortalcopy(ST(2));
+			SvREFCNT_inc(arg2);
+			BIO_set_ex_data(bio,p5_bio_ex_bio_callback_data,
+				(char *)arg2);
+			}
+		arg=sv_mortalcopy(ST(1));
+		SvREFCNT_inc(arg);
+		BIO_set_ex_data(bio,p5_bio_ex_bio_callback,(char *)arg);
+		BIO_set_callback(bio,p5_bio_callback);
+
+void
+p5_BIO_DESTROY(bio)
+	BIO *bio
+	PREINIT:
+		SV *sv;
+	PPCODE:
+		pr_name_d("p5_BIO_DESTROY",bio->references);
+		printf("p5_BIO_DESTROY <%s> %d\n",bio->method->name,bio->references);
+		BIO_set_ex_data(bio,p5_bio_ex_bio_ptr,NULL);
+		BIO_free_all(bio);
+
+int
+p5_BIO_set_ssl(bio,ssl)
+	BIO *bio;
+	SSL *ssl;
+	CODE:
+		pr_name("p5_BIO_set_ssl");
+		ssl->references++;
+		RETVAL=BIO_set_ssl(bio,ssl,BIO_CLOSE);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BIO_number_read(bio)
+	BIO *bio;
+	CODE:
+		RETVAL=BIO_number_read(bio);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BIO_number_written(bio)
+	BIO *bio;
+	CODE:
+		RETVAL=BIO_number_written(bio);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BIO_references(bio)
+	BIO *bio;
+	CODE:
+		RETVAL=bio->references;	
+	OUTPUT:
+		RETVAL
+
diff --git a/perl/openssl_bn.xs b/perl/openssl_bn.xs
new file mode 100644
index 0000000000..c15be3729a
--- /dev/null
+++ b/perl/openssl_bn.xs
@@ -0,0 +1,589 @@
+#include "p5SSLeay.h"
+
+int sv_to_BIGNUM(var,arg,name)
+BIGNUM **var;
+SV *arg;
+char *name;
+	{
+	int ret=1;
+
+	if (sv_derived_from(arg,"SSLeay::BN"))
+		{
+		IV tmp = SvIV((SV*)SvRV(arg));
+		*var = (BIGNUM *) tmp;
+		}
+	else if (SvIOK(arg)) {
+		SV *tmp=sv_newmortal();
+		*var=BN_new();
+		BN_set_word(*var,SvIV(arg));
+		sv_setref_pv(tmp,"SSLeay::BN",(void*)*var);
+		}
+	else if (SvPOK(arg)) {
+		char *ptr;
+		STRLEN len;
+		SV *tmp=sv_newmortal();
+		*var=BN_new();
+		sv_setref_pv(tmp,"SSLeay::BN", (void*)*var);
+		ptr=SvPV(arg,len);
+		SvGROW(arg,len+1);
+		ptr[len]='\0';
+		BN_dec2bn(var,ptr);
+		}
+	else
+		{
+		croak(name);
+		ret=0;
+		}
+	return(ret);
+	}
+
+typedef struct gpc_args_st {
+	SV *cb;
+	SV *arg;
+	} GPC_ARGS;
+
+static void generate_prime_callback(pos,num,arg)
+int pos;
+int num;
+char *arg;
+	{
+	dSP ;
+	int i;
+	GPC_ARGS *a=(GPC_ARGS *)arg;
+
+	ENTER ;
+	SAVETMPS ;
+
+	PUSHMARK(sp);
+	XPUSHs(sv_2mortal(newSViv(pos)));
+	XPUSHs(sv_2mortal(newSViv(num)));
+	XPUSHs(sv_2mortal(newSVsv(a->arg)));
+	PUTBACK;
+
+	i=perl_call_sv(a->cb,G_DISCARD);
+
+	SPAGAIN;
+
+	PUTBACK;
+	FREETMPS;
+	LEAVE;
+	}
+
+MODULE =  SSLeay::BN	PACKAGE = SSLeay::BN	PREFIX = p5_BN_
+
+VERSIONCHECK: DISABLE
+
+void
+p5_BN_new(...)
+	PREINIT:
+		BIGNUM *bn;
+		SV *arg;
+	PPCODE:
+		pr_name("p5_BN_new");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		bn=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)bn);
+
+void
+p5_BN_dup(a)
+	BIGNUM *a;
+	PREINIT:
+		BIGNUM *bn;
+	PPCODE:
+		pr_name("p5_BN_dup");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		bn=BN_dup(a);
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)bn);
+
+void
+p5_BN_rand(bits,...)
+	int bits;
+	PREINIT:
+		int top=1;
+		int bottom=0;
+		BIGNUM *ret;
+	PPCODE:	
+		pr_name("p5_BN_rand");
+		if ((items < 1) || (items > 3))
+			croak("Usage: SSLeay::BN::rand(bits[,top_bit][,bottombit]");
+		if (items >= 2) top=(int)SvIV(ST(0));
+		if (items >= 3) bottom=(int)SvIV(ST(1));
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		BN_rand(ret,bits,top,bottom);
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+
+void
+p5_BN_bin2bn(a)
+	datum a;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_bin2bn");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_bin2bn(a.dptr,a.dsize,NULL);
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+
+void
+p5_BN_bn2bin(a)
+	BIGNUM *a;
+	PREINIT:
+		int i;
+	PPCODE:
+		pr_name("p5_BN_bn2bin");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		i=BN_num_bytes(a)+2;
+		sv_setpvn(ST(0),"",1);
+		SvGROW(ST(0),i+1);
+		SvCUR_set(ST(0),BN_bn2bin(a,SvPV(ST(0),na)));
+
+void
+p5_BN_mpi2bn(a)
+	datum a;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_mpi2bn");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_mpi2bn(a.dptr,a.dsize,NULL);
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+
+void
+p5_BN_bn2mpi(a)
+	BIGNUM *a;
+	PREINIT:
+		int i;
+	PPCODE:
+		pr_name("p5_BN_bn2mpi");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		i=BN_bn2mpi(a,NULL);
+		sv_setpvn(ST(0),"",1);
+		SvGROW(ST(0),i+1);
+		SvCUR_set(ST(0),BN_bn2mpi(a,SvPV(ST(0),na)));
+
+void
+p5_BN_hex2bn(a)
+	datum a;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_hex2bn");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_hex2bn(&ret,a.dptr);
+
+void
+p5_BN_dec2bn(a)
+	datum a;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_dec2bn");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_dec2bn(&ret,a.dptr);
+
+SV *
+p5_BN_bn2hex(a)
+	BIGNUM *a;
+	PREINIT:
+		char *ptr;
+		int i;
+	CODE:
+		pr_name("p5_BN_bn2hex");
+		ptr=BN_bn2hex(a);
+		RETVAL=newSVpv("",0);
+		i=strlen(ptr);
+		SvGROW(RETVAL,i+1);
+		memcpy(SvPV(RETVAL,na),ptr,i+1);
+		SvCUR_set(RETVAL,i);
+		Free(ptr);
+	OUTPUT:
+		RETVAL
+
+SV *
+p5_BN_bn2dec(a)
+	BIGNUM *a;
+	PREINIT:
+		char *ptr;
+		int i;
+	CODE:
+		pr_name("p5_BN_bn2dec");
+		ptr=BN_bn2dec(a);
+		RETVAL=newSVpv("",0);
+		i=strlen(ptr);
+		SvGROW(RETVAL,i+1);
+		memcpy(SvPV(RETVAL,na),ptr,i+1);
+		SvCUR_set(RETVAL,i);
+		Free(ptr);
+	OUTPUT:
+		RETVAL
+
+void
+p5_BN_add(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_add");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_add(ret,a,b);
+
+void
+p5_BN_sub(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_sub");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_sub(ret,a,b);
+
+void
+p5_BN_mul(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_mul");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_mul(ret,a,b);
+
+void
+p5_BN_div(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	PREINIT:
+		static BN_CTX *ctx=NULL;
+		BIGNUM *div,*mod;
+	PPCODE:
+		pr_name("p5_BN_div");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		EXTEND(sp,2);
+		PUSHs(sv_newmortal());
+		PUSHs(sv_newmortal());
+		div=BN_new();
+		mod=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)div);
+		sv_setref_pv(ST(1), "SSLeay::BN", (void*)mod);
+		BN_div(div,mod,a,b,ctx);
+
+void
+p5_BN_mod(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	PREINIT:
+		static BN_CTX *ctx=NULL;
+		BIGNUM *rem;
+	PPCODE:
+		pr_name("p5_BN_mod");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		rem=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)rem);
+		BN_mod(rem,a,b,ctx);
+
+void
+p5_BN_exp(a,p)
+	BIGNUM *a;
+	BIGNUM *p;
+	PREINIT:
+		BIGNUM *ret;
+		static BN_CTX *ctx=NULL;
+	PPCODE:
+		pr_name("p5_BN_exp");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_exp(ret,a,p,ctx);
+
+void
+p5_BN_mod_mul(a,b,c)
+	BIGNUM *a;
+	BIGNUM *b;
+	BIGNUM *c;
+	PREINIT:
+		static BN_CTX *ctx=NULL;
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_mod_mul");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_mod_mul(ret,a,b,c,ctx);
+
+void
+p5_BN_mod_exp(a,b,c)
+	BIGNUM *a;
+	BIGNUM *b;
+	BIGNUM *c;
+	PREINIT:
+		static BN_CTX *ctx=NULL;
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_mod_exp");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_mod_exp(ret,a,b,c,ctx);
+
+void
+p5_BN_generate_prime(...)
+	PREINIT:
+		int bits=512;
+		int strong=0;
+		BIGNUM *ret=NULL;
+		SV *callback=NULL;
+		SV *cb_arg=NULL;
+		GPC_ARGS arg;
+		dSP;
+
+	PPCODE:
+		pr_name("p5_BN_generate_prime");
+		if ((items < 0) || (items > 4))
+			croak("Usage: SSLeay::BN::generate_prime(a[,strong][,callback][,cb_arg]");
+		if (items >= 1) bits=(int)SvIV(ST(0));
+		if (items >= 2) strong=(int)SvIV(ST(1));
+		if (items >= 3) callback=ST(2);
+		if (items == 4) cb_arg=ST(3);
+
+		if (callback == NULL)
+			ret=BN_generate_prime(bits,strong,NULL,NULL,NULL,NULL);
+		else
+			{
+			arg.cb=callback;
+			arg.arg=cb_arg;
+
+			ret=BN_generate_prime(bits,strong,NULL,NULL,
+				generate_prime_callback,(char *)&arg);
+			}
+
+		SPAGAIN;
+		sp-=items; /* a bit evil that I do this */
+
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+
+void
+p5_BN_is_prime(p,...)
+	BIGNUM *p;
+	PREINIT:
+	int nchecks=5,ret;
+	SV *callback=NULL;
+	SV *cb_arg=NULL;
+	GPC_ARGS arg;
+	dSP;
+	static BN_CTX *ctx=NULL;
+	PPCODE:
+		pr_name("p5_BN_is_prime");
+		if ((items < 1) || (items > 4))
+			croak("Usage: SSLeay::BN::is_prime(a[,ncheck][,callback][,callback_arg]");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		if (items >= 2) nchecks=(int)SvIV(ST(1));
+		if (items >= 3) callback=ST(2);
+		if (items >= 4) cb_arg=ST(3);
+		arg.arg=cb_arg; 
+		if (callback == NULL)
+			ret=BN_is_prime(p,nchecks,NULL,ctx,NULL);
+		else
+			{
+			arg.cb=callback;
+			arg.arg=cb_arg;
+			ret=BN_is_prime(p,nchecks,generate_prime_callback,
+				ctx,(char *)&arg);
+			}
+		SPAGAIN;
+		sp-=items; /* a bit evil */
+		PUSHs(sv_2mortal(newSViv(ret)));
+
+int
+p5_BN_num_bits(a)
+	BIGNUM *a;
+	CODE:
+		pr_name("p5_BN_num_bits");
+		RETVAL=BN_num_bits(a);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BN_cmp(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	CODE:
+		pr_name("p5_BN_cmp");
+		RETVAL=BN_cmp(a,b);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BN_ucmp(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	CODE:
+		pr_name("p5_BN_ucmp");
+		RETVAL=BN_ucmp(a,b);
+	OUTPUT:
+		RETVAL
+
+int
+p5_BN_is_bit_set(a,b)
+	BIGNUM *a;
+	int b;
+	CODE:
+		pr_name("p5_BN_is_bit_set");
+		RETVAL=BN_is_bit_set(a,b);
+	OUTPUT:
+		RETVAL
+
+void
+p5_BN_set_bit(a,b)
+	BIGNUM *a;
+	int b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_set_bit");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_dup(a);
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_set_bit(ret,b);
+
+void
+p5_BN_clear_bit(a,b)
+	BIGNUM *a;
+	int b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_clear_bit");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_dup(a);
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_clear_bit(ret,b);
+
+void
+p5_BN_lshift(a,b)
+	BIGNUM *a;
+	int b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_lshift");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		if (b == 1)
+			BN_lshift1(ret,a);
+		else
+			BN_lshift(ret,a,b);
+
+void
+p5_BN_rshift(a,b)
+	BIGNUM *a;
+	int b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_rshift");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		if (b == 1)
+			BN_rshift1(ret,a);
+		else
+			BN_rshift(ret,a,b);
+
+void
+p5_BN_mask_bits(a,b)
+	BIGNUM *a;
+	int b;
+	PREINIT:
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_mask_bits");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_dup(a);
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_mask_bits(ret,b);
+
+void
+p5_BN_clear(a)
+	BIGNUM *a;
+	PPCODE:
+		pr_name("p5_BN_clear");
+		BN_clear(a);
+
+void
+p5_BN_gcd(a,b)
+	BIGNUM *a;
+	BIGNUM *b;
+	PREINIT:
+		static BN_CTX *ctx=NULL;
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_gcd");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ret=BN_new();
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+		BN_gcd(ret,a,b,ctx);
+
+void
+p5_BN_mod_inverse(a,mod)
+	BIGNUM *a;
+	BIGNUM *mod;
+	PREINIT:
+		static BN_CTX *ctx=NULL;
+		BIGNUM *ret;
+	PPCODE:
+		pr_name("p5_BN_mod_inverse");
+		if (ctx == NULL) ctx=BN_CTX_new();
+		ret=BN_mod_inverse(a,mod,ctx);
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		sv_setref_pv(ST(0), "SSLeay::BN", (void*)ret);
+
+void
+p5_BN_DESTROY(bn)
+	BIGNUM *bn
+	CODE:
+	pr_name("p5_BN_DESTROY");
+	BN_free(bn);
+
diff --git a/perl/openssl_cb.c b/perl/openssl_cb.c
new file mode 100644
index 0000000000..01840abc85
--- /dev/null
+++ b/perl/openssl_cb.c
@@ -0,0 +1,103 @@
+/* perl/callback.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+SV *new_ref(type,obj,mort)
+char *type;
+char *obj;
+	{
+	SV *ret;
+
+	if (mort)
+		ret=sv_newmortal();
+	else
+		ret=newSViv(0);
+	sv_setref_pv(ret,type,(void *)obj);
+	return(ret);
+	}
+
+int ex_new(obj,data,ad,idx,argl,argp)
+char *obj;
+SV *data;
+CRYPTO_EX_DATA *ad;
+int idx;
+long argl;
+char *argp;
+	{
+	SV *sv;
+
+fprintf(stderr,"ex_new %08X %s\n",obj,argp);
+	sv=sv_newmortal();
+	sv_setref_pv(sv,argp,(void *)obj);
+	CRYPTO_set_ex_data(ad,idx,(char *)sv);
+	return(1);
+	}
+
+void ex_cleanup(obj,data,ad,idx,argl,argp)
+char *obj;
+SV *data;
+CRYPTO_EX_DATA *ad;
+int idx;
+long argl;
+char *argp;
+	{
+	pr_name("ex_cleanup");
+fprintf(stderr,"ex_cleanup %08X %s\n",obj,argp);
+	if (data != NULL)
+		SvREFCNT_dec((SV *)data);
+	}
+
diff --git a/perl/openssl_cipher.xs b/perl/openssl_cipher.xs
new file mode 100644
index 0000000000..1044d7a4ef
--- /dev/null
+++ b/perl/openssl_cipher.xs
@@ -0,0 +1,152 @@
+#include "p5SSLeay.h"
+
+int boot_cipher()
+	{
+        SSLeay_add_all_ciphers();
+	return(1);
+	}
+
+MODULE =  SSLeay::Cipher	PACKAGE = SSLeay::Cipher PREFIX = p5_EVP_C_
+
+VERSIONCHECK: DISABLE
+
+void
+p5_EVP_C_new(...)
+	PREINIT:
+		EVP_CIPHER_CTX *ctx;
+		EVP_CIPHER *c;
+		char *name;
+	PPCODE:
+		if ((items == 1) && SvPOK(ST(0)))
+			name=SvPV(ST(0),na);
+		else if ((items == 2) && SvPOK(ST(1)))
+			name=SvPV(ST(1),na);
+		else
+			croak("Usage: SSLeay::Cipher::new(type)");
+		PUSHs(sv_newmortal());
+		c=EVP_get_cipherbyname(name);
+		if (c != NULL)
+			{
+			ctx=malloc(sizeof(EVP_CIPHER_CTX));
+			EVP_EncryptInit(ctx,c,NULL,NULL);
+			sv_setref_pv(ST(0), "SSLeay::Cipher", (void*)ctx);
+			}
+
+datum
+p5_EVP_C_name(ctx)
+	EVP_CIPHER_CTX *ctx
+	CODE:
+		RETVAL.dptr=OBJ_nid2ln(EVP_CIPHER_CTX_nid(ctx));
+		RETVAL.dsize=strlen(RETVAL.dptr);
+	OUTPUT:
+		RETVAL
+
+int
+p5_EVP_C_key_length(ctx)
+	EVP_CIPHER_CTX *ctx
+	CODE:
+		RETVAL=EVP_CIPHER_CTX_key_length(ctx);
+	OUTPUT:
+		RETVAL
+
+int
+p5_EVP_C_iv_length(ctx)
+	EVP_CIPHER_CTX *ctx
+	CODE:
+		RETVAL=EVP_CIPHER_CTX_iv_length(ctx);
+	OUTPUT:
+		RETVAL
+	
+int
+p5_EVP_C_block_size(ctx)
+	EVP_CIPHER_CTX *ctx
+	CODE:
+		RETVAL=EVP_CIPHER_CTX_block_size(ctx);
+	OUTPUT:
+		RETVAL
+	
+void
+p5_EVP_C_init(ctx,key,iv,enc)
+	EVP_CIPHER_CTX *ctx
+	datum key
+	datum iv
+	int enc
+	PREINIT:
+		char loc_iv[EVP_MAX_IV_LENGTH];
+		char loc_key[EVP_MAX_KEY_LENGTH];
+		char *ip=loc_iv,*kp=loc_key;
+		int i;
+		memset(loc_iv,0,EVP_MAX_IV_LENGTH);
+		memset(loc_key,0,EVP_MAX_KEY_LENGTH);
+	CODE:
+		i=key.dsize;
+		if (key.dsize > EVP_CIPHER_CTX_key_length(ctx))
+			i=EVP_CIPHER_CTX_key_length(ctx);
+		if (i > 0)
+			{
+			memset(kp,0,EVP_MAX_KEY_LENGTH);
+			memcpy(kp,key.dptr,i);
+			}
+		else
+			kp=NULL;
+		i=iv.dsize;
+		if (iv.dsize > EVP_CIPHER_CTX_iv_length(ctx))
+			i=EVP_CIPHER_CTX_iv_length(ctx);
+		if (i > 0)
+			{
+			memcpy(ip,iv.dptr,i);
+			memset(ip,0,EVP_MAX_IV_LENGTH);
+			}
+		else
+			ip=NULL;
+		EVP_CipherInit(ctx,EVP_CIPHER_CTX_cipher(ctx),kp,ip,enc);
+		memset(loc_key,0,sizeof(loc_key));
+		memset(loc_iv,0,sizeof(loc_iv));
+
+SV *
+p5_EVP_C_cipher(ctx,in)
+	EVP_CIPHER_CTX *ctx;
+	datum in;
+	CODE:
+		RETVAL=newSVpv("",0);
+		SvGROW(RETVAL,in.dsize+EVP_CIPHER_CTX_block_size(ctx)+1);
+		EVP_Cipher(ctx,SvPV(RETVAL,na),in.dptr,in.dsize);
+		SvCUR_set(RETVAL,in.dsize);
+	OUTPUT:
+		RETVAL
+
+SV *
+p5_EVP_C_update(ctx, in)
+	EVP_CIPHER_CTX *ctx
+	datum in
+	PREINIT:
+	int i;
+	CODE:
+		RETVAL=newSVpv("",0);
+		SvGROW(RETVAL,in.dsize+EVP_CIPHER_CTX_block_size(ctx)+1);
+		EVP_CipherUpdate(ctx,SvPV(RETVAL,na),&i,in.dptr,in.dsize);
+		SvCUR_set(RETVAL,i);
+	OUTPUT:
+		RETVAL
+
+SV *
+p5_EVP_C_final(ctx)
+	EVP_CIPHER_CTX *ctx
+	PREINIT:
+	int i;
+	CODE:
+		RETVAL=newSVpv("",0);
+		SvGROW(RETVAL,EVP_CIPHER_CTX_block_size(ctx)+1);
+		if (!EVP_CipherFinal(ctx,SvPV(RETVAL,na),&i))
+			sv_setpv(RETVAL,"BAD DECODE");
+		else
+			SvCUR_set(RETVAL,i);
+	OUTPUT:
+		RETVAL
+
+void
+p5_EVP_C_DESTROY(ctx)
+	EVP_CIPHER_CTX *ctx
+	CODE:
+	free((char *)ctx);
+
diff --git a/perl/openssl_digest.xs b/perl/openssl_digest.xs
new file mode 100644
index 0000000000..5738b09e48
--- /dev/null
+++ b/perl/openssl_digest.xs
@@ -0,0 +1,83 @@
+#include "p5SSLeay.h"
+
+int boot_digest()
+	{
+	SSLeay_add_all_digests();
+	return(1);
+	}
+
+MODULE =  SSLeay::MD	PACKAGE = SSLeay::MD	PREFIX = p5_EVP_MD_
+
+PROTOTYPES: ENABLE
+VERSIONCHECK: DISABLE
+
+# SSLeay::MD::new(name) name= md2, md5, sha, sha1, or mdc2
+#	md->name() - returns the name
+#	md->init() - reinitalises the digest
+#	md->update(data) - adds more data to digest
+#	digest=md->final() - returns digest
+#
+
+void
+p5_EVP_MD_new(...)
+	PREINIT:
+		EVP_MD_CTX *ctx;
+		EVP_MD *md;
+		char *name;
+	PPCODE:
+		if ((items == 1) && SvPOK(ST(0)))
+			name=SvPV(ST(0),na);
+		else if ((items == 2) && SvPOK(ST(1)))
+			name=SvPV(ST(1),na);
+		else
+			croak("Usage: SSLeay::MD::new(type)");
+		PUSHs(sv_newmortal());
+		md=EVP_get_digestbyname(name);
+		if (md != NULL)
+			{
+			ctx=malloc(sizeof(EVP_MD_CTX));
+			EVP_DigestInit(ctx,md);
+			sv_setref_pv(ST(0), "SSLeay::MD", (void*)ctx);
+			}
+
+datum
+p5_EVP_MD_name(ctx)
+	EVP_MD_CTX *ctx
+	CODE:
+		RETVAL.dptr=OBJ_nid2ln(EVP_MD_type(EVP_MD_CTX_type(ctx)));
+		RETVAL.dsize=strlen(RETVAL.dptr);
+	OUTPUT:
+		RETVAL
+	
+void
+p5_EVP_MD_init(ctx)
+	EVP_MD_CTX *ctx
+	CODE:
+		EVP_DigestInit(ctx,EVP_MD_CTX_type(ctx));
+
+void
+p5_EVP_MD_update(ctx, in)
+	EVP_MD_CTX *ctx
+	datum in
+	CODE:
+		EVP_DigestUpdate(ctx,in.dptr,in.dsize);
+
+datum
+p5_EVP_MD_final(ctx)
+	EVP_MD_CTX *ctx
+	PREINIT:
+		char md[EVP_MAX_MD_SIZE];
+		int len;
+	CODE:
+		EVP_DigestFinal(ctx,md,&len);
+		RETVAL.dptr=md;
+		RETVAL.dsize=len;
+	OUTPUT:
+		RETVAL
+
+void
+p5_EVP_MD_DESTROY(ctx)
+	EVP_MD_CTX *ctx
+	CODE:
+	free((char *)ctx);
+
diff --git a/perl/openssl_err.xs b/perl/openssl_err.xs
new file mode 100644
index 0000000000..6d1aec3ea1
--- /dev/null
+++ b/perl/openssl_err.xs
@@ -0,0 +1,46 @@
+#include "p5SSLeay.h"
+
+int boot_err()
+	{
+	SSL_load_error_strings();
+	return(1);
+	}
+
+MODULE =  SSLeay::ERR	PACKAGE = SSLeay::ERR	PREFIX = p5_ERR_
+
+PROTOTYPES: ENABLE
+VERSIONCHECK: DISABLE
+
+#	md->error() - returns the last error in text or numeric context
+
+void
+p5_ERR_get_error(...)
+	PPCODE:
+		char buf[512];
+		unsigned long l;
+
+		pr_name("p5_ERR_get_code");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		l=ERR_get_error();
+		ERR_error_string(l,buf);
+		sv_setiv(ST(0),l);
+		sv_setpv(ST(0),buf);
+		SvIOK_on(ST(0));
+
+void
+p5_ERR_peek_error(...)
+	PPCODE:
+		char buf[512];
+		unsigned long l;
+
+		pr_name("p5_ERR_get_code");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		l=ERR_peek_error();
+		ERR_error_string(l,buf);
+		sv_setiv(ST(0),l);
+		sv_setpv(ST(0),buf);
+		SvIOK_on(ST(0));
+
+
diff --git a/perl/openssl_ssl.xs b/perl/openssl_ssl.xs
new file mode 100644
index 0000000000..6777cf7ada
--- /dev/null
+++ b/perl/openssl_ssl.xs
@@ -0,0 +1,474 @@
+#include "p5SSLeay.h"
+
+static int p5_ssl_ex_ssl_ptr=0;
+static int p5_ssl_ex_ssl_info_callback=0;
+static int p5_ssl_ex_ssl_ctx_ptr=0;
+static int p5_ssl_ctx_ex_ssl_info_callback=0;
+
+typedef struct ssl_ic_args_st {
+	SV *cb;
+	SV *arg;
+	} SSL_IC_ARGS;
+
+static void p5_ssl_info_callback(ssl,mode,ret)
+SSL *ssl;
+int mode;
+int ret;
+	{
+	int i;
+	SV *me,*cb;
+
+	me=(SV *)SSL_get_ex_data(ssl,p5_ssl_ex_ssl_ptr);
+	cb=(SV *)SSL_get_ex_data(ssl,p5_ssl_ex_ssl_info_callback);
+	if (cb == NULL)
+		cb=(SV *)SSL_CTX_get_ex_data(
+			SSL_get_SSL_CTX(ssl),p5_ssl_ctx_ex_ssl_info_callback);
+	if (cb != NULL)
+		{
+		dSP;
+
+		PUSHMARK(sp);
+		XPUSHs(me);
+		XPUSHs(sv_2mortal(newSViv(mode)));
+		XPUSHs(sv_2mortal(newSViv(ret)));
+		PUTBACK;
+
+		i=perl_call_sv(cb,G_DISCARD);
+		}
+	else
+		{
+		croak("Internal error in SSL p5_ssl_info_callback");
+		}
+	}
+
+int boot_ssl()
+	{
+	p5_ssl_ex_ssl_ptr=		
+		SSL_get_ex_new_index(0,"SSLeay::SSL",ex_new,NULL,ex_cleanup);
+	p5_ssl_ex_ssl_info_callback=
+		SSL_get_ex_new_index(0,"ssl_info_callback",NULL,NULL,
+			ex_cleanup);
+	p5_ssl_ex_ssl_ctx_ptr=
+		SSL_get_ex_new_index(0,"ssl_ctx_ptr",NULL,NULL,
+			ex_cleanup);
+	p5_ssl_ctx_ex_ssl_info_callback=
+		SSL_CTX_get_ex_new_index(0,"ssl_ctx_info_callback",NULL,NULL,
+			ex_cleanup);
+	return(1);
+	}
+
+MODULE =  SSLeay::SSL	PACKAGE = SSLeay::SSL::CTX PREFIX = p5_SSL_CTX_
+
+VERSIONCHECK: DISABLE
+
+void
+p5_SSL_CTX_new(...)
+	PREINIT:
+		SSL_METHOD *meth;
+		SSL_CTX *ctx;
+		char *method;
+	PPCODE:
+		pr_name("p5_SSL_CTX_new");
+		if ((items == 1) && SvPOK(ST(0)))
+			method=SvPV(ST(0),na);
+		else if ((items == 2) && SvPOK(ST(1)))
+			method=SvPV(ST(1),na);
+		else
+			croak("Usage: SSLeay::SSL_CTX::new(type)");
+			
+		if (strcmp(method,"SSLv3") == 0)
+			meth=SSLv3_method();
+		else if (strcmp(method,"SSLv3_client") == 0)
+			meth=SSLv3_client_method();
+		else if (strcmp(method,"SSLv3_server") == 0)
+			meth=SSLv3_server_method();
+		else if (strcmp(method,"SSLv23") == 0)
+			meth=SSLv23_method();
+		else if (strcmp(method,"SSLv23_client") == 0)
+			meth=SSLv23_client_method();
+		else if (strcmp(method,"SSLv23_server") == 0)
+			meth=SSLv23_server_method();
+		else if (strcmp(method,"SSLv2") == 0)
+			meth=SSLv2_method();
+		else if (strcmp(method,"SSLv2_client") == 0)
+			meth=SSLv2_client_method();
+		else if (strcmp(method,"SSLv2_server") == 0)
+			meth=SSLv2_server_method();
+		else
+			{
+			croak("Not passed a valid SSL method name, should be 'SSLv[23] [client|server]'");
+			}
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ctx=SSL_CTX_new(meth);
+		sv_setref_pv(ST(0), "SSLeay::SSL::CTX", (void*)ctx);
+
+int
+p5_SSL_CTX_use_PrivateKey_file(ctx,file,...)
+	SSL_CTX *ctx;
+	char *file;
+	PREINIT:
+		int i=SSL_FILETYPE_PEM;
+		char *ptr;
+	CODE:
+		pr_name("p5_SSL_CTX_use_PrivateKey_file");
+		if (items > 3)
+			croak("SSLeay::SSL::CTX::use_PrivateKey_file(ssl_ctx,file[,type])");
+		if (items == 3)
+			{
+			ptr=SvPV(ST(2),na);
+			if (strcmp(ptr,"der") == 0)
+				i=SSL_FILETYPE_ASN1;
+			else
+				i=SSL_FILETYPE_PEM;
+			}
+		RETVAL=SSL_CTX_use_RSAPrivateKey_file(ctx,file,i);
+	OUTPUT:
+		RETVAL
+
+int
+p5_SSL_CTX_set_options(ctx,...)
+	SSL_CTX *ctx;
+	PREINIT:
+		int i;
+		char *ptr;
+		SV *sv;
+	CODE:
+		pr_name("p5_SSL_CTX_set_options");
+
+		for (i=1; i<items; i++)
+			{
+			if (!SvPOK(ST(i)))
+				croak("Usage: SSLeay::SSL_CTX::set_options(ssl_ctx[,option,value]+)");
+			ptr=SvPV(ST(i),na);
+			if (strcmp(ptr,"-info_callback") == 0)
+				{
+				SSL_CTX_set_info_callback(ctx,
+					p5_ssl_info_callback);
+				sv=sv_mortalcopy(ST(i+1));
+				SvREFCNT_inc(sv);
+				SSL_CTX_set_ex_data(ctx,
+					p5_ssl_ctx_ex_ssl_info_callback,
+						(char *)sv);
+				i++;
+				}
+			else
+				{
+				croak("SSLeay::SSL_CTX::set_options(): unknown option");
+				}
+			}
+
+void
+p5_SSL_CTX_DESTROY(ctx)
+	SSL_CTX *ctx
+	PREINIT:
+		SV *sv;
+	PPCODE:
+		pr_name_d("p5_SSL_CTX_DESTROY",ctx->references);
+		SSL_CTX_free(ctx);
+
+MODULE =  SSLeay::SSL	PACKAGE = SSLeay::SSL PREFIX = p5_SSL_
+
+void
+p5_SSL_new(...)
+	PREINIT:
+		SV *sv_ctx;
+		SSL_CTX *ctx;
+		SSL *ssl;
+		int i;
+		SV *arg;
+	PPCODE:
+		pr_name("p5_SSL_new");
+		if ((items != 1) && (items != 2))
+			croak("Usage: SSLeay::SSL::new(ssl_ctx)");
+		if (sv_derived_from(ST(items-1),"SSLeay::SSL::CTX"))
+			{
+			IV tmp = SvIV((SV*)SvRV(ST(items-1)));
+			ctx=(SSL_CTX *)tmp;
+			sv_ctx=ST(items-1);
+			}
+		else
+			croak("ssl_ctx is not of type SSLeay::SSL::CTX");
+
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ssl=SSL_new(ctx);
+		sv_setref_pv(ST(0), "SSLeay::SSL", (void*)ssl);
+
+		/* Now this is being a little hairy, we keep a pointer to
+		 * our perl reference.  We need to do a different one
+		 * to the one we return because it will have it's reference
+		 * count droped to 0 apon return and if we up its reference
+		 * count, it will never be DESTROYED */
+		arg=newSVsv(ST(0));
+		SSL_set_ex_data(ssl,p5_ssl_ex_ssl_ptr,(char *)arg);
+		SvREFCNT_inc(sv_ctx);
+		SSL_set_ex_data(ssl,p5_ssl_ex_ssl_ctx_ptr,(char *)sv_ctx);
+
+int
+p5_SSL_connect(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=SSL_connect(ssl);
+	OUTPUT:
+		RETVAL
+
+int
+p5_SSL_accept(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=SSL_connect(ssl);
+	OUTPUT:
+		RETVAL
+
+int
+p5_SSL_sysread(ssl,in,num, ...)
+	SSL *ssl;
+	SV *in;
+	int num;
+	PREINIT:
+		int i,n,olen;
+		int offset;
+		char *p;
+	CODE:
+		offset=0;
+		if (!SvPOK(in))
+			sv_setpvn(in,"",0);
+		SvPV(in,olen);
+		if (items > 3)
+			{
+			offset=SvIV(ST(3));
+			if (offset < 0)
+				{
+				if (-offset > olen)
+					croad("Offset outside string");
+				offset+=olen;
+				}
+			}
+		if ((num+offset) > olen)
+			{
+			SvGROW(in,num+offset+1);
+			p=SvPV(in,i);
+			memset(&(p[olen]),0,(num+offset)-olen+1);
+			}
+		p=SvPV(in,n);
+
+		i=SSL_read(ssl,p+offset,num);
+		RETVAL=i;
+		if (i <= 0) i=0;
+		SvCUR_set(in,offset+i);
+	OUTPUT:
+		RETVAL
+
+int
+p5_SSL_syswrite(ssl,in, ...)
+	SSL *ssl;
+	SV *in;
+	PREINIT:
+		char *ptr;
+		int len,in_len;
+		int offset=0;
+		int n;
+	CODE:
+		ptr=SvPV(in,in_len);
+		if (items > 2)
+			{
+			len=SvOK(ST(2))?SvIV(ST(2)):in_len;
+			if (items > 3)
+				{
+				offset=SvIV(ST(3));
+				if (offset < 0)
+					{
+					if (-offset > in_len)
+						croak("Offset outside string");
+					offset+=in_len;
+					}
+				else if ((offset >= in_len) && (in_len > 0))
+					croak("Offset outside string");
+				}
+			if (len >= (in_len-offset))
+				len=in_len-offset;
+			}
+		else
+			len=in_len;
+
+		RETVAL=SSL_write(ssl,ptr+offset,len);
+	OUTPUT:
+		RETVAL
+
+void
+p5_SSL_set_bio(ssl,bio)
+	SSL *ssl;
+	BIO *bio;
+	CODE:
+		bio->references++;
+		SSL_set_bio(ssl,bio,bio);
+
+int
+p5_SSL_set_options(ssl,...)
+	SSL *ssl;
+	PREINIT:
+		int i;
+		char *ptr;
+		SV *sv;
+	CODE:
+		pr_name("p5_SSL_set_options");
+
+		for (i=1; i<items; i++)
+			{
+			if (!SvPOK(ST(i)))
+				croak("Usage: SSLeay::SSL::set_options(ssl[,option,value]+)");
+			ptr=SvPV(ST(i),na);
+			if (strcmp(ptr,"-info_callback") == 0)
+				{
+				SSL_set_info_callback(ssl,
+					p5_ssl_info_callback);
+				sv=sv_mortalcopy(ST(i+1));
+				SvREFCNT_inc(sv);
+				SSL_set_ex_data(ssl,
+					p5_ssl_ex_ssl_info_callback,(char *)sv);
+				i++;
+				}
+			else if (strcmp(ptr,"-connect_state") == 0)
+				{
+				SSL_set_connect_state(ssl);
+				}
+			else if (strcmp(ptr,"-accept_state") == 0)
+				{
+				SSL_set_accept_state(ssl);
+				}
+			else
+				{
+				croak("SSLeay::SSL::set_options(): unknown option");
+				}
+			}
+
+void
+p5_SSL_state(ssl)
+	SSL *ssl;
+	PREINIT:
+		int state;
+	PPCODE:
+		pr_name("p5_SSL_state");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		state=SSL_state(ssl);
+		sv_setpv(ST(0),SSL_state_string_long(ssl));
+		sv_setiv(ST(0),state);
+		SvPOK_on(ST(0));
+
+void
+p5_SSL_DESTROY(ssl)
+	SSL *ssl;
+	CODE:
+	pr_name_dd("p5_SSL_DESTROY",ssl->references,ssl->ctx->references);
+	fprintf(stderr,"SSL_DESTROY %d\n",ssl->references);
+	SSL_free(ssl);
+
+int
+p5_SSL_references(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=ssl->references;
+	OUTPUT:
+		RETVAL
+
+int
+p5_SSL_do_handshake(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=SSL_do_handshake(ssl);
+	OUTPUT:
+		RETVAL
+
+int
+p5_SSL_renegotiate(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=SSL_renegotiate(ssl);
+	OUTPUT:
+		RETVAL
+
+int
+p5_SSL_shutdown(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=SSL_shutdown(ssl);
+	OUTPUT:
+		RETVAL
+
+char *
+p5_SSL_get_version(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=SSL_get_version(ssl);
+	OUTPUT:
+		RETVAL
+
+SSL_CIPHER *
+p5_SSL_get_current_cipher(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=SSL_get_current_cipher(ssl);
+	OUTPUT:
+		RETVAL
+
+X509 *
+p5_SSL_get_peer_certificate(ssl)
+	SSL *ssl
+	CODE:
+		RETVAL=SSL_get_peer_certificate(ssl);
+	OUTPUT:
+		RETVAL
+
+MODULE =  SSLeay::SSL	PACKAGE = SSLeay::SSL::CIPHER PREFIX = p5_SSL_CIPHER_
+
+int
+p5_SSL_CIPHER_get_bits(sc)
+	SSL_CIPHER *sc
+	PREINIT:
+		int i,ret;
+	PPCODE:
+		EXTEND(sp,2);
+		PUSHs(sv_newmortal());
+		PUSHs(sv_newmortal());
+		ret=SSL_CIPHER_get_bits(sc,&i);
+		sv_setiv(ST(0),(IV)ret);
+		sv_setiv(ST(1),(IV)i);
+
+char *
+p5_SSL_CIPHER_get_version(sc)
+	SSL_CIPHER *sc
+	CODE:
+		RETVAL=SSL_CIPHER_get_version(sc);
+	OUTPUT:
+		RETVAL
+
+char *
+p5_SSL_CIPHER_get_name(sc)
+	SSL_CIPHER *sc
+	CODE:
+		RETVAL=SSL_CIPHER_get_name(sc);
+	OUTPUT:
+		RETVAL
+
+MODULE =  SSLeay::SSL	PACKAGE = SSLeay::BIO PREFIX = p5_BIO_
+
+void
+p5_BIO_get_ssl(bio)
+	BIO *bio;
+	PREINIT:
+		SSL *ssl;
+		SV *ret;
+		int i;
+	PPCODE:
+		if ((i=BIO_get_ssl(bio,&ssl)) > 0)
+			{
+			ret=(SV *)SSL_get_ex_data(ssl,p5_ssl_ex_ssl_ptr);
+			ret=sv_mortalcopy(ret);
+			}
+		else
+			ret= &sv_undef;
+		EXTEND(sp,1);
+		PUSHs(ret);
+
diff --git a/perl/openssl_x509.xs b/perl/openssl_x509.xs
new file mode 100644
index 0000000000..67633ad225
--- /dev/null
+++ b/perl/openssl_x509.xs
@@ -0,0 +1,74 @@
+#include "p5SSLeay.h"
+
+MODULE =  SSLeay::X509	PACKAGE = SSLeay::X509	PREFIX = p5_X509_
+
+PROTOTYPES: ENABLE
+VERSIONCHECK: DISABLE
+
+void
+p5_X509_new(void )
+	PREINIT:
+		X509 *x509;
+		SV *arg;
+	PPCODE:
+		pr_name("p5_X509_new");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		x509=X509_new();
+		sv_setref_pv(ST(0),"SSLeay::X509",(void *)x509);
+
+char *
+p5_X509_get_subject_name(x509)
+	X509 *x509;
+	PREINIT:
+		char *p;
+		X509_NAME *name;
+		char buf[1024];
+		int i;
+	CODE:
+		name=X509_get_subject_name(x509);
+		X509_NAME_oneline(name,buf,sizeof(buf));
+		p= &(buf[0]);
+		RETVAL=p;
+	OUTPUT:
+		RETVAL
+
+char *
+p5_X509_get_issuer_name(x509)
+	X509 *x509;
+	PREINIT:
+		char *p;
+		X509_NAME *name;
+		char buf[1024];
+		int i;
+	CODE:
+		name=X509_get_issuer_name(x509);
+		X509_NAME_oneline(name,buf,sizeof(buf));
+		p= &(buf[0]);
+		RETVAL=p;
+	OUTPUT:
+		RETVAL
+
+int
+p5_X509_get_version(x509)
+	X509 *x509;
+	CODE:
+		RETVAL=X509_get_version(x509);
+	OUTPUT:
+		RETVAL
+
+BIGNUM *
+p5_X509_get_serialNumber(x509)
+	X509 *x509;
+	CODE:
+		RETVAL=ASN1_INTEGER_to_BN(X509_get_serialNumber(x509),NULL);
+	OUTPUT:
+		RETVAL
+
+void
+p5_X509_DESTROY(x509)
+	X509 *x509;
+	CODE:
+	pr_name("p5_X509_DESTROY");
+	X509_free(x509);
+
diff --git a/perl/p5SSLeay.h b/perl/p5SSLeay.h
new file mode 100644
index 0000000000..bcccda7d5f
--- /dev/null
+++ b/perl/p5SSLeay.h
@@ -0,0 +1,96 @@
+/* perl/p5SSLeay.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#ifdef __cplusplus
+extern "C" {
+#endif
+#include "EXTERN.h"
+#include "perl.h"
+#include "XSUB.h"
+#ifdef __cplusplus
+}
+#endif
+
+typedef struct datum_st
+	{
+	char *dptr;
+	int dsize;
+	} datum;
+
+#include "crypto.h"
+#include "buffer.h"
+#include "bio.h"
+#include "evp.h"
+#include "err.h"
+#include "x509.h"
+#include "ssl.h"
+
+#if 0
+#define pr_name(name)		printf("%s\n",name)
+#define pr_name_d(name,p2)	printf("%s %d\n",name,p2)
+#define pr_name_dd(name,p2,p3)	printf("%s %d %d\n",name,p2,p3)
+#else
+#define pr_name(name)
+#define pr_name_d(name,p2)
+#define pr_name_dd(name,p2,p3)
+#endif
+
+SV *new_ref(char *type, char *obj, int mort);
+int ex_new(char *obj,SV *data,CRYPTO_EX_DATA *ad,int idx,long argl,char *argp);
+void ex_cleanup(char *obj,SV *data,CRYPTO_EX_DATA *ad,int idx,
+	long argl,char *argp);
+
diff --git a/perl/r.pl b/perl/r.pl
new file mode 100644
index 0000000000..e3411948d7
--- /dev/null
+++ b/perl/r.pl
@@ -0,0 +1,56 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$bits=512;
+$bits=$ARGV[0] if $#ARGV >= 0;
+
+$q=SSLeay::BN::dec2bn("334533373942443239443435463034324139443635374634423531423146313742443038394230324138363038393539303745363034393946353346323345374537463935433635374238353245344341444241344138413244373443323338334431414134363244443532423243423133433537");
+
+$p=SSLeay::BN::dec2bn("3338413942343132463534373734353742343636444439363131313131353843334536434330363934313646414132453044434138413630434631334134443046313735313632344131433437443642434436423642453234383046393732383538444139393131314339303743393939363744443235443332393332394543384630304634323646333735");
+$pp=SSLeay::BN::generate_prime($bits/2,0,sub {print STDERR $_[0]?"+":"."});
+
+printf $pp->is_prime."\n";
+printf $p->is_prime."\n";
+printf $q->is_prime."\n";
+printf "p->length=%d\n",$p->num_bits;
+printf "q->length=%d\n",$q->num_bits;
+$bits=$p->num_bits+$q->num_bits;
+$e=SSLeay::BN::hex2bn("10001");
+
+$t1=$p-1;
+$t2=$q-1;
+
+($t1->gcd($e) == 1) || die "p failed the gcd test\n";
+($t2->gcd($e) == 1) || die "q failed the gcd test\n";
+
+($q,$p)=($p,$q) if ($p < $q);
+$n=$p*$q;
+$t=($p-1)*($q-1);
+($t->gcd($e) == 1) || die "t failed the gcd test\n";
+
+$d=$e->mod_inverse($t);
+
+$dmp1=$d%($p-1);
+$dmq1=$d%($q-1);
+$iqmp=$q->mod_inverse($p);
+
+print "n   =$n\n";
+print "e   =$e\n";
+print "d   =$d\n";
+print "dmp1=$dmp1\n";
+print "dmq1=$dmq1\n";
+print "iqmp=$iqmp\n";
+
+$a=SSLeay::BN::bin2bn("This is an RSA test");
+print "Test with\n'".$a->bn2bin."' or\n$a\n";
+
+print "<$a>\n";
+$t1=$a->mod_exp($e,$n);
+print ">$t1>\n";
+$t2=$t1->mod_exp($d,$n);
+print "<$t2>\n";
+
+
diff --git a/perl/s.pl b/perl/s.pl
new file mode 100644
index 0000000000..4f8f417e17
--- /dev/null
+++ b/perl/s.pl
@@ -0,0 +1,72 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$ssl_ctx=SSL::CTX->new("SSLv3_client");
+
+$ssl_ctx->set_options("-info_callback" =>
+	sub	{
+		print STDERR $_[0]->state()."\n";
+		}
+	);
+
+$conn="localhost:4433";
+$conn=$ARGV[0] if $#ARGV >= 0;
+$cbio=BIO->new("connect");
+$cbio->hostname($conn) || die $ssl->error();
+
+$bbio=BIO->new("buffer");
+
+$sbio=BIO->new("ssl");
+$ssl=$ssl_ctx->new_ssl;
+$ssl->set_options(-connect_state);
+$sbio->set_ssl($ssl);
+
+$sbio->push($cbio);
+$bbio->push($sbio);
+$bio=$bbio;
+
+#$bio->set_callback(
+#	sub	{
+#		my($bio,$state,$cmd,$buf,$lart,$ret)=@_;
+#		print STDERR "$state:$cmd\n";
+#		return($ret);
+#		}
+#	);
+
+$b=$bio;
+do	{
+	print STDERR $b->type."\n";
+	} while ($b=$b->next_bio);
+
+(($ret=$bio->syswrite("GET / HTTP/1.0\r\n\r\n")) > 0) || die $bio->error();
+$bio->flush;
+
+$data="";
+while (1)
+	{
+	$ret=$bio->getline;
+	$ret =~ s/[\r\n]//g;
+	print STDERR "$ret\n";
+	last if $ret eq "";
+	$server=$1 if $ret=~ /^Server: (.*)/;
+	}
+
+
+print "server is $server\n";
+$x509=$ssl->get_peer_certificate();
+print "version     :".$x509->get_version()."\n";
+print "serialNumber:".$x509->get_serialNumber()->bn2hex."\n";
+print "subject     :".$x509->get_subject_name()."\n";
+print "issuer      :". $x509->get_issuer_name()."\n";
+
+$c=$ssl->get_current_cipher;
+($i,$a)=$c->get_bits;
+$v=$c->get_version;
+$n=$c->get_name;
+
+print "protocol=".$ssl->get_version."\n";
+print "bits=$i($a) cipher type=$v cipher=$n\n";
+
diff --git a/perl/s2.pl b/perl/s2.pl
new file mode 100644
index 0000000000..540ca7c817
--- /dev/null
+++ b/perl/s2.pl
@@ -0,0 +1,49 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$ssl_ctx=SSL::CTX->new("SSLv3");
+
+$ssl_ctx->set_options("-info_callback" =>
+	sub	{
+		print STDERR $_[0]->state()."\n";
+		}
+	);
+
+$conn="localhost:4433";
+$conn=$ARGV[0] if $#ARGV >= 0;
+$cbio=BIO->new("connect");
+$cbio->hostname($conn) || die $ssl->error();
+
+$ssl=$ssl_ctx->new_ssl;
+$sbio=BIO->new("ssl");
+$sbio->set_ssl($ssl);
+$ssl->set_options("-connect_state");
+
+$bio=BIO->new("buffer");
+
+$sbio->push($cbio);
+$bio->push($sbio);
+
+($bio->do_handshake() > 0) || die $bio->error();
+
+(($ret=$bio->syswrite("GET / HTTP/1.0\r\n\r\n")) > 0) || die $ssl->error();
+$bio->flush() || die $bio->error();
+
+$data="";
+while ($_=$bio->getline())
+	{
+	if (/^Server:/)
+		{
+		print;
+		last;
+		}
+	}
+
+if ($bio->peek_error())
+	{
+	print "There was an error:".$ssl->error();
+	}
+print "exit\n";
diff --git a/perl/server.pem b/perl/server.pem
new file mode 100644
index 0000000000..eabb927036
--- /dev/null
+++ b/perl/server.pem
@@ -0,0 +1,369 @@
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
+-----BEGIN CERTIFICATE-----
+MIIB6TCCAVICAQAwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzQ2WhcNOTgwNjA5
+MTM1NzQ2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
+cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
+Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
+Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB4TMR2CvacKE9wAsu9jyCX8YiW
+mgCM+YoP6kt4Zkj2z5IRfm7WrycKsnpnOR+tGeqAjkCeZ6/36o9l91RvPnN1VJ/i
+xQv2df0KFeMr00IkDdTNAdIWqFkSsZTAY2QAdgenb7MB1joejquYzO2DQIO7+wpH
+irObpESxAZLySCmPPg==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
+TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
+OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
+gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
+rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
+PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
+vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
+-----END RSA PRIVATE KEY-----
+subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
+issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
+notBefore=950413210656Z
+notAfter =970412210656Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
+BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
+ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
+BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
+VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
+MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
+3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
+YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
+hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
+dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
+zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
+-----END X509 CERTIFICATE-----
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
+VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
+OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
+IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
+DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
+1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
+mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
+hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
+YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
+q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
+gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
+2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
+AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
+hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
+J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
+HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
+21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
+nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
+MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
+pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
+KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
+XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
+-----END RSA PRIVATE KEY-----
+-----BEGIN X509 CERTIFICATE-----
+MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
+LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
+MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
+b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
+EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
+bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
+ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
+hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
+ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
+bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
+fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
+R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
+Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
+-----END X509 CERTIFICATE-----
+-----BEGIN X509 CERTIFICATE-----
+
+MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
+Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
+GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
+bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
+BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
+BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
+ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
+ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
+H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
+WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
+MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
+LC7obsrHD8XAHG+ZRG==
+-----END X509 CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
+MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
+DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
+CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
+amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
+iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
+U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
+zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
+BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
+A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
+/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
+lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
+S7ELuYGtmYgYm9NZOIr7yU0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
+A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
+aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
+LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
+gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
+ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
+dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
+SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
+bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
+OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
+GJNMJ4L0AJ/ac+SmHZc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
+BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
+HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
+IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
+MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
+aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
+GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
+ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
+zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
+YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
+hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
+cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
+YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
+-----END CERTIFICATE-----
+
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
+VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
+OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
+NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
+40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
+22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
+BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
+Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
+xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
+cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
+wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
+vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
+AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
+z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
+xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
+HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
+yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
+xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
+7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
+h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
+QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
+hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
+-----END RSA PRIVATE KEY-----
+subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+notBefore=941104185834Z
+notAfter =991103185834Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
+Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
+OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
+ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
+975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
+touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
+7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
+9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
+0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
+MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
+-----END X509 CERTIFICATE-----
+subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+notBefore=941109235417Z
+notAfter =991231235417Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
+IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
+Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
+YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
+roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
+aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
+HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
+iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
+suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
+cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
+-----END X509 CERTIFICATE-----
+subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
+	/OU=Certification Services Division/CN=Thawte Server CA
+	/Email=server-certs@thawte.com
+issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
+	/OU=Certification Services Division/CN=Thawte Server CA
+	/Email=server-certs@thawte.com
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
+VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
+VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
+dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
+hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
+N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
+ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
+bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
+aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
+F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
+iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
+Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
+KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
+SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
+7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
+qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
+VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
+VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
+dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
+QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
+NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
+A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
+FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
+Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
+G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
+c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
+jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
+w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
+GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
+3VZdLbCVIhNoEsysrxCpxcI=
+-----END CERTIFICATE-----
+Tims test GCI CA
+
+-----BEGIN CERTIFICATE-----
+MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
+cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
+gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
+cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
+dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
+AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
+OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
+AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
+TfdbFZtAAD2Hx9jUtY3tfdrJOb8= 
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
+IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
+VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
+NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
+EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
+I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
+RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
+KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
+Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
+9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
+WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
+MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
+c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
+Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
+ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
+ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
+FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
+W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
+QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
+9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
+TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
+8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
+-----END CERTIFICATE-----
+
+ subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
+ issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
+
+-----BEGIN CERTIFICATE-----
+MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
+YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
+MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
+YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
+SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
+U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
+RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
+3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
+z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
+hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
+YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
+LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
+KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
+Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
+ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
+dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
+IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
+ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
+TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
+LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
+BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
+53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
+2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
+p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
+-----END CERTIFICATE-----
+
+ subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+ issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+-----BEGIN CERTIFICATE-----
+MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
+Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
+biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
+nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
+AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
+IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
+AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
+Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
+NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
+-----END CERTIFICATE-----
+ subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
+ issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
+-----BEGIN CERTIFICATE-----
+MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
+Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
+biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
+9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
+IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
+O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
+AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
+g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
+yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
+-----END CERTIFICATE-----
diff --git a/perl/ss.pl b/perl/ss.pl
new file mode 100644
index 0000000000..6687d567d9
--- /dev/null
+++ b/perl/ss.pl
@@ -0,0 +1,64 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$ssl_ctx=SSL::CTX->new("SSLv3_client");
+
+#$ssl_ctx->set_options("-info_callback" =>
+#	sub	{
+#		print STDERR $_[0]->state()."\n";
+#		}
+#	);
+
+$conn="localhost:4433";
+$conn=$ARGV[0] if $#ARGV >= 0;
+
+print $ssl_ctx."\n";
+$bio=BIO->new_buffer_ssl_connect($ssl_ctx);
+$bio->hostname($conn) || die $bio->error();
+
+#$bio->set_callback(
+#	sub	{
+#		my($bio,$state,$cmd,$buf,$lart,$ret)=@_;
+#		print STDERR "$state:$cmd\n";
+#		return($ret);
+#		}
+#	);
+
+#$b=$bio;
+#do	{
+#	print STDERR $b->type."\n";
+#	} while ($b=$b->next_bio);
+
+(($ret=$bio->syswrite("GET / HTTP/1.0\r\n\r\n")) > 0) || die $bio->error();
+$bio->flush;
+
+$data="";
+while (1)
+	{
+	$ret=$bio->getline;
+	$ret =~ s/[\r\n]//g;
+	print STDERR "$ret\n";
+	last if $ret eq "";
+	$server=$1 if $ret=~ /^Server: (.*)/;
+	}
+
+
+print "server is $server\n";
+$x509=$ssl->get_peer_certificate();
+print "version     :".$x509->get_version()."\n";
+print "serialNumber:".$x509->get_serialNumber()->bn2hex."\n";
+print "subject     :".$x509->get_subject_name()."\n";
+print "issuer      :". $x509->get_issuer_name()."\n";
+
+$c=$ssl->get_current_cipher;
+($i,$a)=$c->get_bits;
+$v=$c->get_version;
+$n=$c->get_name;
+
+$ssl=$bio->get_ssl();
+print "protocol=".$ssl->get_version."\n";
+print "bits=$i($a) cipher type=$v cipher=$n\n";
+
diff --git a/perl/ssl.pl b/perl/ssl.pl
new file mode 100644
index 0000000000..4a5569fab1
--- /dev/null
+++ b/perl/ssl.pl
@@ -0,0 +1,71 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$ssl_ctx=SSL::CTX->new("SSLv3");
+
+$ssl_ctx->set_options("-info_callback" =>
+	sub	{
+		print STDERR $_[0]->state()."\n";
+		}
+	);
+
+$conn="localhost:4433";
+$conn=$ARGV[0] if $#ARGV >= 0;
+$bio=BIO->new("connect");
+$bio->hostname($conn) || die $ssl->error();
+
+#$bbio=BIO->new("buffer");
+#$bbio->push($cbio);
+#$bio=$bbio;
+
+#$bio->set_callback(
+#	sub	{
+#		my($bio,$state,$cmd,$buf,$lart,$ret)=@_;
+#		print STDERR "$state:$cmd\n";
+#		return($ret);
+#		}
+#	);
+
+print STDERR "-1 ABCD\n";
+$ssl=$ssl_ctx->new_ssl;
+print STDERR "000 ABCD\n";
+$ssl->set_bio($bio);
+
+print STDERR "00 ABCD\n";
+(($ret=$ssl->connect()) > 0) || die $ssl->error();
+
+print STDERR "0 ABCD\n";
+
+(($ret=$ssl->syswrite("GET / HTTP/1.0\r\n\r\n")) > 0) || die $ssl->error();
+
+print STDERR "1 ABCD\n";
+$data="";
+while (1)
+	{
+print STDERR "2 ABCD\n";
+	$ret=$ssl->sysread($buf,1024);
+print STDERR "3 ABCD\n";
+	last if $ret <= 0;
+	$data.=$buf;
+	}
+
+print STDERR "4 ABCD\n";
+@a=split(/[\r]\n/,$data);
+($server)=grep(/^Server:/,@a);
+
+print "$server\n";
+$x509=$ssl->get_peer_certificate();
+print "subject:".$x509->get_subject_name()."\n";
+print "issuer:". $x509->get_issuer_name()."\n";
+
+$c=$ssl->get_current_cipher;
+($i,$a)=$c->get_bits;
+$v=$c->get_version;
+$n=$c->get_name;
+
+print "protocol=".$ssl->get_version."\n";
+print "bits=$i($a) cipher type=$v cipher=$n\n";
+
diff --git a/perl/ssl.txt b/perl/ssl.txt
new file mode 100644
index 0000000000..63c52a0e1d
--- /dev/null
+++ b/perl/ssl.txt
@@ -0,0 +1,43 @@
+SSL_CTX::new(method)
+	SSLv3
+	SSLv3_client
+	SSLv3_server
+	SSLv23
+	SSLv23_client
+	SSLv23_server
+	SSLv2
+	SSLv2_client
+	SSLv2_server
+
+SSL_CTX::use_PrivateKey_file(file[,type])
+	type eq "der" or "pem".  Default == 'pem'.
+
+SSL_CTX::set_options(...)
+	-info_callback	function
+
+SSL::new(SSL_CTX)
+
+SSL::connect(); returns 0, -1 or 1
+SSL::accept(); return 0, -1 or 1
+SSL::sysread(); as per sysread
+SSL::syswrite(); as per syswrite
+SSL::set_bio(bio);
+
+SSL::set_options(...)
+	-info_callback function
+	-connect_state
+	-accept_state
+
+SSL::state(); the state in numeric and text form.
+SSL::references(); debug stuff
+SSL::get_peer_certificate()
+SSL::do_handshake()
+SSL::renegotiate()
+SSL::shutdown()
+SSL::get_version()
+
+SSL::get_current_cipher();
+
+(key,alg)=SSL_CIPHER::get_bits();
+SSL_CIPHER::get_version();
+SSL_CIPHER::get_name();
diff --git a/perl/ssl.xs b/perl/ssl.xs
new file mode 100644
index 0000000000..6777cf7ada
--- /dev/null
+++ b/perl/ssl.xs
@@ -0,0 +1,474 @@
+#include "p5SSLeay.h"
+
+static int p5_ssl_ex_ssl_ptr=0;
+static int p5_ssl_ex_ssl_info_callback=0;
+static int p5_ssl_ex_ssl_ctx_ptr=0;
+static int p5_ssl_ctx_ex_ssl_info_callback=0;
+
+typedef struct ssl_ic_args_st {
+	SV *cb;
+	SV *arg;
+	} SSL_IC_ARGS;
+
+static void p5_ssl_info_callback(ssl,mode,ret)
+SSL *ssl;
+int mode;
+int ret;
+	{
+	int i;
+	SV *me,*cb;
+
+	me=(SV *)SSL_get_ex_data(ssl,p5_ssl_ex_ssl_ptr);
+	cb=(SV *)SSL_get_ex_data(ssl,p5_ssl_ex_ssl_info_callback);
+	if (cb == NULL)
+		cb=(SV *)SSL_CTX_get_ex_data(
+			SSL_get_SSL_CTX(ssl),p5_ssl_ctx_ex_ssl_info_callback);
+	if (cb != NULL)
+		{
+		dSP;
+
+		PUSHMARK(sp);
+		XPUSHs(me);
+		XPUSHs(sv_2mortal(newSViv(mode)));
+		XPUSHs(sv_2mortal(newSViv(ret)));
+		PUTBACK;
+
+		i=perl_call_sv(cb,G_DISCARD);
+		}
+	else
+		{
+		croak("Internal error in SSL p5_ssl_info_callback");
+		}
+	}
+
+int boot_ssl()
+	{
+	p5_ssl_ex_ssl_ptr=		
+		SSL_get_ex_new_index(0,"SSLeay::SSL",ex_new,NULL,ex_cleanup);
+	p5_ssl_ex_ssl_info_callback=
+		SSL_get_ex_new_index(0,"ssl_info_callback",NULL,NULL,
+			ex_cleanup);
+	p5_ssl_ex_ssl_ctx_ptr=
+		SSL_get_ex_new_index(0,"ssl_ctx_ptr",NULL,NULL,
+			ex_cleanup);
+	p5_ssl_ctx_ex_ssl_info_callback=
+		SSL_CTX_get_ex_new_index(0,"ssl_ctx_info_callback",NULL,NULL,
+			ex_cleanup);
+	return(1);
+	}
+
+MODULE =  SSLeay::SSL	PACKAGE = SSLeay::SSL::CTX PREFIX = p5_SSL_CTX_
+
+VERSIONCHECK: DISABLE
+
+void
+p5_SSL_CTX_new(...)
+	PREINIT:
+		SSL_METHOD *meth;
+		SSL_CTX *ctx;
+		char *method;
+	PPCODE:
+		pr_name("p5_SSL_CTX_new");
+		if ((items == 1) && SvPOK(ST(0)))
+			method=SvPV(ST(0),na);
+		else if ((items == 2) && SvPOK(ST(1)))
+			method=SvPV(ST(1),na);
+		else
+			croak("Usage: SSLeay::SSL_CTX::new(type)");
+			
+		if (strcmp(method,"SSLv3") == 0)
+			meth=SSLv3_method();
+		else if (strcmp(method,"SSLv3_client") == 0)
+			meth=SSLv3_client_method();
+		else if (strcmp(method,"SSLv3_server") == 0)
+			meth=SSLv3_server_method();
+		else if (strcmp(method,"SSLv23") == 0)
+			meth=SSLv23_method();
+		else if (strcmp(method,"SSLv23_client") == 0)
+			meth=SSLv23_client_method();
+		else if (strcmp(method,"SSLv23_server") == 0)
+			meth=SSLv23_server_method();
+		else if (strcmp(method,"SSLv2") == 0)
+			meth=SSLv2_method();
+		else if (strcmp(method,"SSLv2_client") == 0)
+			meth=SSLv2_client_method();
+		else if (strcmp(method,"SSLv2_server") == 0)
+			meth=SSLv2_server_method();
+		else
+			{
+			croak("Not passed a valid SSL method name, should be 'SSLv[23] [client|server]'");
+			}
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ctx=SSL_CTX_new(meth);
+		sv_setref_pv(ST(0), "SSLeay::SSL::CTX", (void*)ctx);
+
+int
+p5_SSL_CTX_use_PrivateKey_file(ctx,file,...)
+	SSL_CTX *ctx;
+	char *file;
+	PREINIT:
+		int i=SSL_FILETYPE_PEM;
+		char *ptr;
+	CODE:
+		pr_name("p5_SSL_CTX_use_PrivateKey_file");
+		if (items > 3)
+			croak("SSLeay::SSL::CTX::use_PrivateKey_file(ssl_ctx,file[,type])");
+		if (items == 3)
+			{
+			ptr=SvPV(ST(2),na);
+			if (strcmp(ptr,"der") == 0)
+				i=SSL_FILETYPE_ASN1;
+			else
+				i=SSL_FILETYPE_PEM;
+			}
+		RETVAL=SSL_CTX_use_RSAPrivateKey_file(ctx,file,i);
+	OUTPUT:
+		RETVAL
+
+int
+p5_SSL_CTX_set_options(ctx,...)
+	SSL_CTX *ctx;
+	PREINIT:
+		int i;
+		char *ptr;
+		SV *sv;
+	CODE:
+		pr_name("p5_SSL_CTX_set_options");
+
+		for (i=1; i<items; i++)
+			{
+			if (!SvPOK(ST(i)))
+				croak("Usage: SSLeay::SSL_CTX::set_options(ssl_ctx[,option,value]+)");
+			ptr=SvPV(ST(i),na);
+			if (strcmp(ptr,"-info_callback") == 0)
+				{
+				SSL_CTX_set_info_callback(ctx,
+					p5_ssl_info_callback);
+				sv=sv_mortalcopy(ST(i+1));
+				SvREFCNT_inc(sv);
+				SSL_CTX_set_ex_data(ctx,
+					p5_ssl_ctx_ex_ssl_info_callback,
+						(char *)sv);
+				i++;
+				}
+			else
+				{
+				croak("SSLeay::SSL_CTX::set_options(): unknown option");
+				}
+			}
+
+void
+p5_SSL_CTX_DESTROY(ctx)
+	SSL_CTX *ctx
+	PREINIT:
+		SV *sv;
+	PPCODE:
+		pr_name_d("p5_SSL_CTX_DESTROY",ctx->references);
+		SSL_CTX_free(ctx);
+
+MODULE =  SSLeay::SSL	PACKAGE = SSLeay::SSL PREFIX = p5_SSL_
+
+void
+p5_SSL_new(...)
+	PREINIT:
+		SV *sv_ctx;
+		SSL_CTX *ctx;
+		SSL *ssl;
+		int i;
+		SV *arg;
+	PPCODE:
+		pr_name("p5_SSL_new");
+		if ((items != 1) && (items != 2))
+			croak("Usage: SSLeay::SSL::new(ssl_ctx)");
+		if (sv_derived_from(ST(items-1),"SSLeay::SSL::CTX"))
+			{
+			IV tmp = SvIV((SV*)SvRV(ST(items-1)));
+			ctx=(SSL_CTX *)tmp;
+			sv_ctx=ST(items-1);
+			}
+		else
+			croak("ssl_ctx is not of type SSLeay::SSL::CTX");
+
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		ssl=SSL_new(ctx);
+		sv_setref_pv(ST(0), "SSLeay::SSL", (void*)ssl);
+
+		/* Now this is being a little hairy, we keep a pointer to
+		 * our perl reference.  We need to do a different one
+		 * to the one we return because it will have it's reference
+		 * count droped to 0 apon return and if we up its reference
+		 * count, it will never be DESTROYED */
+		arg=newSVsv(ST(0));
+		SSL_set_ex_data(ssl,p5_ssl_ex_ssl_ptr,(char *)arg);
+		SvREFCNT_inc(sv_ctx);
+		SSL_set_ex_data(ssl,p5_ssl_ex_ssl_ctx_ptr,(char *)sv_ctx);
+
+int
+p5_SSL_connect(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=SSL_connect(ssl);
+	OUTPUT:
+		RETVAL
+
+int
+p5_SSL_accept(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=SSL_connect(ssl);
+	OUTPUT:
+		RETVAL
+
+int
+p5_SSL_sysread(ssl,in,num, ...)
+	SSL *ssl;
+	SV *in;
+	int num;
+	PREINIT:
+		int i,n,olen;
+		int offset;
+		char *p;
+	CODE:
+		offset=0;
+		if (!SvPOK(in))
+			sv_setpvn(in,"",0);
+		SvPV(in,olen);
+		if (items > 3)
+			{
+			offset=SvIV(ST(3));
+			if (offset < 0)
+				{
+				if (-offset > olen)
+					croad("Offset outside string");
+				offset+=olen;
+				}
+			}
+		if ((num+offset) > olen)
+			{
+			SvGROW(in,num+offset+1);
+			p=SvPV(in,i);
+			memset(&(p[olen]),0,(num+offset)-olen+1);
+			}
+		p=SvPV(in,n);
+
+		i=SSL_read(ssl,p+offset,num);
+		RETVAL=i;
+		if (i <= 0) i=0;
+		SvCUR_set(in,offset+i);
+	OUTPUT:
+		RETVAL
+
+int
+p5_SSL_syswrite(ssl,in, ...)
+	SSL *ssl;
+	SV *in;
+	PREINIT:
+		char *ptr;
+		int len,in_len;
+		int offset=0;
+		int n;
+	CODE:
+		ptr=SvPV(in,in_len);
+		if (items > 2)
+			{
+			len=SvOK(ST(2))?SvIV(ST(2)):in_len;
+			if (items > 3)
+				{
+				offset=SvIV(ST(3));
+				if (offset < 0)
+					{
+					if (-offset > in_len)
+						croak("Offset outside string");
+					offset+=in_len;
+					}
+				else if ((offset >= in_len) && (in_len > 0))
+					croak("Offset outside string");
+				}
+			if (len >= (in_len-offset))
+				len=in_len-offset;
+			}
+		else
+			len=in_len;
+
+		RETVAL=SSL_write(ssl,ptr+offset,len);
+	OUTPUT:
+		RETVAL
+
+void
+p5_SSL_set_bio(ssl,bio)
+	SSL *ssl;
+	BIO *bio;
+	CODE:
+		bio->references++;
+		SSL_set_bio(ssl,bio,bio);
+
+int
+p5_SSL_set_options(ssl,...)
+	SSL *ssl;
+	PREINIT:
+		int i;
+		char *ptr;
+		SV *sv;
+	CODE:
+		pr_name("p5_SSL_set_options");
+
+		for (i=1; i<items; i++)
+			{
+			if (!SvPOK(ST(i)))
+				croak("Usage: SSLeay::SSL::set_options(ssl[,option,value]+)");
+			ptr=SvPV(ST(i),na);
+			if (strcmp(ptr,"-info_callback") == 0)
+				{
+				SSL_set_info_callback(ssl,
+					p5_ssl_info_callback);
+				sv=sv_mortalcopy(ST(i+1));
+				SvREFCNT_inc(sv);
+				SSL_set_ex_data(ssl,
+					p5_ssl_ex_ssl_info_callback,(char *)sv);
+				i++;
+				}
+			else if (strcmp(ptr,"-connect_state") == 0)
+				{
+				SSL_set_connect_state(ssl);
+				}
+			else if (strcmp(ptr,"-accept_state") == 0)
+				{
+				SSL_set_accept_state(ssl);
+				}
+			else
+				{
+				croak("SSLeay::SSL::set_options(): unknown option");
+				}
+			}
+
+void
+p5_SSL_state(ssl)
+	SSL *ssl;
+	PREINIT:
+		int state;
+	PPCODE:
+		pr_name("p5_SSL_state");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		state=SSL_state(ssl);
+		sv_setpv(ST(0),SSL_state_string_long(ssl));
+		sv_setiv(ST(0),state);
+		SvPOK_on(ST(0));
+
+void
+p5_SSL_DESTROY(ssl)
+	SSL *ssl;
+	CODE:
+	pr_name_dd("p5_SSL_DESTROY",ssl->references,ssl->ctx->references);
+	fprintf(stderr,"SSL_DESTROY %d\n",ssl->references);
+	SSL_free(ssl);
+
+int
+p5_SSL_references(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=ssl->references;
+	OUTPUT:
+		RETVAL
+
+int
+p5_SSL_do_handshake(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=SSL_do_handshake(ssl);
+	OUTPUT:
+		RETVAL
+
+int
+p5_SSL_renegotiate(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=SSL_renegotiate(ssl);
+	OUTPUT:
+		RETVAL
+
+int
+p5_SSL_shutdown(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=SSL_shutdown(ssl);
+	OUTPUT:
+		RETVAL
+
+char *
+p5_SSL_get_version(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=SSL_get_version(ssl);
+	OUTPUT:
+		RETVAL
+
+SSL_CIPHER *
+p5_SSL_get_current_cipher(ssl)
+	SSL *ssl;
+	CODE:
+		RETVAL=SSL_get_current_cipher(ssl);
+	OUTPUT:
+		RETVAL
+
+X509 *
+p5_SSL_get_peer_certificate(ssl)
+	SSL *ssl
+	CODE:
+		RETVAL=SSL_get_peer_certificate(ssl);
+	OUTPUT:
+		RETVAL
+
+MODULE =  SSLeay::SSL	PACKAGE = SSLeay::SSL::CIPHER PREFIX = p5_SSL_CIPHER_
+
+int
+p5_SSL_CIPHER_get_bits(sc)
+	SSL_CIPHER *sc
+	PREINIT:
+		int i,ret;
+	PPCODE:
+		EXTEND(sp,2);
+		PUSHs(sv_newmortal());
+		PUSHs(sv_newmortal());
+		ret=SSL_CIPHER_get_bits(sc,&i);
+		sv_setiv(ST(0),(IV)ret);
+		sv_setiv(ST(1),(IV)i);
+
+char *
+p5_SSL_CIPHER_get_version(sc)
+	SSL_CIPHER *sc
+	CODE:
+		RETVAL=SSL_CIPHER_get_version(sc);
+	OUTPUT:
+		RETVAL
+
+char *
+p5_SSL_CIPHER_get_name(sc)
+	SSL_CIPHER *sc
+	CODE:
+		RETVAL=SSL_CIPHER_get_name(sc);
+	OUTPUT:
+		RETVAL
+
+MODULE =  SSLeay::SSL	PACKAGE = SSLeay::BIO PREFIX = p5_BIO_
+
+void
+p5_BIO_get_ssl(bio)
+	BIO *bio;
+	PREINIT:
+		SSL *ssl;
+		SV *ret;
+		int i;
+	PPCODE:
+		if ((i=BIO_get_ssl(bio,&ssl)) > 0)
+			{
+			ret=(SV *)SSL_get_ex_data(ssl,p5_ssl_ex_ssl_ptr);
+			ret=sv_mortalcopy(ret);
+			}
+		else
+			ret= &sv_undef;
+		EXTEND(sp,1);
+		PUSHs(ret);
+
diff --git a/perl/ssl_srvr.pl b/perl/ssl_srvr.pl
new file mode 100644
index 0000000000..419402f12b
--- /dev/null
+++ b/perl/ssl_srvr.pl
@@ -0,0 +1,35 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$ssl_ctx=SSL::CTX->new("SSLv3");
+
+$ssl_ctx->set_options("-info_callback" =>
+	sub	{
+		print STDERR $_[0]->state()."\n";
+		}
+	);
+
+$ssl_ctx->use_PrivateKey_file("server.pem");
+
+$conn="localhost:4433";
+$conn=$ARGV[0] if $#ARGV >= 0;
+$bio=BIO->new("connect");
+$bio->hostname($conn) || die $ssl->error();
+
+$ssl=$ssl_ctx->new_ssl;
+$ssl->set_bio($bio);
+
+(($ret=$ssl->connect()) > 0) || die $ssl->error();
+
+(($ret=$ssl->write("GET / HTTP/1.0\r\n\r\n")) > 0) || die $ssl->error();
+
+while (1)
+	{
+	$ret=$ssl->read($buf,10240);
+	last if ($ret <= 0);
+	print $buf;
+	}
+
diff --git a/perl/sslbio.pl b/perl/sslbio.pl
new file mode 100644
index 0000000000..fd80ad8584
--- /dev/null
+++ b/perl/sslbio.pl
@@ -0,0 +1,40 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$ssl_ctx=SSL::CTX->new("SSLv3");
+
+#$ssl_ctx->set_options("-info_callback" =>
+#	sub	{
+#		print STDOUT $_[0]->state()."\n";
+#		}
+#	);
+
+# create a ssl bio
+$bssl=BIO->new("ssl");
+$bssl->set_ssl($ssl_ctx->new_ssl()) || die $bssl->error();
+$bssl->get_ssl->set_options("-connect_state") || die $ssl->error();
+
+$bssl->set_callback(sub { printf "XXXXXXXXXXXXXXXXXXXXXX %d %s\n",$_[1],$_[0]->type; });
+
+# create connect bio
+$host="localhost:4433";
+$host=$ARGV[0] if $#ARGV >= 0;
+$bio=BIO->new("connect");
+$bio->hostname($host) || die $bio->error();
+
+# push it in
+$bssl->push($bio);
+
+(($ret=$bssl->write("GET / HTTP/1.0\r\n\r\n")) > 0) || die $bssl->error();
+
+while (1)
+	{
+	$ret=$bssl->read($buf,10240);
+	last if ($ret <= 0);
+	print $buf;
+	}
+
+
diff --git a/perl/t.pl b/perl/t.pl
new file mode 100644
index 0000000000..650d0efb0b
--- /dev/null
+++ b/perl/t.pl
@@ -0,0 +1,12 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$a=SSLeay::BN::dec2bn("1231353465324563455");
+print "a=$a\n".$a->bn2dec."\n";
+$b=SSLeay::BN::dec2bn("98790816238765235");
+print "a=$a\nb=$b\n";
+print $a->gcd($b)."\n";
+
diff --git a/perl/test b/perl/test
new file mode 100644
index 0000000000..3977c48865
--- /dev/null
+++ b/perl/test
@@ -0,0 +1,32 @@
+30373b8dbfc38d360bda81fad2fb462e  8  0  8 des-ecb
+a5f61a73a0894979d46c2481e9f27151  8  8  1 des-cfb
+a64a08dc69e79becccde95bed6239fca  8  8  1 des-ofb
+553d168193e54100524541f2c473b705  8  8  8 des-cbc
+bb75383e4aad6d83418dde16c6cea6f5 16  0  8 des-ede
+3ea71cd9a2e50d82d66b433e9471eeb2 16  8  1 des-ede-cfb
+3d56b76d43dc8d51647773bc9719a355 16  8  1 des-ede-ofb
+eafa89aae63167b9798639c0e31223b4 16  8  8 des-ede-cbc
+a952f8c409fb0df75a7df1aa54ba30b8 24  0  8 des-ede3
+0badccc43a14d8503d33f32a2345bbd2 24  8  1 des-ede3-cfb
+bae638c0e33850d02c792ed0e3d6b600 24  8  1 des-ede3-ofb
+ec4522bbefabf0198126683e661325e2 24  8  8 des-ede3-cbc
+4431f05d198d8afc003aeec85bea01b9 24  8  8 desx-cbc
+606af8d6f30c1fd9c647df5eb716ae0f 16  0  1 rc4
+4aaaf7e4bc3fd2caa6318a4852f636f4  5  0  1 rc4-40
+77e0851e8c96c4a1e26140d1ec822036 16  0  8 idea-ecb
+a28e51e283519fde0e128bcb697bc23e 16  8  1 idea-cfb
+17d0e70f07de6c08e9673d52987599ab 16  8  1 idea-ofb
+0687cf6ca11ee45f8bf9c29525405a4d 16  8  8 idea-cbc
+e2268681a63198fe38282b0a1bb6ed36 16  0  8 rc2-ecb
+f48748e6386790e639bbee4fccaa5067 16  8  8 rc2-cbc
+f250cfe829ef797d6866e32526ec4fe4  5  8  8 rc2-40-cbc
+a372f970b6c346341a2899bb872a7349 16  8  1 rc2-cfb
+d2da66102dea6b833f0fbf71e2cb4988 16  8  1 rc2-ofb
+237b0ef0e4f7fb28a5708d59773caecf 16  0  8 bf-ecb
+c58cf5da90472caf0f0b7fafb0590977 16  8  1 bf-cfb
+1f3e49e2e27f9ad177a6a64b09d361ed 16  8  1 bf-ofb
+66acaf2cb5f301580c59fa17d005b716 16  8  8 bf-cbc
+3548c9fe9fcd13f647ae177a15915af9 16  0  8 cast5-ecb
+e8d074ad8cc0d3d828da80ab18452f91 16  8  1 cast5-cfb
+5331eb4351c2048c27c8a8901fd29e20 16  8  1 cast5-ofb
+8033607fdb68598cc62c379af218eeeb 16  8  8 cast5-cbc
diff --git a/perl/test.pl b/perl/test.pl
new file mode 100644
index 0000000000..350b1a96fa
--- /dev/null
+++ b/perl/test.pl
@@ -0,0 +1,30 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+($a=SSLeay::BN::new()) || die "unable to make bignum\n";
+($b=SSLeay::BN::new()) || die "unable to make bignum\n";
+
+$a=SSLeay::BN::hex2bn("123456789ABCDEF");
+$b=SSLeay::BN::hex2bn("123456789ABCDEF");
+$mod=SSLeay::BN::hex2bn("fedcba9876543201");
+$c=SSLeay::BN::hex2bn("1234");
+
+print "a=".$a->bn2hex()."\n";
+print "b=".$b->bn2hex()."\n";
+print "c=".$c->bn2hex()."\n";
+
+print $a->mul($b)->bn2hex."\n";
+($d,$r)=$b->div($c);
+print "($d)($r)\n";
+printf "%s x %s + %s\n",$c->bn2hex,$d->bn2hex,$r->bn2hex;
+
+$g=$d;
+
+for (;;)
+	{
+	$a=$a->mod_mul($a,$mod);
+	print $a->bn2hex."\n";
+	}
diff --git a/perl/test.txt b/perl/test.txt
new file mode 100644
index 0000000000..ff37ffd09b
--- /dev/null
+++ b/perl/test.txt
@@ -0,0 +1,36 @@
+30373b8dbfc38d360bda81fad2fb462e  8  0  8 des-ecb
+a5f61a73a0894979d46c2481e9f27151  8  8  1 des-cfb
+a64a08dc69e79becccde95bed6239fca  8  8  1 des-ofb
+553d168193e54100524541f2c473b705  8  8  8 des-cbc
+bb75383e4aad6d83418dde16c6cea6f5 16  0  8 des-ede
+3ea71cd9a2e50d82d66b433e9471eeb2 16  8  1 des-ede-cfb
+3d56b76d43dc8d51647773bc9719a355 16  8  1 des-ede-ofb
+eafa89aae63167b9798639c0e31223b4 16  8  8 des-ede-cbc
+a952f8c409fb0df75a7df1aa54ba30b8 24  0  8 des-ede3
+0badccc43a14d8503d33f32a2345bbd2 24  8  1 des-ede3-cfb
+bae638c0e33850d02c792ed0e3d6b600 24  8  1 des-ede3-ofb
+ec4522bbefabf0198126683e661325e2 24  8  8 des-ede3-cbc
+4431f05d198d8afc003aeec85bea01b9 24  8  8 desx-cbc
+606af8d6f30c1fd9c647df5eb716ae0f 16  0  1 rc4
+4aaaf7e4bc3fd2caa6318a4852f636f4  5  0  1 rc4-40
+77e0851e8c96c4a1e26140d1ec822036 16  0  8 idea-ecb
+a28e51e283519fde0e128bcb697bc23e 16  8  1 idea-cfb
+17d0e70f07de6c08e9673d52987599ab 16  8  1 idea-ofb
+0687cf6ca11ee45f8bf9c29525405a4d 16  8  8 idea-cbc
+e2268681a63198fe38282b0a1bb6ed36 16  0  8 rc2-ecb
+f48748e6386790e639bbee4fccaa5067 16  8  8 rc2-cbc
+f250cfe829ef797d6866e32526ec4fe4  5  8  8 rc2-40-cbc
+a372f970b6c346341a2899bb872a7349 16  8  1 rc2-cfb
+d2da66102dea6b833f0fbf71e2cb4988 16  8  1 rc2-ofb
+237b0ef0e4f7fb28a5708d59773caecf 16  0  8 bf-ecb
+c58cf5da90472caf0f0b7fafb0590977 16  8  1 bf-cfb
+1f3e49e2e27f9ad177a6a64b09d361ed 16  8  1 bf-ofb
+66acaf2cb5f301580c59fa17d005b716 16  8  8 bf-cbc
+3548c9fe9fcd13f647ae177a15915af9 16  0  8 cast5-ecb
+e8d074ad8cc0d3d828da80ab18452f91 16  8  1 cast5-cfb
+5331eb4351c2048c27c8a8901fd29e20 16  8  1 cast5-ofb
+8033607fdb68598cc62c379af218eeeb 16  8  8 cast5-cbc
+e3a6760eb5e79bf4063cf0791e99842d 16  0  8 rc5-ecb
+2f5eab0d0992dcce8615a5a60966391a 16  8  1 rc5-cfb
+c5893e49e73342db2957b83b70f23e27 16  8  1 rc5-ofb
+683ce60c8b7bf028ec0d3dc0f018a1a4 16  8  8 rc5-cbc
diff --git a/perl/test2.pl b/perl/test2.pl
new file mode 100644
index 0000000000..741d3adcdd
--- /dev/null
+++ b/perl/test2.pl
@@ -0,0 +1,28 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+@md=();
+($c=SSLeay::Cipher::new("idea")) ||
+	die "'des' is an unknown cipher algorithm\n";
+
+printf "name      =%s\n" ,$c->name();
+printf "key length=%2d\n",$c->key_length();
+printf "iv length =%2d\n",$c->iv_length();
+printf "block size=%2d\n",$c->block_size();
+
+$data="1234";
+$c->init("01234567","abcdefgh",1);
+$in=$c->update($data);
+$in.=$c->final();
+
+$c->init("01234567","abcdefgh",0);
+$out=$c->update($in);
+$out.=$c->final();
+print $data;
+print " -> ";
+print $out;
+print "\n";
+
diff --git a/perl/test3.pl b/perl/test3.pl
new file mode 100644
index 0000000000..8ee262a08e
--- /dev/null
+++ b/perl/test3.pl
@@ -0,0 +1,19 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+@md=();
+($c=SSLeay::Cipher::new("idea")) ||
+	die "'des' is an unknown cipher algorithm\n";
+
+$key=" ";
+$iv=" ";
+$c->init($key,$iv,0);
+while (<>)
+	{
+	print $c->update($_);
+	}
+print $c->final();
+
diff --git a/perl/test8.pl b/perl/test8.pl
new file mode 100644
index 0000000000..86d356dc51
--- /dev/null
+++ b/perl/test8.pl
@@ -0,0 +1,19 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+# 2687145 * 3003 * 10^5072 - 1. 
+
+$a=SSLeay::BN::set_word(99);
+$b=SSLeay::BN::set_word(100);
+
+$aa=$a->dup;
+$bb=$b->dup;
+
+$c=$a*$b;
+$bb+=$a;
+
+print "$a*$b=$c\n";
+print "$bb\n";
diff --git a/perl/test9.pl b/perl/test9.pl
new file mode 100644
index 0000000000..ccc28005ac
--- /dev/null
+++ b/perl/test9.pl
@@ -0,0 +1,38 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+# 2687145 * 3003 * 10^5072 - 1. 
+
+$a=SSLeay::BN::set_word(2687145);
+$b=SSLeay::BN::set_word(3003);
+$c=SSLeay::BN::set_word(10);
+$d=SSLeay::BN::set_word(5072);
+$e=SSLeay::BN::set_word(1);
+
+print $a->bn2hex()."\n";
+print $b->bn2hex()."\n";
+print $c->bn2hex()."\n";
+print $d->bn2hex()."\n";
+print $e->bn2hex()."\n";
+
+$f=(($a->mul($b)->mul($c->exp($d)))->sub($e));
+#print "$a $b\n";
+
+$c=$a->mul($b);
+print "1->".$c->bn2hex()." \n";
+
+$c=$a*$b;
+print "2->".$c->bn2hex()." \n";
+$a*=$b;
+print "3->$a\n";
+
+print $f->bn2hex()." $a\n";
+print $a."\n";
+
+print "$a=(($b*$c)/$d);\n";
+$a=(($b*$c)/$d);
+print "$a\n";
+
diff --git a/perl/testbn.pl b/perl/testbn.pl
new file mode 100644
index 0000000000..a71f60c52c
--- /dev/null
+++ b/perl/testbn.pl
@@ -0,0 +1,23 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$num ="a43f6a8885a308d313198a2e03707344a4093822";
+$num.="299f31d0082efa98ec4e6c89452821e638d01377";
+$num.="be5466cf34e90c6cc0ac29b7c97c50dd3f84d5b5";
+$num.="b54709179216d5d98979fb1bd1310ba698dfb5ac";
+$num.="2ffd72dbd01adfb7b8e1afed6a267e96ba7c9045";
+$num.="f12c7f9924a19947b3916cf70801f2e2858efc16";
+$num.="636920d871574e69a458fea3f4933d7e0d95748f";
+$num.="728eb658718bcd5882154aee7b54a41dc25a59b5";
+$num.="9c30d5392af26013c5d1b023286085f0ca417918";
+$num.="b8db38ef8e79dcb0603a180e6c9e0e8bb01e8a3e";
+$num.="d71577c1bd314b2778af2fda55605c60e65525f3";
+$num.="aa55ab945748986263e8144055ca396a2aab10b6";
+$num.="b4cc5c341141e8cea15486af7c8f14a7";
+
+$a=SSLeay::BN::hex2bn($num);
+print "num bits =".$a->num_bits."\n";
+print $a->is_prime(50,sub {print STDERR $_[0]?"+":"."})."\n";
diff --git a/perl/testdec.pl b/perl/testdec.pl
new file mode 100644
index 0000000000..287332009b
--- /dev/null
+++ b/perl/testdec.pl
@@ -0,0 +1,14 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$a=SSLeay::BN::dec2bn("1234");
+
+foreach (1..4)
+	{
+	$a*=$a;
+	print $a."\n",$a->bn2dec()."\n";
+	}
+
diff --git a/perl/testmd.pl b/perl/testmd.pl
new file mode 100644
index 0000000000..a17ac6b90c
--- /dev/null
+++ b/perl/testmd.pl
@@ -0,0 +1,26 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+@md=();
+foreach ("md2", "md5", "sha", "sha1", "mdc2", "ripemd160")
+	{
+	($f=MD->new($_)) ||
+		die "$_ is an unknown message digest algorithm\n";
+	push(@md,$f);
+	}
+
+while (<>)
+	{
+	foreach $md (@md)
+		{ $md->update($_); }
+	}
+
+foreach (@md)
+	{
+	$digest=$_->final();
+	printf "%-4s=%s\n",$_->name(),unpack("H*",$digest);
+	}
+
diff --git a/perl/tt.pl b/perl/tt.pl
new file mode 100644
index 0000000000..31febc7d25
--- /dev/null
+++ b/perl/tt.pl
@@ -0,0 +1,15 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+for ($i=1; $i<1000; $i++)
+	{
+	$a.=$i%10;
+	$y=SSLeay::BN::dec2bn($a);
+	$z=SSLeay::BN::bn2dec($y);
+
+	print "$a\n$y\n$z\n";
+	}
+
diff --git a/perl/typemap b/perl/typemap
new file mode 100644
index 0000000000..5226fbc369
--- /dev/null
+++ b/perl/typemap
@@ -0,0 +1,96 @@
+
+datum			T_DATUM
+EVP_MD_CTX *		T_MD_CTX
+EVP_CIPHER_CTX *	T_CIPHER_CTX
+BIGNUM *		T_BIGNUM
+SSL_METHOD *		T_SSL_METHOD
+SSL_CTX *		T_SSL_CTX
+SSL_CIPHER *		T_SSL_CIPHER
+SSL *			T_SSL
+BIO *			T_BIO
+X509 *			T_X509
+
+INPUT
+T_DATUM
+	$var.dptr=SvPV($arg,$var.dsize);
+T_MD_CTX
+	if (sv_derived_from($arg, \"SSLeay::MD\")) {
+		IV tmp = SvIV((SV*)SvRV($arg));
+		$var = (EVP_MD_CTX *) tmp;
+		}
+	else
+		croak(\"$var is not of type SSLeay::MD\")
+T_CIPHER_CTX
+	if (sv_derived_from($arg, \"SSLeay::Cipher\")) {
+		IV tmp = SvIV((SV*)SvRV($arg));
+		$var = (EVP_CIPHER_CTX *) tmp;
+		}
+	else
+		croak(\"$var is not of type SSLeay::Cipher\")
+T_BIGNUM
+	sv_to_BIGNUM(&($var),$arg,\"$var is not of type SSLeay::MD, int or string\")
+T_SSL_METHOD
+	if (sv_derived_from($arg, \"SSLeay::SSL::METHOD\")) {
+		IV tmp = SvIV((SV*)SvRV($arg));
+		$var = (SSL_METHOD *) tmp;
+		}
+	else
+		croak(\"$var is not of type SSLeay::SSL::METHOD\")
+T_SSL_CTX
+	if (sv_derived_from($arg, \"SSLeay::SSL::CTX\")) {
+		IV tmp = SvIV((SV*)SvRV($arg));
+		$var = (SSL_CTX *) tmp;
+		}
+	else
+		croak(\"$var is not of type SSLeay::SSL::CTX\")
+T_SSL_CIPHER
+	if (sv_derived_from($arg, \"SSLeay::SSL::CIPHER\")) {
+		IV tmp = SvIV((SV*)SvRV($arg));
+		$var = (SSL_CIPHER *) tmp;
+		}
+	else
+		croak(\"$var is not of type SSLeay::SSL::CIPHER\")
+T_SSL
+	if (sv_derived_from($arg, \"SSLeay::SSL\")) {
+		IV tmp = SvIV((SV*)SvRV($arg));
+		$var = (SSL *) tmp;
+		}
+	else
+		croak(\"$var is not of type SSLeay::SSL\")
+T_BIO
+	if (sv_derived_from($arg, \"SSLeay::BIO\")) {
+		IV tmp = SvIV((SV*)SvRV($arg));
+		$var = (BIO *) tmp;
+		}
+	else
+		croak(\"$var is not of type SSLeay::BIO\")
+T_X509
+	if (sv_derived_from($arg, \"SSLeay::X509\")) {
+		IV tmp = SvIV((SV*)SvRV($arg));
+		$var = (X509 *) tmp;
+		}
+	else
+		croak(\"$var is not of type SSLeay::X509\")
+OUTPUT
+T_DATUM
+	sv_setpvn($arg,$var.dptr,$var.dsize);
+T_MD_CTX
+	sv_setref_pv($arg, \"SSLeay::MD\", (void*)$var);
+T_CIPHER_CTX
+	sv_setref_pv($arg, \"SSLeay::Cipher\", (void*)$var);
+T_BIGNUM
+	sv_setref_pv($arg, \"SSLeay::BN\", (void*)$var);
+T_SSL_METHOD
+	sv_setref_pv($arg, \"SSLeay::SSL::METHOD\", (void*)$var);
+T_SSL_CTX
+	sv_setref_pv($arg, \"SSLeay::SSL::CTX\", (void*)$var);
+T_SSL_CIPHER
+	sv_setref_pv($arg, \"SSLeay::SSL::CIPHER\", (void*)$var);
+T_SSL
+	sv_setref_pv($arg, \"SSLeay::SSL\", (void*)$var);
+T_BIO
+	sv_setref_pv($arg, \"SSLeay::BIO\", (void*)$var);
+T_X509
+	sv_setref_pv($arg, \"SSLeay::X509\", (void*)$var);
+
+
diff --git a/perl/x509.txt b/perl/x509.txt
new file mode 100644
index 0000000000..8468eff512
--- /dev/null
+++ b/perl/x509.txt
@@ -0,0 +1,6 @@
+X509::new()
+
+X509::get_verson()
+X509::get_serial_number()
+X509::get_subject_name()
+X509::get_issuer_name()
diff --git a/perl/x509.xs b/perl/x509.xs
new file mode 100644
index 0000000000..67633ad225
--- /dev/null
+++ b/perl/x509.xs
@@ -0,0 +1,74 @@
+#include "p5SSLeay.h"
+
+MODULE =  SSLeay::X509	PACKAGE = SSLeay::X509	PREFIX = p5_X509_
+
+PROTOTYPES: ENABLE
+VERSIONCHECK: DISABLE
+
+void
+p5_X509_new(void )
+	PREINIT:
+		X509 *x509;
+		SV *arg;
+	PPCODE:
+		pr_name("p5_X509_new");
+		EXTEND(sp,1);
+		PUSHs(sv_newmortal());
+		x509=X509_new();
+		sv_setref_pv(ST(0),"SSLeay::X509",(void *)x509);
+
+char *
+p5_X509_get_subject_name(x509)
+	X509 *x509;
+	PREINIT:
+		char *p;
+		X509_NAME *name;
+		char buf[1024];
+		int i;
+	CODE:
+		name=X509_get_subject_name(x509);
+		X509_NAME_oneline(name,buf,sizeof(buf));
+		p= &(buf[0]);
+		RETVAL=p;
+	OUTPUT:
+		RETVAL
+
+char *
+p5_X509_get_issuer_name(x509)
+	X509 *x509;
+	PREINIT:
+		char *p;
+		X509_NAME *name;
+		char buf[1024];
+		int i;
+	CODE:
+		name=X509_get_issuer_name(x509);
+		X509_NAME_oneline(name,buf,sizeof(buf));
+		p= &(buf[0]);
+		RETVAL=p;
+	OUTPUT:
+		RETVAL
+
+int
+p5_X509_get_version(x509)
+	X509 *x509;
+	CODE:
+		RETVAL=X509_get_version(x509);
+	OUTPUT:
+		RETVAL
+
+BIGNUM *
+p5_X509_get_serialNumber(x509)
+	X509 *x509;
+	CODE:
+		RETVAL=ASN1_INTEGER_to_BN(X509_get_serialNumber(x509),NULL);
+	OUTPUT:
+		RETVAL
+
+void
+p5_X509_DESTROY(x509)
+	X509 *x509;
+	CODE:
+	pr_name("p5_X509_DESTROY");
+	X509_free(x509);
+
diff --git a/perl/xstmp.c b/perl/xstmp.c
new file mode 100644
index 0000000000..aa18959017
--- /dev/null
+++ b/perl/xstmp.c
@@ -0,0 +1,102 @@
+/* perl/xstmp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/*
+ * This file was generated automatically by xsubpp version 1.9402 from the 
+ * contents of SSLeay.xs. Do not edit this file, edit SSLeay.xs instead.
+ *
+ *	ANY CHANGES MADE HERE WILL BE LOST! 
+ *
+ */
+
+#line 1 "SSLeay.xs"
+#ifdef __cplusplus
+extern "C" {
+#endif
+#include "EXTERN.h"
+#include "perl.h"
+#include "XSUB.h"
+#ifdef __cplusplus
+}
+#endif
+
+typedef struct datum_st
+	{
+	char *dptr;
+	int dsize;
+	} datum;
+
+#include "crypto.h"
+#include "buffer.h"
+#include "bio.h"
+#include "evp.h"
+#include "err.h"
+#include "x509.h"
+#include "ssl.h"
+
+#if 0
+#define pr_name(name)		printf("%s\n",name)
+#define pr_name_d(name,p2)	printf("%s %d\n",name,p2)
+#define pr_name_dd(name,p2,p3)	printf("%s %d %d\n",name,p2,p3)
+#else
+#define pr_name(name)
+#define pr_name_d(name,p2)
+#define pr_name_dd(name,p2,p3)
+#endif
+
+#include "callback.c"
+
diff --git a/perl/y.pl b/perl/y.pl
new file mode 100644
index 0000000000..e869460ab7
--- /dev/null
+++ b/perl/y.pl
@@ -0,0 +1,7 @@
+#!/usr/local/bin/perl
+use ExtUtils::testlib;
+use SSLeay;
+
+$message=SSLeay::BN::dec2bn("936345681743241125150760694794510965960940252288797108931456691368672287489405603308617928680920874760917824938589009714909675985261365549781893129784821682998948722");
+
+print $message->bn2hex."\n";
diff --git a/perl/yy.pl b/perl/yy.pl
new file mode 100644
index 0000000000..4415b53886
--- /dev/null
+++ b/perl/yy.pl
@@ -0,0 +1,19 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+
+$a=SSLeay::BN::new();
+
+$a+="1234567";
+
+print $a->bn2hex()."\n";
+
+
+for (1 .. 20)
+	{
+	$a*=$a;
+	$b=$a->bn2hex();
+	print " ".$b."\n".length($b)."\n";
+	}
diff --git a/perl/z.pl b/perl/z.pl
new file mode 100644
index 0000000000..8bba1bdbd2
--- /dev/null
+++ b/perl/z.pl
@@ -0,0 +1,32 @@
+#!/usr/local/bin/perl
+
+use ExtUtils::testlib;
+
+use SSLeay;
+use Benchmark;
+
+$buf=('x' x (1024*1024));
+$buf=('x' x (1024*1024));
+
+@md=();
+foreach $name ("md2", "mdc2", "sha", "ripemd160", "sha1", "md5")
+	{
+	if (($name eq "md2") || ($name eq "mdc2"))
+		{ $num=5; }
+	else	{ $num=100; }
+
+	$t=timeit($num,'&hash($name)');
+	printf "%6d000 bytes/sec:$name\n",int(($num*1024*1024)/$t->[1]/1000);
+	}
+
+sub hash
+	{
+	my($name)=@_;
+	my($f,$digest);
+
+	($f=MD->new($name)) ||
+		die "$_ is an unknown message digest algorithm\n";
+	$f->update($buf);
+	$digest=$f->final();
+	}
+
diff --git a/perl/zz.pl b/perl/zz.pl
new file mode 100644
index 0000000000..5253f83bcc
--- /dev/null
+++ b/perl/zz.pl
@@ -0,0 +1,22 @@
+#!/usr/local/bin/perl
+use ExtUtils::testlib;
+use SSLeay;
+
+$a=SSLeay::BN::dec2bn("12345678901234567890");
+$b=SSLeay::BN::dec2bn("98765432109876543210");
+print "a=$a\n";
+print "b=$b\n";
+
+$n=$a*$b;
+$m=$n+"1223123235345634764534567889";
+$l=$m*88888888;
+
+$r=$l/$b;
+
+print "a=$a\n";
+print "b=$b\n";
+print "n=$n\n";
+print "m=$m\n";
+print "l=$l\n";
+print "r=$r\n";
+
diff --git a/rsaref/Makefile.ssl b/rsaref/Makefile.ssl
index e0e4fb735f..b816b89f66 100644
--- a/rsaref/Makefile.ssl
+++ b/rsaref/Makefile.ssl
@@ -80,6 +80,6 @@ clean:
 
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../crypto/err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../crypto/err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/rsaref/rsar_err.c b/rsaref/rsar_err.c
index b77f3e7c1a..34840e99f5 100644
--- a/rsaref/rsar_err.c
+++ b/rsaref/rsar_err.c
@@ -60,6 +60,7 @@
 #include "rsaref.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA RSAREF_str_functs[]=
 	{
 {ERR_PACK(0,RSAREF_F_BN_REF_MOD_EXP,0),	"BN_REF_MOD_EXP"},
@@ -111,14 +112,19 @@ static ERR_STRING_DATA RSAREF_str_reasons[]=
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_RSAREF_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_RSAREF,RSAREF_str_functs);
 		ERR_load_strings(ERR_LIB_RSAREF,RSAREF_str_reasons);
+#endif
+
 		}
 	}
diff --git a/rsaref/rsaref.c b/rsaref/rsaref.c
index ac4fe01939..324460327d 100644
--- a/rsaref/rsaref.c
+++ b/rsaref/rsaref.c
@@ -1,5 +1,5 @@
 /* rsaref/rsaref.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -126,6 +126,8 @@ static RSA_METHOD rsa_pkcs1_ref_meth={
 	BN_ref_mod_exp,
 	NULL,
 	NULL,
+	0,
+	NULL,
 	};
 
 RSA_METHOD *RSA_PKCS1_RSAref()
diff --git a/rsaref/rsaref.err b/rsaref/rsaref.err
index 89f83b822c..ee02cdae76 100644
--- a/rsaref/rsaref.err
+++ b/rsaref/rsaref.err
@@ -16,17 +16,17 @@
 #define RSAREF_F_RSA_REF_PUBLIC_ENCRYPT			 112
 
 /* Reason codes. */
-#define RSAREF_R_CONTENT_ENCODING			 1024
-#define RSAREF_R_DATA					 1025
-#define RSAREF_R_DIGEST_ALGORITHM			 1026
-#define RSAREF_R_ENCODING				 1027
-#define RSAREF_R_ENCRYPTION_ALGORITHM			 1037
-#define RSAREF_R_KEY					 1028
-#define RSAREF_R_KEY_ENCODING				 1029
-#define RSAREF_R_LEN					 1030
-#define RSAREF_R_MODULUS_LEN				 1031
-#define RSAREF_R_NEED_RANDOM				 1032
-#define RSAREF_R_PRIVATE_KEY				 1033
-#define RSAREF_R_PUBLIC_KEY				 1034
-#define RSAREF_R_SIGNATURE				 1035
-#define RSAREF_R_SIGNATURE_ENCODING			 1036
+#define RSAREF_R_CONTENT_ENCODING			 0x0400
+#define RSAREF_R_DATA					 0x0401
+#define RSAREF_R_DIGEST_ALGORITHM			 0x0402
+#define RSAREF_R_ENCODING				 0x0403
+#define RSAREF_R_ENCRYPTION_ALGORITHM			 0x040d
+#define RSAREF_R_KEY					 0x0404
+#define RSAREF_R_KEY_ENCODING				 0x0405
+#define RSAREF_R_LEN					 0x0406
+#define RSAREF_R_MODULUS_LEN				 0x0407
+#define RSAREF_R_NEED_RANDOM				 0x0408
+#define RSAREF_R_PRIVATE_KEY				 0x0409
+#define RSAREF_R_PUBLIC_KEY				 0x040a
+#define RSAREF_R_SIGNATURE				 0x040b
+#define RSAREF_R_SIGNATURE_ENCODING			 0x040c
diff --git a/rsaref/rsaref.h b/rsaref/rsaref.h
index 52fc469dab..c264e288c9 100644
--- a/rsaref/rsaref.h
+++ b/rsaref/rsaref.h
@@ -1,5 +1,5 @@
 /* rsaref/rsaref.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -164,20 +164,20 @@ RSA_METHOD *RSA_PKCS1_RSAref();
 #define RSAREF_F_RSA_REF_PUBLIC_ENCRYPT			 112
 
 /* Reason codes. */
-#define RSAREF_R_CONTENT_ENCODING			 1024
-#define RSAREF_R_DATA					 1025
-#define RSAREF_R_DIGEST_ALGORITHM			 1026
-#define RSAREF_R_ENCODING				 1027
-#define RSAREF_R_ENCRYPTION_ALGORITHM			 1037
-#define RSAREF_R_KEY					 1028
-#define RSAREF_R_KEY_ENCODING				 1029
-#define RSAREF_R_LEN					 1030
-#define RSAREF_R_MODULUS_LEN				 1031
-#define RSAREF_R_NEED_RANDOM				 1032
-#define RSAREF_R_PRIVATE_KEY				 1033
-#define RSAREF_R_PUBLIC_KEY				 1034
-#define RSAREF_R_SIGNATURE				 1035
-#define RSAREF_R_SIGNATURE_ENCODING			 1036
+#define RSAREF_R_CONTENT_ENCODING			 0x0400
+#define RSAREF_R_DATA					 0x0401
+#define RSAREF_R_DIGEST_ALGORITHM			 0x0402
+#define RSAREF_R_ENCODING				 0x0403
+#define RSAREF_R_ENCRYPTION_ALGORITHM			 0x040d
+#define RSAREF_R_KEY					 0x0404
+#define RSAREF_R_KEY_ENCODING				 0x0405
+#define RSAREF_R_LEN					 0x0406
+#define RSAREF_R_MODULUS_LEN				 0x0407
+#define RSAREF_R_NEED_RANDOM				 0x0408
+#define RSAREF_R_PRIVATE_KEY				 0x0409
+#define RSAREF_R_PUBLIC_KEY				 0x040a
+#define RSAREF_R_SIGNATURE				 0x040b
+#define RSAREF_R_SIGNATURE_ENCODING			 0x040c
  
 #ifdef  __cplusplus
 }
diff --git a/shlib/linux.sh b/shlib/linux.sh
index 4d2b98d2c1..f80292d90c 100644
--- a/shlib/linux.sh
+++ b/shlib/linux.sh
@@ -3,13 +3,13 @@
 echo "#define DATE      \"`date`\"" >crypto/date.h
 
 major="0"
-minor="8.0"
+minor="8.2"
 slib=libssl
 clib=libcrypto
 CC=gcc
 CPP='gcc -E'
 AS=as
-FLAGS='-DTERMIO -O3 -DL_ENDIAN -fomit-frame-pointer -m486 -Wall'
+FLAGS='-DX86_ASM -DTERMIO -O3 -DL_ENDIAN -fomit-frame-pointer -m486 -Wall'
 #FLAGS='-DTERMIO -g2 -ggdb -DL_ENDIAN -m486 -Wall -DREF_CHECK -DCRYPTO_MDEBUG'
 INCLUDE='-Iinclude -Icrypto -Issl'
 SHFLAGS='-DPIC -fpic'
@@ -18,13 +18,13 @@ CFLAGS="$FLAGS $INCLUDE $SHFLAGS"
 ASM_OBJ="";
 
 echo compiling bignum assember
-$AS -o bn_asm.o crypto/bn/asm/x86-lnx.s
-CFLAGS="$CFLAGS -DBN_ASM"
+$CPP -DELF crypto/bn/asm/bn86unix.cpp | $AS -o bn_asm.o
+CFLAGS="$CFLAGS -DBN_ASM -DX86_ASM"
 ASM_OBJ="$ASM_OBJ bn_asm.o"
 
 echo compiling des assember
 $CPP -DELF crypto/des/asm/dx86unix.cpp | $AS -o des_enc.o
-$CPP -DELF crypto/des/asm/cx86unix.cpp | $AS -o fcrypt-b.o
+$CPP -DELF crypto/des/asm/yx86unix.cpp | $AS -o fcrypt-b.o
 CFLAGS="$CFLAGS -DDES_ASM"
 ASM_OBJ="$ASM_OBJ des_enc.o fcrypt-b.o"
 
@@ -33,12 +33,32 @@ $CPP -DELF crypto/bf/asm/bx86unix.cpp | $AS -o bf_enc.o
 CFLAGS="$CFLAGS -DBF_ASM"
 ASM_OBJ="$ASM_OBJ bf_enc.o"
 
+echo compiling cast assember
+$CPP -DELF crypto/cast/asm/cx86unix.cpp | $AS -o cast_enc.o
+CFLAGS="$CFLAGS -DCAST_ASM"
+ASM_OBJ="$ASM_OBJ cast_enc.o"
+
+echo compiling rc4 assember
+$CPP -DELF crypto/rc4/asm/rx86unix.cpp | $AS -o rc4_enc.o
+CFLAGS="$CFLAGS -DRC4_ASM"
+ASM_OBJ="$ASM_OBJ rc4_enc.o"
+
+echo compiling md5 assember
+$CPP -DELF crypto/md5/asm/mx86unix.cpp | $AS -o md5_enc.o
+CFLAGS="$CFLAGS -DMD5_ASM"
+ASM_OBJ="$ASM_OBJ md5_enc.o"
+
+echo compiling sha1 assember
+$CPP -DELF crypto/sha/asm/sx86unix.cpp | $AS -o sha1_enc.o
+CFLAGS="$CFLAGS -DSHA1_ASM"
+ASM_OBJ="$ASM_OBJ sha1_enc.o"
+
 echo compiling $clib
 $CC -c $CFLAGS -DCFLAGS="\"$FLAGS\"" -o crypto.o crypto/crypto.c
 
 echo linking $clib.so
 gcc $CFLAGS -shared -Wl,-soname,$clib.so.$major -o $clib.so.$major.$minor crypto.o $ASM_OBJ
-/bin/rm -f $clib.so $clib.$major
+/bin/rm -f $clib.so $clib.so.$major
 ln -s $clib.so.$major.$minor $clib.so
 ln -s $clib.so.$major.$minor $clib.so.$major
 
@@ -47,7 +67,7 @@ $CC -c $CFLAGS -o ssl.o ssl/ssl.c
 
 echo building $slib.so
 gcc $CFLAGS -shared -Wl,-soname,$slib.so.$major -o $slib.so.$major.$minor ssl.o
-/bin/rm -f $slib.so $slib.$mahor
+/bin/rm -f $slib.so $slib.so.$major
 ln -s $slib.so.$major.$minor $slib.so
 ln -s $slib.so.$major.$minor $slib.so.$major
 
diff --git a/ssl/Makefile.ssl b/ssl/Makefile.ssl
index f6f40e44fc..f4b13bf83b 100644
--- a/ssl/Makefile.ssl
+++ b/ssl/Makefile.ssl
@@ -23,17 +23,19 @@ APPS=
 
 LIB=$(TOP)/libssl.a
 LIBSRC=	\
-	s2_meth.c   s2_srvr.c s2_clnt.c  s2_lib.c  s2_pkt.c s2_enc.c \
-	s3_meth.c   s3_srvr.c s3_clnt.c  s3_lib.c  s3_pkt.c s3_enc.c s3_both.c \
-	s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \
+	s2_meth.c   s2_srvr.c s2_clnt.c  s2_lib.c  s2_enc.c s2_pkt.c \
+	s3_meth.c   s3_srvr.c s3_clnt.c  s3_lib.c  s3_enc.c s3_pkt.c s3_both.c \
+	s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c          s23_pkt.c \
+	t1_meth.c   t1_srvr.c t1_clnt.c  t1_lib.c  t1_enc.c \
 	ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
 	ssl_ciph.c ssl_stat.c ssl_rsa.c \
 	ssl_asn1.c ssl_txt.c ssl_algs.c \
 	bio_ssl.c $(ERRC).c
 LIBOBJ= \
-	s2_meth.o  s2_srvr.o  s2_clnt.o  s2_lib.o  s2_pkt.o s2_enc.o \
-	s3_meth.o  s3_srvr.o  s3_clnt.o  s3_lib.o  s3_pkt.o s3_enc.o s3_both.o \
-	s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \
+	s2_meth.o  s2_srvr.o  s2_clnt.o  s2_lib.o  s2_enc.o s2_pkt.o \
+	s3_meth.o  s3_srvr.o  s3_clnt.o  s3_lib.o  s3_enc.o s3_pkt.o s3_both.o \
+	s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o          s23_pkt.o \
+	t1_meth.o   t1_srvr.o t1_clnt.o  t1_lib.o  t1_enc.o \
 	ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
 	ssl_ciph.o ssl_stat.o ssl_rsa.o \
 	ssl_asn1.o ssl_txt.o ssl_algs.o \
@@ -41,7 +43,7 @@ LIBOBJ= \
 
 SRC= $(LIBSRC)
 
-EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h
+EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h
 HEADER=	$(EXHEADER) ssl_locl.h
 
 ALL=    $(GENERAL) $(SRC) $(HEADER)
@@ -93,6 +95,6 @@ clean:
 
 errors:
 	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../crypto/err/err_genc.pl $(ERR).h $(ERRC).c
+	perl ../crypto/err/err_genc.pl -s $(ERR).h $(ERRC).c
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c
index 6c0babaf30..58a6d69b9b 100644
--- a/ssl/bio_ssl.c
+++ b/ssl/bio_ssl.c
@@ -1,5 +1,5 @@
 /* ssl/bio_ssl.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -57,8 +57,10 @@
  */
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
 #include <errno.h>
+#include "crypto.h"
 #include "bio.h"
 #include "err.h"
 #include "ssl.h"
@@ -79,6 +81,17 @@ static int ssl_new();
 static int ssl_free();
 #endif
 
+typedef struct bio_ssl_st
+	{
+	SSL *ssl; /* The ssl handle :-) */
+	/* re-negotiate every time the total number of bytes is this size */
+	int num_renegotiates;
+	unsigned long renegotiate_count;
+	unsigned long byte_count;
+	unsigned long renegotiate_timeout;
+	unsigned long last_time;
+	} BIO_SSL;
+
 static BIO_METHOD methods_sslp=
 	{
 	BIO_TYPE_SSL,"ssl",
@@ -99,8 +112,17 @@ BIO_METHOD *BIO_f_ssl()
 static int ssl_new(bi)
 BIO *bi;
 	{
+	BIO_SSL *bs;
+
+	bs=(BIO_SSL *)Malloc(sizeof(BIO_SSL));
+	if (bs == NULL)
+		{
+		BIOerr(BIO_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
+		return(0);
+		}
+	memset(bs,0,sizeof(BIO_SSL));
 	bi->init=0;
-	bi->ptr=NULL;	/* The SSL structure */
+	bi->ptr=(char *)bs;
 	bi->flags=0;
 	return(1);
 	}
@@ -108,15 +130,20 @@ BIO *bi;
 static int ssl_free(a)
 BIO *a;
 	{
+	BIO_SSL *bs;
+
 	if (a == NULL) return(0);
-	if (a->ptr != NULL) SSL_shutdown((SSL *)a->ptr);
+	bs=(BIO_SSL *)a->ptr;
+	if (bs->ssl != NULL) SSL_shutdown(bs->ssl);
 	if (a->shutdown)
 		{
-		if (a->init) SSL_free((SSL *)a->ptr);
+		if (a->init && (bs->ssl != NULL))
+			SSL_free(bs->ssl);
 		a->init=0;
 		a->flags=0;
-		a->ptr=NULL;
 		}
+	if (a->ptr != NULL)
+		Free(a->ptr);
 	return(1);
 	}
 	
@@ -126,49 +153,74 @@ char *out;
 int outl;
 	{
 	int ret=1;
-	int inflags,outflags;
+	BIO_SSL *sb;
 	SSL *ssl;
 	int retry_reason=0;
+	int r=0;
 
 	if (out == NULL) return(0);
-	ssl=(SSL *)b->ptr;
+	sb=(BIO_SSL *)b->ptr;
+	ssl=sb->ssl;
 
-	inflags=outflags=b->flags;
-
-	outflags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY);
+	BIO_clear_retry_flags(b);
 
+#if 0
 	if (!SSL_is_init_finished(ssl))
 		{
-		ret=SSL_do_handshake(ssl);
-#if 0
+/*		ret=SSL_do_handshake(ssl); */
 		if (ret > 0)
 			{
+
 			outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
 			ret= -1;
 			goto end;
 			}
-#endif
 		}
-	if (ret > 0)
-		ret=SSL_read(ssl,out,outl);
+#endif
+/*	if (ret > 0) */
+	ret=SSL_read(ssl,out,outl);
 
 	switch (SSL_get_error(ssl,ret))
 		{
 	case SSL_ERROR_NONE:
 		if (ret <= 0) break;
+		if (sb->renegotiate_count > 0)
+			{
+			sb->byte_count+=ret;
+			if (sb->byte_count > sb->renegotiate_count)
+				{
+				sb->byte_count=0;
+				sb->num_renegotiates++;
+				SSL_renegotiate(ssl);
+				r=1;
+				}
+			}
+		if ((sb->renegotiate_timeout > 0) && (!r))
+			{
+			unsigned long tm;
+
+			tm=(unsigned long)time(NULL);
+			if (tm > sb->last_time+sb->renegotiate_timeout)
+				{
+				sb->last_time=tm;
+				sb->num_renegotiates++;
+				SSL_renegotiate(ssl);
+				}
+			}
+
 		break;
 	case SSL_ERROR_WANT_READ:
-		outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
+		BIO_set_retry_read(b);
 		break;
 	case SSL_ERROR_WANT_WRITE:
-		outflags=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
+		BIO_set_retry_write(b);
 		break;
 	case SSL_ERROR_WANT_X509_LOOKUP:
-		outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
+		BIO_set_retry_special(b);
 		retry_reason=BIO_RR_SSL_X509_LOOKUP;
 		break;
 	case SSL_ERROR_WANT_CONNECT:
-		outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
+		BIO_set_retry_special(b);
 		retry_reason=BIO_RR_CONNECT;
 		break;
 	case SSL_ERROR_SYSCALL:
@@ -179,7 +231,6 @@ int outl;
 		}
 
 	b->retry_reason=retry_reason;
-	b->flags=outflags;
 	return(ret);
 	}
 
@@ -188,38 +239,61 @@ BIO *b;
 char *out;
 int outl;
 	{
-	int ret;
-	int inflags,outflags,retry_reason=0;
+	int ret,r=0;
+	int retry_reason=0;
 	SSL *ssl;
+	BIO_SSL *bs;
 
 	if (out == NULL) return(0);
-	ssl=(SSL *)b->ptr;
-
-	inflags=outflags=b->flags;
+	bs=(BIO_SSL *)b->ptr;
+	ssl=bs->ssl;
 
-	outflags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY);
+	BIO_clear_retry_flags(b);
 
-	ret=SSL_do_handshake(ssl);
-	if (ret > 0)
-		ret=SSL_write(ssl,out,outl);
+/*	ret=SSL_do_handshake(ssl);
+	if (ret > 0) */
+	ret=SSL_write(ssl,out,outl);
 
 	switch (SSL_get_error(ssl,ret))
 		{
 	case SSL_ERROR_NONE:
 		if (ret <= 0) break;
+		if (bs->renegotiate_count > 0)
+			{
+			bs->byte_count+=ret;
+			if (bs->byte_count > bs->renegotiate_count)
+				{
+				bs->byte_count=0;
+				bs->num_renegotiates++;
+				SSL_renegotiate(ssl);
+				r=1;
+				}
+			}
+		if ((bs->renegotiate_timeout > 0) && (!r))
+			{
+			unsigned long tm;
+
+			tm=(unsigned long)time(NULL);
+			if (tm > bs->last_time+bs->renegotiate_timeout)
+				{
+				bs->last_time=tm;
+				bs->num_renegotiates++;
+				SSL_renegotiate(ssl);
+				}
+			}
 		break;
 	case SSL_ERROR_WANT_WRITE:
-		outflags=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
+		BIO_set_retry_write(b);
 		break;
 	case SSL_ERROR_WANT_READ:
-		outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
+		BIO_set_retry_read(b);
 		break;
 	case SSL_ERROR_WANT_X509_LOOKUP:
-		outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
+		BIO_set_retry_special(b);
 		retry_reason=BIO_RR_SSL_X509_LOOKUP;
 		break;
 	case SSL_ERROR_WANT_CONNECT:
-		outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
+		BIO_set_retry_special(b);
 		retry_reason=BIO_RR_CONNECT;
 	case SSL_ERROR_SYSCALL:
 	case SSL_ERROR_SSL:
@@ -228,7 +302,6 @@ int outl;
 		}
 
 	b->retry_reason=retry_reason;
-	b->flags=outflags;
 	return(ret);
 	}
 
@@ -239,10 +312,14 @@ long num;
 char *ptr;
 	{
 	SSL **sslp,*ssl;
+	BIO_SSL *bs;
 	BIO *dbio,*bio;
 	long ret=1;
 
-	ssl=(SSL *)b->ptr;
+	bs=(BIO_SSL *)b->ptr;
+	ssl=bs->ssl;
+	if ((ssl == NULL)  && (cmd != BIO_C_SET_SSL))
+		return(0);
 	switch (cmd)
 		{
 	case BIO_CTRL_RESET:
@@ -262,7 +339,6 @@ char *ptr;
 		else
 			ret=1;
 		break;
-	case BIO_CTRL_EOF:
 	case BIO_CTRL_INFO:
 		ret=0;
 		break;
@@ -272,17 +348,33 @@ char *ptr;
 		else
 			SSL_set_accept_state(ssl);
 		break;
+	case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT:
+		ret=bs->renegotiate_timeout;
+		if (num < 60) num=5;
+		bs->renegotiate_timeout=(unsigned long)num;
+		bs->last_time=(unsigned long)time(NULL);
+		break;
+	case BIO_C_SET_SSL_RENEGOTIATE_BYTES:
+		ret=bs->renegotiate_count;
+		if ((long)num >=512)
+			bs->renegotiate_count=(unsigned long)num;
+		break;
+	case BIO_C_GET_SSL_NUM_RENEGOTIATES:
+		ret=bs->num_renegotiates;
+		break;
 	case BIO_C_SET_SSL:
-		ssl_free(b);
+		if (ssl != NULL)
+			ssl_free(b);
 		b->shutdown=(int)num;
-		b->ptr=ptr;
 		ssl=(SSL *)ptr;
+		((BIO_SSL *)b->ptr)->ssl=ssl;
 		bio=SSL_get_rbio(ssl);
 		if (bio != NULL)
 			{
 			if (b->next_bio != NULL)
 				BIO_push(bio,b->next_bio);
 			b->next_bio=bio;
+			CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO);
 			}
 		b->init=1;
 		break;
@@ -292,6 +384,8 @@ char *ptr;
 			sslp=(SSL **)ptr;
 			*sslp=ssl;
 			}
+		else
+			ret=0;
 		break;
 	case BIO_CTRL_GET_CLOSE:
 		ret=b->shutdown;
@@ -313,10 +407,10 @@ char *ptr;
 		BIO_copy_next_retry(b);
 		break;
 	case BIO_CTRL_PUSH:
-		if (b->next_bio != NULL)
+		if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio))
 			{
 			SSL_set_bio(ssl,b->next_bio,b->next_bio);
-			b->next_bio->references++;
+			CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
 			}
 		break;
 	case BIO_CTRL_POP:
@@ -355,13 +449,35 @@ char *ptr;
 		break;
 	case BIO_CTRL_DUP:
 		dbio=(BIO *)ptr;
-		if (dbio->ptr != NULL)
-			SSL_free((SSL *)dbio->ptr);
-		dbio->ptr=(char *)SSL_dup(ssl);
-		ret=(dbio->ptr != NULL);
+		if (((BIO_SSL *)dbio->ptr)->ssl != NULL)
+			SSL_free(((BIO_SSL *)dbio->ptr)->ssl);
+		((BIO_SSL *)dbio->ptr)->ssl=SSL_dup(ssl);
+		((BIO_SSL *)dbio->ptr)->renegotiate_count=
+			((BIO_SSL *)b->ptr)->renegotiate_count;
+		((BIO_SSL *)dbio->ptr)->byte_count=
+			((BIO_SSL *)b->ptr)->byte_count;
+		((BIO_SSL *)dbio->ptr)->renegotiate_timeout=
+			((BIO_SSL *)b->ptr)->renegotiate_timeout;
+		((BIO_SSL *)dbio->ptr)->last_time=
+			((BIO_SSL *)b->ptr)->last_time;
+		ret=(((BIO_SSL *)dbio->ptr)->ssl != NULL);
+		break;
+	case BIO_C_GET_FD:
+		ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
+		break;
+	case BIO_CTRL_SET_CALLBACK:
+		SSL_set_info_callback(ssl,(void (*)())ptr);
+		break;
+	case BIO_CTRL_GET_CALLBACK:
+		{
+		void (**fptr)();
+
+		fptr=(void (**)())ptr;
+		*fptr=SSL_get_info_callback(ssl);
+		}
 		break;
 	default:
-		return(0);
+		ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
 		break;
 		}
 	return(ret);
@@ -378,6 +494,42 @@ char *str;
 	return(ret);
 	}
 
+BIO *BIO_new_buffer_ssl_connect(ctx)
+SSL_CTX *ctx;
+	{
+	BIO *ret=NULL,*buf=NULL,*ssl=NULL;
+
+	if ((buf=BIO_new(BIO_f_buffer())) == NULL)
+		return(NULL);
+	if ((ssl=BIO_new_ssl_connect(ctx)) == NULL)
+		goto err;
+	if ((ret=BIO_push(buf,ssl)) == NULL)
+		goto err;
+	return(ret);
+err:
+	if (buf != NULL) BIO_free(buf);
+	if (ssl != NULL) BIO_free(ssl);
+	return(NULL);
+	}
+
+BIO *BIO_new_ssl_connect(ctx)
+SSL_CTX *ctx;
+	{
+	BIO *ret=NULL,*con=NULL,*ssl=NULL;
+
+	if ((con=BIO_new(BIO_s_connect())) == NULL)
+		return(NULL);
+	if ((ssl=BIO_new_ssl(ctx,1)) == NULL)
+		goto err;
+	if ((ret=BIO_push(ssl,con)) == NULL)
+		goto err;
+	return(ret);
+err:
+	if (con != NULL) BIO_free(con);
+	if (ret != NULL) BIO_free(ret);
+	return(NULL);
+	}
+
 BIO *BIO_new_ssl(ctx,client)
 SSL_CTX *ctx;
 int client;
@@ -408,9 +560,10 @@ BIO *t,*f;
 	f=BIO_find_type(f,BIO_TYPE_SSL);
 	if ((t == NULL) || (f == NULL))
 		return(0);
-	if ((t->ptr == NULL) || (f->ptr == NULL))
+	if (	(((BIO_SSL *)t->ptr)->ssl == NULL) || 
+		(((BIO_SSL *)f->ptr)->ssl == NULL))
 		return(0);
-	SSL_copy_session_id((SSL *)t->ptr,(SSL *)f->ptr);
+	SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl,((BIO_SSL *)f->ptr)->ssl);
 	return(1);
 	}
 
@@ -423,7 +576,7 @@ BIO *b;
 		{
 		if (b->method->type == BIO_TYPE_SSL)
 			{
-			s=(SSL *)b->ptr;
+			s=((BIO_SSL *)b->ptr)->ssl;
 			SSL_shutdown(s);
 			break;
 			}
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 57d3623f3f..a4661ebb68 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -1,5 +1,5 @@
 /* ssl/s23_clnt.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -76,10 +76,12 @@ static int ssl23_get_server_hello();
 static SSL_METHOD *ssl23_get_client_method(ver)
 int ver;
 	{
-	if (ver == 2)
+	if (ver == SSL2_VERSION)
 		return(SSLv2_client_method());
-	else if (ver == 3)
+	else if (ver == SSL3_VERSION)
 		return(SSLv3_client_method());
+	else if (ver == TLS1_VERSION)
+		return(TLSv1_client_method());
 	else
 		return(NULL);
 	}
@@ -111,7 +113,7 @@ SSL *s;
 
 	RAND_seed((unsigned char *)&Time,sizeof(Time));
 	ERR_clear_error();
-	errno=0;
+	clear_sys_error();
 
 	if (s->info_callback != NULL)
 		cb=s->info_callback;
@@ -134,7 +136,7 @@ SSL *s;
 
 			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
 
-			s->version=3;
+			/* s->version=TLS1_VERSION; */
 			s->type=SSL_ST_CONNECT;
 
 			if (s->init_buf == NULL)
@@ -230,8 +232,26 @@ SSL *s;
 		p=d+9;
 
 		*(d++)=SSL2_MT_CLIENT_HELLO;
-		*(d++)=SSL3_VERSION_MAJOR;
-		*(d++)=SSL3_VERSION_MINOR;
+		if (!(s->options & SSL_OP_NO_TLSv1))
+			{
+			*(d++)=TLS1_VERSION_MAJOR;
+			*(d++)=TLS1_VERSION_MINOR;
+			}
+		else if (!(s->options & SSL_OP_NO_SSLv3))
+			{
+			*(d++)=SSL3_VERSION_MAJOR;
+			*(d++)=SSL3_VERSION_MINOR;
+			}
+		else if (!(s->options & SSL_OP_NO_SSLv2))
+			{
+			*(d++)=SSL2_VERSION_MAJOR;
+			*(d++)=SSL2_VERSION_MINOR;
+			}
+		else
+			{
+			SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE);
+			return(-1);
+			}
 
 		/* Ciphers supported */
 		i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p);
@@ -251,7 +271,7 @@ SSL *s;
 #endif
 		s2n(0,d);
 
-		if (s->ctx->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+		if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
 			ch_len=SSL2_CHALLENGE_LENGTH;
 		else
 			ch_len=SSL2_MAX_CHALLENGE_LENGTH;
@@ -290,7 +310,6 @@ SSL *s;
 	unsigned char *p;
 	int i,ch_len;
 	int n;
-	BIO *bbio;
 
 	n=ssl23_read_bytes(s,7);
 
@@ -306,6 +325,11 @@ SSL *s;
 		/* we need to clean up the SSLv3 setup and put in the
 		 * sslv2 stuff. */
 
+		if (s->options & SSL_OP_NO_SSLv2)
+			{
+			SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
+			goto err;
+			}
 		if (s->s2 == NULL)
 			{
 			if (!ssl2_new(s))
@@ -314,7 +338,7 @@ SSL *s;
 		else
 			ssl2_clear(s);
 
-		if (s->ctx->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+		if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
 			ch_len=SSL2_CHALLENGE_LENGTH;
 		else
 			ch_len=SSL2_MAX_CHALLENGE_LENGTH;
@@ -355,33 +379,13 @@ SSL *s;
 		}
 	else if ((p[0] == SSL3_RT_HANDSHAKE) &&
 		 (p[1] == SSL3_VERSION_MAJOR) &&
-		 (p[2] == SSL3_VERSION_MINOR) &&
+		 ((p[2] == SSL3_VERSION_MINOR) ||
+		  (p[2] == TLS1_VERSION_MINOR)) &&
 		 (p[5] == SSL3_MT_SERVER_HELLO))
 		{
-		/* we have sslv3 */
+		/* we have sslv3 or tls1 */
 
-		if (s->bbio == NULL)
-			{
-			bbio=BIO_new(BIO_f_buffer());
-			if (bbio == NULL)
-				{
-				SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
-				goto err;
-				}
-			s->bbio=bbio;
-			}
-		else
-			bbio=s->bbio;
-
-		BIO_reset(bbio);
-		if (!BIO_set_write_buffer_size(bbio,16*1024))
-			{
-			SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
-			goto err;
-			}
-
-		/* start the buffering */
-		s->wbio=BIO_push(s->bbio,s->wbio);
+		if (!ssl_init_wbio_buffer(s,1)) goto err;
 
 		/* we are in this state */
 		s->state=SSL3_ST_CR_SRVR_HELLO_A;
@@ -395,12 +399,30 @@ SSL *s;
 		s->s3->rbuf.left=n;
 		s->s3->rbuf.offset=0;
 
-		s->method=SSLv3_client_method();
+		if ((p[2] == SSL3_VERSION_MINOR) &&
+			!(s->options & SSL_OP_NO_SSLv3))
+			{
+			s->version=SSL3_VERSION;
+			s->method=SSLv3_client_method();
+			}
+		else if ((p[2] == TLS1_VERSION_MINOR) &&
+			!(s->options & SSL_OP_NO_TLSv1))
+			{
+			s->version=TLS1_VERSION;
+			s->method=TLSv1_client_method();
+			}
+		else
+			{
+			SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
+			goto err;
+			}
+			
 		s->handshake_func=s->method->ssl_connect;
 		}
 	else if ((p[0] == SSL3_RT_ALERT) &&
 		 (p[1] == SSL3_VERSION_MAJOR) &&
-		 (p[2] == SSL3_VERSION_MINOR) &&
+		 ((p[2] == SSL3_VERSION_MINOR) ||
+		  (p[2] == TLS1_VERSION_MINOR)) &&
 		 (p[3] == 0) &&
 		 (p[4] == 2))
 		{
@@ -421,7 +443,7 @@ SSL *s;
 			}
 
 		s->rwstate=SSL_NOTHING;
-		SSLerr(SSL_F_SSL3_READ_BYTES,1000+p[6]);
+		SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,1000+p[6]);
 		goto err;
 		}
 	else
diff --git a/ssl/s23_lib.c b/ssl/s23_lib.c
index ff19adc119..e16f641101 100644
--- a/ssl/s23_lib.c
+++ b/ssl/s23_lib.c
@@ -1,5 +1,5 @@
 /* ssl/s23_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -81,10 +81,10 @@ static SSL_CIPHER *ssl23_get_cipher_by_char();
 char *SSL23_version_str="SSLv2/3 compatablity part of SSLeay 0.7.0 30-Jan-1997";
 
 static SSL_METHOD SSLv23_data= {
-	3,
-	ssl3_new,
-	ssl3_clear,
-	ssl3_free,
+	TLS1_VERSION,
+	tls1_new,
+	tls1_clear,
+	tls1_free,
 	ssl_undefined_function,
 	ssl_undefined_function,
 	ssl23_read,
@@ -101,6 +101,7 @@ static SSL_METHOD SSLv23_data= {
 	ssl23_get_cipher,
 	ssl_bad_method,
 	ssl23_default_timeout,
+	&ssl3_undef_enc_method,
 	};
 
 static long ssl23_default_timeout()
@@ -179,7 +180,7 @@ int len;
 		return(0);
 		}
 #endif
-	errno=0;
+	clear_sys_error();
 	if (SSL_in_init(s) && (!s->in_handshake))
 		{
 		n=s->handshake_func(s);
@@ -212,7 +213,7 @@ int len;
 		return(0);
 		}
 #endif
-	errno=0;
+	clear_sys_error();
 	if (SSL_in_init(s) && (!s->in_handshake))
 		{
 		n=s->handshake_func(s);
diff --git a/ssl/s23_meth.c b/ssl/s23_meth.c
index dbe282bfd0..1eed7a54bc 100644
--- a/ssl/s23_meth.c
+++ b/ssl/s23_meth.c
@@ -1,5 +1,5 @@
 /* ssl/s23_meth.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -63,10 +63,12 @@
 static SSL_METHOD *ssl23_get_method(ver)
 int ver;
 	{
-	if (ver == 2)
+	if (ver == SSL2_VERSION)
 		return(SSLv23_method());
-	else if (ver == 3)
+	else if (ver == SSL3_VERSION)
 		return(SSLv3_method());
+	else if (ver == TLS1_VERSION)
+		return(TLSv1_method());
 	else
 		return(NULL);
 	}
diff --git a/ssl/s23_pkt.c b/ssl/s23_pkt.c
index e9b2add0b8..c25c312772 100644
--- a/ssl/s23_pkt.c
+++ b/ssl/s23_pkt.c
@@ -1,5 +1,5 @@
 /* ssl/s23_pkt.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c
index 398f005821..c7b9ecbcf2 100644
--- a/ssl/s23_srvr.c
+++ b/ssl/s23_srvr.c
@@ -1,5 +1,5 @@
 /* ssl/s23_srvr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -74,10 +74,12 @@ int ssl23_get_client_hello();
 static SSL_METHOD *ssl23_get_server_method(ver)
 int ver;
 	{
-	if (ver == 2)
+	if (ver == SSL2_VERSION)
 		return(SSLv2_server_method());
-	else if (ver == 3)
+	else if (ver == SSL3_VERSION)
 		return(SSLv3_server_method());
+	else if (ver == TLS1_VERSION)
+		return(TLSv1_server_method());
 	else
 		return(NULL);
 	}
@@ -109,7 +111,7 @@ SSL *s;
 
 	RAND_seed((unsigned char *)&Time,sizeof(Time));
 	ERR_clear_error();
-	errno=0;
+	clear_sys_error();
 
 	if (s->info_callback != NULL)
 		cb=s->info_callback;
@@ -132,7 +134,7 @@ SSL *s;
 
 			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
 
-			s->version=3;
+			/* s->version=SSL3_VERSION; */
 			s->type=SSL_ST_ACCEPT;
 
 			if (s->init_buf == NULL)
@@ -197,8 +199,7 @@ SSL *s;
 	unsigned char *p,*d,*dd;
 	unsigned int i;
 	unsigned int csl,sil,cl;
-	int n=0,j;
-	BIO *bbio;
+	int n=0,j,tls1=0;
 	int type=0,use_sslv2_strong=0;
 
 	/* read the initial header */
@@ -219,11 +220,28 @@ SSL *s;
 			if ((p[3] == 0x00) && (p[4] == 0x02))
 				{
 				/* SSLv2 */
-				type=1;
+				if (!(s->options & SSL_OP_NO_SSLv2))
+					type=1;
 				}
 			else if (p[3] == SSL3_VERSION_MAJOR)
 				{
-				if (s->ctx->options & SSL_OP_NON_EXPORT_FIRST)
+				/* SSLv3/TLSv1 */
+				if (p[4] >= TLS1_VERSION_MINOR)
+					{
+					if (!(s->options & SSL_OP_NO_TLSv1))
+						{
+						tls1=1;
+						s->state=SSL23_ST_SR_CLNT_HELLO_B;
+						}
+					else if (!(s->options & SSL_OP_NO_SSLv3))
+						{
+						s->state=SSL23_ST_SR_CLNT_HELLO_B;
+						}
+					}
+				else if (!(s->options & SSL_OP_NO_SSLv3))
+					s->state=SSL23_ST_SR_CLNT_HELLO_B;
+
+				if (s->options & SSL_OP_NON_EXPORT_FIRST)
 					{
 					STACK *sk;
 					SSL_CIPHER *c;
@@ -275,30 +293,37 @@ SSL *s;
 							}
 						}
 					}
-				/* SSLv3 */
-				s->state=SSL23_ST_SR_CLNT_HELLO_B;
 				}
 			}
 		else if ((p[0] == SSL3_RT_HANDSHAKE) &&
 			 (p[1] == SSL3_VERSION_MAJOR) &&
 			 (p[5] == SSL3_MT_CLIENT_HELLO))
 			{
-			/* true SSLv3 */
-			type=3;
+			/* true SSLv3 or tls1 */
+			if (p[2] >= TLS1_VERSION_MINOR)
+				{
+				if (!(s->options & SSL_OP_NO_TLSv1))
+					{
+					type=3;
+					tls1=1;
+					}
+				else if (!(s->options & SSL_OP_NO_SSLv3))
+					type=3;
+				}
+			else if (!(s->options & SSL_OP_NO_SSLv3))
+				type=3;
 			}
-		/* I will not introduce error codes since that will probably
-		 * disrupt the error codes alread allocated and could play
-		 * havoc with dynamic allocation.  Upgrade to 0.9.x :-)
-		 */
-		else if ((strncmp("GET ", (char *)p,4) == 0) ||
-			 (strncmp("POST ",(char *)p,5) == 0) ||
-			 (strncmp("HEAD ",(char *)p,5) == 0) ||
-			 (strncmp("PUT ", (char *)p,4) == 0))
+		else if ((strncmp("GET ", p,4) == 0) ||
+			 (strncmp("POST ",p,5) == 0) ||
+			 (strncmp("HEAD ",p,5) == 0) ||
+			 (strncmp("PUT ", p,4) == 0))
 			{
+			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST);
 			goto err;
 			}
-		else if (strncmp("CONNECT",(char *)p,7) == 0)
+		else if (strncmp("CONNECT",p,7) == 0)
 			{
+			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_REQUEST);
 			goto err;
 			}
 		}
@@ -306,7 +331,7 @@ SSL *s;
 next_bit:
 	if (s->state == SSL23_ST_SR_CLNT_HELLO_B)
 		{
-		/* we have a SSLv3 in a SSLv2 header */
+		/* we have a SSLv3/TLSv1 in a SSLv2 header */
 		type=2;
 		p=s->packet;
 		n=((p[0]&0x7f)<<8)|p[1];
@@ -334,7 +359,10 @@ next_bit:
 			}
 
 		*(d++)=SSL3_VERSION_MAJOR;
-		*(d++)=SSL3_VERSION_MINOR;
+		if (tls1)
+			*(d++)=TLS1_VERSION_MINOR;
+		else
+			*(d++)=SSL3_VERSION_MINOR;
 
 		/* lets populate the random area */
 		/* get the chalenge_length */
@@ -374,7 +402,7 @@ next_bit:
 	if (type == 1)
 		{
 		/* we are talking sslv2 */
-		/* we need to clean up the SSLv3 setup and put in the
+		/* we need to clean up the SSLv3/TLSv1 setup and put in the
 		 * sslv2 stuff. */
 
 		if (s->s2 == NULL)
@@ -394,7 +422,7 @@ next_bit:
 			}
 
 		s->state=SSL2_ST_GET_CLIENT_HELLO_A;
-		if ((s->ctx->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
+		if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
 			use_sslv2_strong)
 			s->s2->ssl2_rollback=0;
 		else
@@ -415,21 +443,9 @@ next_bit:
 
 	if ((type == 2) || (type == 3))
 		{
-		/* we have sslv3 */
+		/* we have SSLv3/TLSv1 */
 
-		if (s->bbio == NULL)
-			{
-			bbio=BIO_new(BIO_f_buffer());
-			if (bbio == NULL)
-				goto err;
-			s->bbio=bbio;
-			}
-		else
-			bbio=s->bbio;
-		BIO_reset(bbio);
-		if (!BIO_set_write_buffer_size(bbio,16*1024))
-			goto err;
-		s->wbio=BIO_push(bbio,s->wbio);
+		if (!ssl_init_wbio_buffer(s,1)) goto err;
 
 		/* we are in this state */
 		s->state=SSL3_ST_SR_CLNT_HELLO_A;
@@ -452,7 +468,16 @@ next_bit:
 			s->s3->rbuf.offset=0;
 			}
 
-		s->method=SSLv3_server_method();
+		if (tls1)
+			{
+			s->version=TLS1_VERSION;
+			s->method=TLSv1_server_method();
+			}
+		else
+			{
+			s->version=SSL3_VERSION;
+			s->method=SSLv3_server_method();
+			}
 		s->handshake_func=s->method->ssl_accept;
 		}
 	
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
index 67578a45ad..16df9ec565 100644
--- a/ssl/s2_clnt.c
+++ b/ssl/s2_clnt.c
@@ -1,5 +1,5 @@
 /* ssl/s2_clnt.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -57,9 +57,6 @@
  */
 
 #include <stdio.h>
-#ifndef NO_MD5
-#include "md5.h"
-#endif
 #include "rand.h"
 #include "buffer.h"
 #include "objects.h"
@@ -92,7 +89,7 @@ static int ssl_rsa_public_encrypt();
 static SSL_METHOD *ssl2_get_client_method(ver)
 int ver;
 	{
-	if (ver == 2)
+	if (ver == SSL2_VERSION)
 		return(SSLv2_client_method());
 	else
 		return(NULL);
@@ -125,7 +122,7 @@ SSL *s;
 
 	RAND_seed((unsigned char *)&l,sizeof(l));
 	ERR_clear_error();
-	errno=0;
+	clear_sys_error();
 
 	if (s->info_callback != NULL)
 		cb=s->info_callback;
@@ -149,7 +146,7 @@ SSL *s;
 
 			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
 
-			s->version=2;
+			s->version=SSL2_VERSION;
 			s->type=SSL_ST_CONNECT;
 
 			buf=s->init_buf;
@@ -262,6 +259,7 @@ SSL *s;
 			 */
 
 			ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
+			if (s->hit) s->ctx->sess_hit++;
 
 			ret=1;
 			/* s->server=0; */
@@ -298,7 +296,7 @@ SSL *s;
 	unsigned char *buf;
 	unsigned char *p;
 	int i,j;
-	STACK *sk,*cl;
+	STACK *sk=NULL,*cl;
 
 	buf=(unsigned char *)s->init_buf->data;
 	p=buf;
@@ -350,7 +348,7 @@ SSL *s;
 			}
 		if (s->s2->tmp.cert_type != 0)
 			{
-			if (!(s->ctx->options &
+			if (!(s->options &
 				SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG))
 				{
 				SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_TYPE_NOT_ZERO);
@@ -448,7 +446,7 @@ SSL *s;
 	 * cert, Free's it before we increment the reference count. */
 	CRYPTO_w_lock(CRYPTO_LOCK_X509);
 	s->session->peer=s->session->cert->key->x509;
-	s->session->peer->references++;
+	CRYPTO_add(&s->session->peer->references,1,CRYPTO_LOCK_X509);
 	CRYPTO_w_unlock(CRYPTO_LOCK_X509);
 
 	s->s2->conn_id_length=s->s2->tmp.conn_id_length;
@@ -736,7 +734,7 @@ SSL *s;
 		/* ok, now we calculate the checksum
 		 * do it first so we can reuse buf :-) */
 		p=buf;
-		EVP_SignInit(&ctx,EVP_md5());
+		EVP_SignInit(&ctx,s->ctx->rsa_md5);
 		EVP_SignUpdate(&ctx,s->s2->key_material,
 			(unsigned int)s->s2->key_material_length);
 		EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len);
@@ -856,12 +854,15 @@ SSL *s;
 	if (!s->hit) /* new session */
 		{
 		/* new session-id */
+		/* Make sure we were not trying to re-use an old SSL_SESSION
+		 * or bad things can happen */
+		/* ZZZZZZZZZZZZZ */
 		s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
 		memcpy(s->session->session_id,p,SSL2_SSL_SESSION_ID_LENGTH);
 		}
 	else
 		{
-		if (!(s->ctx->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
+		if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
 			{
 			if (memcmp(buf,s->session->session_id,
 				(unsigned int)s->session->session_id_length) != 0)
diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c
index b915f099e5..b43056fa14 100644
--- a/ssl/s2_enc.c
+++ b/ssl/s2_enc.c
@@ -1,5 +1,5 @@
 /* ssl/s2_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -59,9 +59,6 @@
 #include <stdio.h>
 #include "ssl_locl.h"
 
-#define RS	0
-#define WS	1
-
 int ssl2_enc_init(s, client)
 SSL *s;
 int client;
@@ -94,6 +91,9 @@ int client;
 	rs= s->enc_read_ctx;
 	ws= s->enc_write_ctx;
 
+	EVP_CIPHER_CTX_init(rs);
+	EVP_CIPHER_CTX_init(ws);
+
 	num=c->key_len;
 	s->s2->key_material_length=num*2;
 
diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index fb91582217..275eb52f13 100644
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -1,5 +1,5 @@
 /* ssl/s2_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -69,7 +69,7 @@ static int ssl2_ok();
 static long ssl2_default_timeout();
 #endif
 
-char *ssl2_version_str="SSLv2 part of SSLeay 0.8.1b 29-Jun-1998";
+char *ssl2_version_str="SSLv2 part of SSLeay 0.9.0b 29-Jun-1998";
 
 #define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
 
@@ -139,17 +139,6 @@ SSL_CIPHER ssl2_ciphers[]={
 	0,
 	SSL_ALL_CIPHERS,
 	},
-/* DES_64_CBC_WITH_SHA */
-#if 0
-	{
-	1,
-	SSL2_TXT_DES_64_CBC_WITH_SHA,
-	SSL2_CK_DES_64_CBC_WITH_SHA,
-	SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA0|SSL_NOT_EXP|SSL_SSLV2|SSL_LOW,
-	0,
-	SSL_ALL_CIPHERS,
-	},
-#endif
 /* DES_192_EDE3_CBC_WITH_MD5 */
 	{
 	1,
@@ -159,17 +148,6 @@ SSL_CIPHER ssl2_ciphers[]={
 	0,
 	SSL_ALL_CIPHERS,
 	},
-/* DES_192_EDE3_CBC_WITH_SHA */
-#if 0
-	{
-	1,
-	SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA,
-	SSL2_CK_DES_192_EDE3_CBC_WITH_SHA,
-	SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_SHA0|SSL_NOT_EXP|SSL_SSLV2|SSL_HIGH,
-	0,
-	SSL_ALL_CIPHERS,
-	},
-#endif
 /* RC4_64_WITH_MD5 */
 #if 1
 	{
@@ -196,7 +174,7 @@ SSL_CIPHER ssl2_ciphers[]={
 	};
 
 static SSL_METHOD SSLv2_data= {
-	2,
+	SSL2_VERSION,
 	ssl2_new,	/* local */
 	ssl2_clear,	/* local */
 	ssl2_free,	/* local */
@@ -216,6 +194,7 @@ static SSL_METHOD SSLv2_data= {
 	ssl2_get_cipher,
 	ssl_bad_method,
 	ssl2_default_timeout,
+	&ssl3_undef_enc_method,
 	};
 
 static long ssl2_default_timeout()
@@ -254,6 +233,7 @@ SSL *s;
 	SSL2_CTX *s2;
 
 	if ((s2=(SSL2_CTX *)Malloc(sizeof(SSL2_CTX))) == NULL) goto err;
+	memset(s2,0,sizeof(SSL2_CTX));
 
 	if ((s2->rbuf=(unsigned char *)Malloc(
 		SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
@@ -302,9 +282,8 @@ SSL *s;
 	s2->rbuf=rbuf;
 	s2->wbuf=wbuf;
 	s2->clear_text=1;
-	s2->first_packet=0;
 	s->packet=s2->rbuf;
-	s->version=2;
+	s->version=SSL2_VERSION;
 	s->packet_length=0;
 	}
 
@@ -314,7 +293,17 @@ int cmd;
 long larg;
 char *parg;
 	{
-	return(0);
+	int ret=0;
+
+	switch(cmd)
+		{
+	case SSL_CTRL_GET_SESSION_REUSED:
+		ret=s->hit;
+		break;
+	default:
+		break;
+		}
+	return(ret);
 	}
 
 long ssl2_ctx_ctrl(ctx,cmd,larg,parg)
diff --git a/ssl/s2_meth.c b/ssl/s2_meth.c
index 0b8c2acb48..cfc8828cc7 100644
--- a/ssl/s2_meth.c
+++ b/ssl/s2_meth.c
@@ -1,5 +1,5 @@
 /* ssl/s2_meth.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -63,7 +63,7 @@
 static SSL_METHOD *ssl2_get_method(ver)
 int ver;
 	{
-	if (ver == 2)
+	if (ver == SSL2_VERSION)
 		return(SSLv2_method());
 	else
 		return(NULL);
diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index 84bea33e2e..e4167b53af 100644
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -1,5 +1,5 @@
 /* ssl/s2_pkt.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -70,8 +70,8 @@
 
 #ifndef NOPROTO
 static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend);
-static int do_ssl_write(SSL *s, const char *buf, unsigned int len);
-static int write_pending(SSL *s, const char *buf, unsigned int len);
+static int do_ssl_write(SSL *s, char *buf, unsigned int len);
+static int write_pending(SSL *s, char *buf, unsigned int len);
 static int ssl_mt_error(int n);
 #else
 static int read_n();
@@ -121,7 +121,7 @@ int len;
 			}
 		}
 
-	errno=0;
+	clear_sys_error();
 	s->rwstate=SSL_NOTHING;
 	if (len <= 0) return(len);
 
@@ -231,7 +231,7 @@ int len;
 				(s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0))
 				{
 				SSLerr(SSL_F_SSL2_READ,SSL_R_BAD_MAC_DECODE);
-				return(SSL_RWERR_BAD_MAC_DECODE);
+				return(-1);
 				}
 			}
 		INC32(s->s2->read_sequence); /* expect next number */
@@ -248,7 +248,7 @@ int len;
 	else
 		{
 		SSLerr(SSL_F_SSL2_READ,SSL_R_BAD_STATE);
-			return(SSL_RWERR_INTERNAL_ERROR);
+			return(-1);
 		}
 	}
 
@@ -312,7 +312,7 @@ unsigned int extend;
 	s->packet=s->s2->rbuf;
 	while (newb < (int)n)
 		{
-		errno=0;
+		clear_sys_error();
 		if (s->rbio != NULL)
 			{
 			s->rwstate=SSL_READING;
@@ -356,7 +356,7 @@ unsigned int extend;
 
 int ssl2_write(s, buf, len)
 SSL *s;
-const char *buf;
+char *buf;
 int len;
 	{
 	unsigned int n,tot;
@@ -380,7 +380,7 @@ int len;
 			return(-1);
 		}
 
-	errno=0;
+	clear_sys_error();
 	s->rwstate=SSL_NOTHING;
 	if (len <= 0) return(len);
 
@@ -405,7 +405,7 @@ int len;
 
 static int write_pending(s,buf,len)
 SSL *s;
-const char *buf;
+char *buf;
 unsigned int len;
 	{
 	int i;
@@ -414,15 +414,15 @@ unsigned int len;
 
 	/* check that they have given us the same buffer to
 	 * write */
-	if ((s->s2->wpend_tot != (int)len) || (s->s2->wpend_buf != buf))
+	if ((s->s2->wpend_tot > (int)len) || (s->s2->wpend_buf != buf))
 		{
 		SSLerr(SSL_F_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
-		return(SSL_RWERR_BAD_WRITE_RETRY);
+		return(-1);
 		}
 
 	for (;;)
 		{
-		errno=0;
+		clear_sys_error();
 		if (s->wbio != NULL)
 			{
 			s->rwstate=SSL_WRITING;
@@ -453,7 +453,7 @@ unsigned int len;
 
 static int do_ssl_write(s, buf, len)
 SSL *s;
-const char *buf;
+char *buf;
 unsigned int len;
 	{
 	unsigned int j,k,olen,p,mac_size,bs;
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
index 0112397e53..c6c8ea32f1 100644
--- a/ssl/s2_srvr.c
+++ b/ssl/s2_srvr.c
@@ -1,5 +1,5 @@
 /* ssl/s2_srvr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -57,9 +57,6 @@
  */
 
 #include <stdio.h>
-#ifdef NO_MD5
-#include "md5.h"
-#endif
 #include "bio.h"
 #include "rand.h"
 #include "objects.h"
@@ -92,7 +89,7 @@ static int ssl_rsa_private_decrypt();
 static SSL_METHOD *ssl2_get_server_method(ver)
 int ver;
 	{
-	if (ver == 2)
+	if (ver == SSL2_VERSION)
 		return(SSLv2_server_method());
 	else
 		return(NULL);
@@ -126,7 +123,7 @@ SSL *s;
 
 	RAND_seed((unsigned char *)&l,sizeof(l));
 	ERR_clear_error();
-	errno=0;
+	clear_sys_error();
 
 	if (s->info_callback != NULL)
 		cb=s->info_callback;
@@ -144,7 +141,7 @@ SSL *s;
 		return(-1);
 		}
 
-	errno=0;
+	clear_sys_error();
 	for (;;)
 		{
 		state=s->state;
@@ -158,7 +155,7 @@ SSL *s;
 
 			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
 
-			s->version=2;
+			s->version=SSL2_VERSION;
 			s->type=SSL_ST_ACCEPT;
 
 			buf=s->init_buf;
@@ -309,13 +306,13 @@ SSL *s;
 			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
 
 			goto end;
-			BREAK;
+			/* BREAK; */
 
 		default:
 			SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_UNKNOWN_STATE);
 			ret= -1;
 			goto end;
-			BREAK;
+			/* BREAK; */
 			}
 		
 		if ((cb != NULL) && (s->state != state))
@@ -336,7 +333,7 @@ end:
 static int get_client_master_key(s)
 SSL *s;
 	{
-	int export,i,n,keya,ek;
+	int export,i,n,keya,error=0,ek;
 	unsigned char *p;
 	SSL_CIPHER *cp;
 	EVP_CIPHER *c;
@@ -390,7 +387,7 @@ SSL *s;
 	memcpy(s->session->key_arg,&(p[s->s2->tmp.clear+s->s2->tmp.enc]),
 		(unsigned int)keya);
 
-	if (s->session->cert->key->privatekey == NULL)
+	if (s->session->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)
 		{
 		ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
 		SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY);
@@ -537,8 +534,8 @@ SSL *s;
 		}
 	else
 		{
-		i=ssl_get_prev_session(s,s->s2->tmp.session_id_length,
-			&(p[s->s2->tmp.cipher_spec_length]));
+		i=ssl_get_prev_session(s,&(p[s->s2->tmp.cipher_spec_length]),
+			s->s2->tmp.session_id_length);
 		if (i == 1)
 			{ /* previous session */
 			s->hit=1;
@@ -656,9 +653,9 @@ SSL *s;
 			/* put certificate type */
 			*(p++)=SSL2_CT_X509_CERTIFICATE;
 			s2n(s->version,p);	/* version */
-			n=i2d_X509(s->cert->key->x509,NULL);
+			n=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
 			s2n(n,p);		/* certificate length */
-			i2d_X509(s->cert->key->x509,&d);
+			i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&d);
 			n=0;
 			
 			/* lets send out the ciphers we like in the
@@ -687,23 +684,7 @@ SSL *s;
  	 */
  	if (s->hit)
  		{
- 		BIO *buf;
- 
- 		if (s->bbio == NULL)
- 			{
- 			buf=BIO_new(BIO_f_buffer());
- 			if (buf == NULL)
- 				{
- 				SSLerr(SSL_F_SERVER_HELLO,ERR_LIB_BUF);
- 				return(-1);
- 				}
- 			s->bbio=buf;
- 			}
- 		else
- 			buf=s->bbio;
- 		
- 		BIO_reset(buf);
- 		s->wbio=BIO_push(buf,s->wbio);
+		if (!ssl_init_wbio_buffer(s,1)) return(-1);
  		}
  
 	return(ssl2_do_write(s));
@@ -904,12 +885,12 @@ SSL *s;
 		EVP_MD_CTX ctx;
 		EVP_PKEY *pkey=NULL;
 
-		EVP_VerifyInit(&ctx,EVP_md5());
+		EVP_VerifyInit(&ctx,s->ctx->rsa_md5);
 		EVP_VerifyUpdate(&ctx,s->s2->key_material,
 			(unsigned int)s->s2->key_material_length);
 		EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
 
-		i=i2d_X509(s->session->cert->key->x509,NULL);
+		i=i2d_X509(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
 		buf2=(unsigned char *)Malloc((unsigned int)i);
 		if (buf2 == NULL)
 			{
@@ -917,7 +898,7 @@ SSL *s;
 			goto msg_end;
 			}
 		p2=buf2;
-		i=i2d_X509(s->session->cert->key->x509,&p2);
+		i=i2d_X509(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2);
 		EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i);
 		Free(buf2);
 
@@ -962,17 +943,17 @@ int padding;
 	RSA *rsa;
 	int i;
 
-	if ((c == NULL) || (c->key->privatekey == NULL))
+	if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL))
 		{
 		SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_NO_PRIVATEKEY);
 		return(-1);
 		}
-	if (c->key->privatekey->type != EVP_PKEY_RSA)
+	if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA)
 		{
 		SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA);
 		return(-1);
 		}
-	rsa=c->key->privatekey->pkey.rsa;
+	rsa=c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
 
 	/* we have the public key */
 	i=RSA_private_decrypt(len,from,to,rsa,padding);
diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index 1d710eef2e..6de62e1591 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -1,5 +1,5 @@
 /* ssl/s3_both.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -69,16 +69,12 @@
 /* SSL3err(SSL_F_SSL3_GET_FINISHED,SSL_R_EXCESSIVE_MESSAGE_SIZE);
  */
 
-unsigned char ssl3_server_finished_const[4]=
-	{SSL3_MD_SERVER_FINISHED_CONST};
-unsigned char ssl3_client_finished_const[4]=
-	{SSL3_MD_CLIENT_FINISHED_CONST};
-
-int ssl3_send_finished(s,a,b,sender)
+int ssl3_send_finished(s,a,b,sender,slen)
 SSL *s;
 int a;
 int b;
 unsigned char *sender;
+int slen;
 	{
 	unsigned char *p,*d;
 	int i;
@@ -89,11 +85,12 @@ unsigned char *sender;
 		d=(unsigned char *)s->init_buf->data;
 		p= &(d[4]);
 
-		i=ssl3_final_finish_mac(s,&(s->s3->finish_dgst1),sender,p);
+		i=s->method->ssl3_enc->final_finish_mac(s,
+			&(s->s3->finish_dgst1),
+			&(s->s3->finish_dgst2),
+			sender,slen,p);
 		p+=i;
 		l=i;
-		i=ssl3_final_finish_mac(s,&(s->s3->finish_dgst2),sender,p);
-		l+=i;
 
 		*(d++)=SSL3_MT_FINISHED;
 		l2n3(l,d);
@@ -107,13 +104,12 @@ unsigned char *sender;
 	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
 	}
 
-int ssl3_get_finished(s,a,b,sender)
+int ssl3_get_finished(s,a,b)
 SSL *s;
 int a;
 int b;
-unsigned char *sender;
 	{
-	int al,i,j,ok;
+	int al,i,ok;
 	long n;
 	unsigned char *p;
 
@@ -133,7 +129,7 @@ unsigned char *sender;
 	/* If this occurs if we has missed a message */
 	if (!s->s3->change_cipher_spec)
 		{
-		al=SSL3_AD_UNEXPECTED_MESSAGE;
+		al=SSL_AD_UNEXPECTED_MESSAGE;
 		SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_GOT_A_FIN_BEFORE_A_CCS);
 		goto f_err;
 		}
@@ -141,20 +137,18 @@ unsigned char *sender;
 
 	p=(unsigned char *)s->init_buf->data;
 
-	i=EVP_MD_CTX_size(&(s->s3->finish_dgst1));
-	j=EVP_MD_CTX_size(&(s->s3->finish_dgst2));
+	i=s->method->ssl3_enc->finish_mac_length;
 
-	if ((i+j) != n)
+	if (i != n)
 		{
-		al=SSL3_AD_ILLEGAL_PARAMETER;
+		al=SSL_AD_DECODE_ERROR;
 		SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_BAD_DIGEST_LENGTH);
 		goto f_err;
 		}
 
-	if (	(memcmp(  p,    &(s->s3->tmp.finish_md1[0]),i) != 0) ||
-		(memcmp(&(p[i]),&(s->s3->tmp.finish_md2[0]),j) != 0))
+	if (memcmp(  p,    (char *)&(s->s3->tmp.finish_md[0]),i) != 0)
 		{
-		al=SSL3_AD_ILLEGAL_PARAMETER;
+		al=SSL_AD_DECRYPT_ERROR;
 		SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
 		goto f_err;
 		}
@@ -204,34 +198,43 @@ X509 *x;
 	X509_STORE_CTX xs_ctx;
 	X509_OBJECT obj;
 
-	X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL);
-
+	/* TLSv1 sends a chain with nothing in it, instead of an alert */
 	buf=s->init_buf;
-	for (;;)
+	if (!BUF_MEM_grow(buf,(int)(10)))
 		{
-		n=i2d_X509(x,NULL);
-		if (!BUF_MEM_grow(buf,(int)(n+l+3)))
+		SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
+		return(0);
+		}
+	if (x != NULL)
+		{
+		X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL);
+
+		for (;;)
 			{
-			SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
-			return(0);
+			n=i2d_X509(x,NULL);
+			if (!BUF_MEM_grow(buf,(int)(n+l+3)))
+				{
+				SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
+				return(0);
+				}
+			p=(unsigned char *)&(buf->data[l]);
+			l2n3(n,p);
+			i2d_X509(x,&p);
+			l+=n+3;
+			if (X509_NAME_cmp(X509_get_subject_name(x),
+				X509_get_issuer_name(x)) == 0) break;
+
+			i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509,
+				X509_get_issuer_name(x),&obj);
+			if (i <= 0) break;
+			x=obj.data.x509;
+			/* Count is one too high since the X509_STORE_get uped the
+			 * ref count */
+			X509_free(x);
 			}
-		p=(unsigned char *)&(buf->data[l]);
-		l2n3(n,p);
-		i2d_X509(x,&p);
-		l+=n+3;
-		if (X509_NAME_cmp(X509_get_subject_name(x),
-			X509_get_issuer_name(x)) == 0) break;
-
-		i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509,
-			X509_get_issuer_name(x),&obj);
-		if (i <= 0) break;
-		x=obj.data.x509;
-		/* Count is one too high since the X509_STORE_get uped the
-		 * ref count */
-		X509_free(x);
-		}
 
-	X509_STORE_CTX_cleanup(&xs_ctx);
+		X509_STORE_CTX_cleanup(&xs_ctx);
+		}
 
 	l-=7;
 	p=(unsigned char *)&(buf->data[4]);
@@ -260,7 +263,7 @@ int *ok;
 		s->s3->tmp.reuse_message=0;
 		if ((mt >= 0) && (s->s3->tmp.message_type != mt))
 			{
-			al=SSL3_AD_UNEXPECTED_MESSAGE;
+			al=SSL_AD_UNEXPECTED_MESSAGE;
 			SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
 			goto f_err;
 			}
@@ -283,7 +286,7 @@ int *ok;
 
 		if ((mt >= 0) && (*p != mt))
 			{
-			al=SSL3_AD_UNEXPECTED_MESSAGE;
+			al=SSL_AD_UNEXPECTED_MESSAGE;
 			SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
 			goto f_err;
 			}
@@ -292,7 +295,7 @@ int *ok;
 		n2l3(p,l);
 		if (l > (unsigned long)max)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_ILLEGAL_PARAMETER;
 			SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
 			goto f_err;
 			}
@@ -381,31 +384,53 @@ err:
 	}
 
 int ssl_verify_alarm_type(type)
-int type;
+long type;
 	{
 	int al;
 
 	switch(type)
 		{
 	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-
+	case X509_V_ERR_UNABLE_TO_GET_CRL:
+		al=SSL_AD_UNKNOWN_CA;
+		break;
 	case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
+	case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
 	case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
-	case X509_V_ERR_CERT_SIGNATURE_FAILURE:
-	case X509_V_ERR_CERT_NOT_YET_VALID:
 	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
 	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+	case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
+	case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
+	case X509_V_ERR_CERT_NOT_YET_VALID:
+	case X509_V_ERR_CRL_NOT_YET_VALID:
+		al=SSL_AD_BAD_CERTIFICATE;
+		break;
+	case X509_V_ERR_CERT_SIGNATURE_FAILURE:
+	case X509_V_ERR_CRL_SIGNATURE_FAILURE:
+		al=SSL_AD_DECRYPT_ERROR;
+		break;
+	case X509_V_ERR_CERT_HAS_EXPIRED:
+	case X509_V_ERR_CRL_HAS_EXPIRED:
+		al=SSL_AD_CERTIFICATE_EXPIRED;
+		break;
+	case X509_V_ERR_CERT_REVOKED:
+		al=SSL_AD_CERTIFICATE_REVOKED;
+		break;
+	case X509_V_ERR_OUT_OF_MEM:
+		al=SSL_AD_INTERNAL_ERROR;
+		break;
 	case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
 	case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
 	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
 	case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
-		al=SSL3_AD_BAD_CERTIFICATE;
+	case X509_V_ERR_CERT_CHAIN_TOO_LONG:
+		al=SSL_AD_UNKNOWN_CA;
 		break;
-	case X509_V_ERR_CERT_HAS_EXPIRED:
-		al=SSL3_AD_CERTIFICATE_EXPIRED;
+	case X509_V_ERR_APPLICATION_VERIFICATION:
+		al=SSL_AD_HANDSHAKE_FAILURE;
 		break;
 	default:
-		al=SSL3_AD_CERTIFICATE_UNKNOWN;
+		al=SSL_AD_CERTIFICATE_UNKNOWN;
 		break;
 		}
 	return(al);
@@ -419,7 +444,7 @@ SSL *s;
 
 	if (s->s3->rbuf.buf == NULL)
 		{
-		if (s->ctx->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
+		if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
 			extra=SSL3_RT_MAX_EXTRA;
 		else
 			extra=0;
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 4f551d20e9..940c6a458f 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1,5 +1,5 @@
 /* ssl/s3_clnt.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -102,7 +102,7 @@ static int ssl3_check_cert_and_algorithm();
 static SSL_METHOD *ssl3_get_client_method(ver)
 int ver;
 	{
-	if (ver == 3)
+	if (ver == SSL3_VERSION)
 		return(SSLv3_client_method());
 	else
 		return(NULL);
@@ -132,12 +132,12 @@ SSL *s;
 	long num1;
 	void (*cb)()=NULL;
 	int ret= -1;
-	BIO *bbio,*under;
+	BIO *under;
 	int new_state,state,skip=0;;
 
 	RAND_seed((unsigned char *)&Time,sizeof(Time));
 	ERR_clear_error();
-	errno=0;
+	clear_sys_error();
 
 	if (s->info_callback != NULL)
 		cb=s->info_callback;
@@ -156,6 +156,7 @@ SSL *s;
 		case SSL_ST_RENEGOTIATE:
 			s->new_session=1;
 			s->state=SSL_ST_CONNECT;
+			s->ctx->sess_connect_renegotiate++;
 			/* break */
 		case SSL_ST_BEFORE:
 		case SSL_ST_CONNECT:
@@ -164,7 +165,9 @@ SSL *s;
 
 			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
 
-			s->version=3;
+			if ((s->version & 0xff00 ) != 0x0300)
+				abort();
+			/* s->version=SSL3_VERSION; */
 			s->type=SSL_ST_CONNECT;
 
 			if (s->init_buf == NULL)
@@ -185,27 +188,7 @@ SSL *s;
 			if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
 
 			/* setup buffing BIO */
-			if (s->bbio == NULL)
-				{
-				bbio=BIO_new(BIO_f_buffer());
-				if (bbio == NULL)
-					{
-					SSLerr(SSL_F_SSL3_CONNECT,ERR_LIB_BUF);
-					ret= -1;
-					goto end;
-					}
-				s->bbio=bbio;
-				}
-			else
-				bbio=s->bbio;
-
-			BIO_reset(bbio);
-			if (!BIO_set_write_buffer_size(bbio,16*1024))
-				{
-				SSLerr(SSL_F_SSL3_CONNECT,ERR_LIB_BUF);
-				ret= -1;
-				goto end;
-				}
+			if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }
 
 			/* don't push the buffering BIO quite yet */
 
@@ -226,7 +209,8 @@ SSL *s;
 			s->init_num=0;
 
 			/* turn on buffering for the next lot of output */
-			s->wbio=BIO_push(s->bbio,s->wbio);
+			if (s->bbio != s->wbio)
+				s->wbio=BIO_push(s->bbio,s->wbio);
 
 			break;
 
@@ -307,7 +291,9 @@ SSL *s;
 			l=s->s3->tmp.new_cipher->algorithms;
 			/* EAY EAY EAY need to check for DH fix cert
 			 * sent back */
-			if ((s->s3->tmp.cert_req) && 1)
+			/* For TLS, cert_req is set to 2, so a cert chain
+			 * of nothing is sent, but no verify packet is sent */
+			if (s->s3->tmp.cert_req == 1)
 				{
 				s->state=SSL3_ST_CW_CERT_VRFY_A;
 				}
@@ -338,13 +324,13 @@ SSL *s;
 			s->init_num=0;
 
 			s->session->cipher=s->s3->tmp.new_cipher;
-			if (!ssl3_setup_key_block(s))
+			if (!s->method->ssl3_enc->setup_key_block(s))
 				{
 				ret= -1;
 				goto end;
 				}
 
-			if (!ssl3_change_cipher_state(s,
+			if (!s->method->ssl3_enc->change_cipher_state(s,
 				SSL3_CHANGE_CIPHER_CLIENT_WRITE))
 				{
 				ret= -1;
@@ -357,7 +343,8 @@ SSL *s;
 		case SSL3_ST_CW_FINISHED_B:
 			ret=ssl3_send_finished(s,
 				SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
-				&(ssl3_client_finished_const[0]));
+				s->method->ssl3_enc->client_finished,
+				s->method->ssl3_enc->client_finished_len);
 			if (ret <= 0) goto end;
 			s->state=SSL3_ST_CW_FLUSH;
 
@@ -384,8 +371,7 @@ SSL *s;
 		case SSL3_ST_CR_FINISHED_B:
 
 			ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
-				SSL3_ST_CR_FINISHED_B,
-				&(ssl3_server_finished_const[0]));
+				SSL3_ST_CR_FINISHED_B);
 			if (ret <= 0) goto end;
 
 			if (s->hit)
@@ -434,6 +420,7 @@ SSL *s;
 			s->new_session=0;
 
 			ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
+			if (s->hit) s->ctx->sess_hit++;
 
 			ret=1;
 			/* s->server=0; */
@@ -455,7 +442,11 @@ SSL *s;
 		/* did we do anything */
 		if (!s->s3->tmp.reuse_message && !skip)
 			{
-			if (s->debug) BIO_flush(s->wbio);
+			if (s->debug)
+				{
+				if ((ret=BIO_flush(s->wbio)) <= 0)
+					goto end;
+				}
 
 			if ((cb != NULL) && (s->state != state))
 				{
@@ -502,8 +493,8 @@ SSL *s;
 		/* Do the message type and length last */
 		d=p= &(buf[4]);
 
-		*(p++)=SSL3_VERSION_MAJOR;
-		*(p++)=SSL3_VERSION_MINOR;
+		*(p++)=s->version>>8;
+		*(p++)=s->version&0xff;
 
 		/* Random stuff */
 		memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
@@ -572,10 +563,12 @@ SSL *s;
 	if (!ok) return((int)n);
 	d=p=(unsigned char *)s->init_buf->data;
 
-	if ((p[0] != SSL3_VERSION_MAJOR) && (p[1] != SSL3_VERSION_MINOR))
+	if ((p[0] != (s->version>>8)) || (p[1] != (s->version&0xff)))
 		{
 		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_SSL_VERSION);
-		goto err;
+		s->version=(s->version&0xff00)|p[1];
+		al=SSL_AD_PROTOCOL_VERSION;
+		goto f_err;
 		}
 	p+=2;
 
@@ -592,32 +585,36 @@ SSL *s;
 		/* SSLref returns 16 :-( */
 		if (j < SSL2_SSL_SESSION_ID_LENGTH)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_ILLEGAL_PARAMETER;
 			SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT);
 			goto f_err;
 			}
 		}
-	if (j == 0)
-		{
-		s->hit=0;
-		memset(s->session->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH);
-		s->session->session_id_length=0;
-		}
-	else if ((j == s->session->session_id_length) &&
+	if ((j != 0) && (j == s->session->session_id_length) &&
 		(memcmp(p,s->session->session_id,j) == 0))
 		s->hit=1;
-	else
+	else	/* a miss or crap from the other end */
 		{
-		memcpy(s->session->session_id,p,j);
-		s->session->session_id_length=j;
+		/* If we were trying for session-id reuse, make a new
+		 * SSL_SESSION so we don't stuff up other people */
 		s->hit=0;
+		if (s->session->session_id_length > 0)
+			{
+			if (!ssl_get_new_session(s,0))
+				{
+				al=SSL_AD_INTERNAL_ERROR;
+				goto f_err;
+				}
+			}
+		s->session->session_id_length=j;
+		memcpy(s->session->session_id,p,j); /* j could be 0 */
 		}
 	p+=j;
 	c=ssl_get_cipher_by_char(s,p);
 	if (c == NULL)
 		{
 		/* unknown cipher */
-		al=SSL3_AD_HANDSHAKE_FAILURE;
+		al=SSL_AD_ILLEGAL_PARAMETER;
 		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED);
 		goto f_err;
 		}
@@ -628,17 +625,17 @@ SSL *s;
 	if (i < 0)
 		{
 		/* we did not say we would use this cipher */
-		al=SSL3_AD_ILLEGAL_PARAMETER;
+		al=SSL_AD_ILLEGAL_PARAMETER;
 		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
 		goto f_err;
 		}
 
 	if (s->hit && (s->session->cipher != c))
 		{
-		if (!(s->ctx->options &
+		if (!(s->options &
 			SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_ILLEGAL_PARAMETER;
 			SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
 			goto f_err;
 			}
@@ -649,7 +646,7 @@ SSL *s;
 	j= *(p++);
 	if (j != 0)
 		{
-		al=SSL3_AD_HANDSHAKE_FAILURE;
+		al=SSL_AD_ILLEGAL_PARAMETER;
 		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
 		goto f_err;
 		}
@@ -657,7 +654,7 @@ SSL *s;
 	if (p != (d+n))
 		{
 		/* wrong packet length */
-		al=SSL3_AD_ILLEGAL_PARAMETER;
+		al=SSL_AD_DECODE_ERROR;
 		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_PACKET_LENGTH);
 		goto err;
 		}
@@ -701,7 +698,7 @@ SSL *s;
 
 	if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
 		{
-		al=SSL3_AD_UNEXPECTED_MESSAGE;
+		al=SSL_AD_UNEXPECTED_MESSAGE;
 		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE);
 		goto f_err;
 		}
@@ -716,7 +713,7 @@ SSL *s;
 	n2l3(p,llen);
 	if (llen+3 != n)
 		{
-		al=SSL3_AD_ILLEGAL_PARAMETER;
+		al=SSL_AD_DECODE_ERROR;
 		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
 		goto f_err;
 		}
@@ -725,7 +722,7 @@ SSL *s;
 		n2l3(p,l);
 		if ((l+nc+3) > llen)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECODE_ERROR;
 			SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
 			goto f_err;
 			}
@@ -734,13 +731,13 @@ SSL *s;
 		x=d2i_X509(NULL,&q,l);
 		if (x == NULL)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_BAD_CERTIFICATE;
 			SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_ASN1_LIB);
 			goto f_err;
 			}
 		if (q != (p+l))
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECODE_ERROR;
 			SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
 			goto f_err;
 			}
@@ -792,7 +789,7 @@ SSL *s;
 		}
 
 	c->cert_type=i;
-	x->references++;
+	CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
 	if (c->pkeys[i].x509 != NULL)
 		X509_free(c->pkeys[i].x509);
 	c->pkeys[i].x509=x;
@@ -800,7 +797,7 @@ SSL *s;
 
 	if ((s->session != NULL) && (s->session->peer != NULL)) 
 		X509_free(s->session->peer);
-	x->references++;
+	CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
 	s->session->peer=x;
 
 	x=NULL;
@@ -829,7 +826,9 @@ SSL *s;
 	long n,alg;
 	EVP_PKEY *pkey=NULL;
 	RSA *rsa=NULL;
+#ifndef NO_DH
 	DH *dh=NULL;
+#endif
 
 	n=ssl3_get_message(s,
 		SSL3_ST_CR_KEY_EXCH_A,
@@ -885,7 +884,7 @@ SSL *s;
 		param_len=i+2;
 		if (param_len > n)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECODE_ERROR;
 			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH);
 			goto f_err;
 			}
@@ -900,7 +899,7 @@ SSL *s;
 		param_len+=i+2;
 		if (param_len > n)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECODE_ERROR;
 			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH);
 			goto f_err;
 			}
@@ -937,7 +936,7 @@ SSL *s;
 		param_len=i+2;
 		if (param_len > n)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECODE_ERROR;
 			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH);
 			goto f_err;
 			}
@@ -952,7 +951,7 @@ SSL *s;
 		param_len+=i+2;
 		if (param_len > n)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECODE_ERROR;
 			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH);
 			goto f_err;
 			}
@@ -967,7 +966,7 @@ SSL *s;
 		param_len+=i+2;
 		if (param_len > n)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECODE_ERROR;
 			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH);
 			goto f_err;
 			}
@@ -994,7 +993,7 @@ SSL *s;
 		}
 	else if ((alg & SSL_kDHr) || (alg & SSL_kDHd))
 		{
-		al=SSL3_AD_HANDSHAKE_FAILURE;
+		al=SSL_AD_ILLEGAL_PARAMETER;
 		SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
 		goto f_err;
 		}
@@ -1013,7 +1012,7 @@ SSL *s;
 		if ((i != n) || (n > j) || (n <= 0))
 			{
 			/* wrong packet length */
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECODE_ERROR;
 			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH);
 			goto err;
 			}
@@ -1027,7 +1026,8 @@ SSL *s;
 			q=md_buf;
 			for (num=2; num > 0; num--)
 				{
-				EVP_DigestInit(&md_ctx,(num == 2)?EVP_md5():EVP_sha1());
+				EVP_DigestInit(&md_ctx,(num == 2)
+					?s->ctx->md5:s->ctx->sha1);
 				EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
 				EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
 				EVP_DigestUpdate(&md_ctx,param,param_len);
@@ -1039,14 +1039,14 @@ SSL *s;
 				RSA_PKCS1_PADDING);
 			if (i <= 0)
 				{
-				al=SSL3_AD_ILLEGAL_PARAMETER;
+				al=SSL_AD_DECRYPT_ERROR;
 				SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
 				goto f_err;
 				}
 			if ((j != i) || (memcmp(p,md_buf,i) != 0))
 				{
 				/* bad signature */
-				al=SSL3_AD_ILLEGAL_PARAMETER;
+				al=SSL_AD_DECRYPT_ERROR;
 				SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
 				goto f_err;
 				}
@@ -1064,7 +1064,7 @@ SSL *s;
 			if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey))
 				{
 				/* bad signature */
-				al=SSL3_AD_ILLEGAL_PARAMETER;
+				al=SSL_AD_DECRYPT_ERROR;
 				SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
 				goto f_err;
 				}
@@ -1086,7 +1086,7 @@ SSL *s;
 			}
 		if (n != 0)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECODE_ERROR;
 			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE);
 			goto f_err;
 			}
@@ -1103,8 +1103,8 @@ static int ssl3_get_certificate_request(s)
 SSL *s;
 	{
 	int ok,ret=0;
-	unsigned long n,nc;
-	unsigned int llen,l,ctype_num,i;
+	unsigned long n,nc,l;
+	unsigned int llen,ctype_num,i;
 	X509_NAME *xn=NULL;
 	unsigned char *p,*d,*q;
 	STACK *ca_sk=NULL;
@@ -1132,11 +1132,23 @@ SSL *s;
 
 	if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST)
 		{
-		ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_UNEXPECTED_MESSAGE);
+		ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
 		SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_WRONG_MESSAGE_TYPE);
 		goto err;
 		}
 
+	/* TLS does not like anon-DH with client cert */
+	if (s->version > SSL3_VERSION)
+		{
+		l=s->s3->tmp.new_cipher->algorithms;
+		if (l & SSL_aNULL)
+			{
+			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
+			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
+			goto err;
+			}
+		}
+
 	d=p=(unsigned char *)s->init_buf->data;
 
 	if ((ca_sk=sk_new(ca_dn_cmp)) == NULL)
@@ -1157,7 +1169,7 @@ SSL *s;
 	n2s(p,llen);
 	if ((llen+ctype_num+2+1) != n)
 		{
-		ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER);
+		ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
 		SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_LENGTH_MISMATCH);
 		goto err;
 		}
@@ -1167,9 +1179,9 @@ SSL *s;
 		n2s(p,l);
 		if ((l+nc+2) > llen)
 			{
-			if ((s->ctx->options & SSL_OP_NETSCAPE_CA_DN_BUG))
+			if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
 				goto cont; /* netscape bugs */
-			ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER);
+			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
 			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_TOO_LONG);
 			goto err;
 			}
@@ -1179,11 +1191,11 @@ SSL *s;
 		if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL)
 			{
 			/* If netscape tollerance is on, ignore errors */
-			if (s->ctx->options & SSL_OP_NETSCAPE_CA_DN_BUG)
+			if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
 				goto cont;
 			else
 				{
-				ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER);
+				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
 				SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_ASN1_LIB);
 				goto err;
 				}
@@ -1191,7 +1203,7 @@ SSL *s;
 
 		if (q != (p+l))
 			{
-			ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER);
+			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
 			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_LENGTH_MISMATCH);
 			goto err;
 			}
@@ -1248,7 +1260,7 @@ SSL *s;
 	if (n > 0)
 		{
 		/* should contain no data */
-		ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER);
+		ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
 		SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_LENGTH_MISMATCH);
 		}
 	ret=1;
@@ -1258,7 +1270,7 @@ SSL *s;
 static int ssl3_send_client_key_exchange(s)
 SSL *s;
 	{
-	unsigned char *p,*d;
+	unsigned char *p,*q,*d;
 	int n;
 	unsigned long l;
 	EVP_PKEY *pkey=NULL;
@@ -1291,22 +1303,33 @@ SSL *s;
 				rsa=pkey->pkey.rsa;
 				}
 				
-			tmp_buf[0]=SSL3_VERSION_MAJOR;
-			tmp_buf[1]=SSL3_VERSION_MINOR;
+			tmp_buf[0]=s->version>>8;
+			tmp_buf[1]=s->version&0xff;
 			RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2);
 
 			s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
 
-			n=RSA_public_encrypt(48,tmp_buf,p,rsa,
-				RSA_PKCS1_PADDING);
+			q=p;
+			/* Fix buf for TLS and beyond */
+			if (s->version > SSL3_VERSION)
+				p+=2;
+			n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH,
+				tmp_buf,p,rsa,RSA_PKCS1_PADDING);
 			if (n <= 0)
 				{
 				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT);
 				goto err;
 				}
 
+			/* Fix buf for TLS and beyond */
+			if (s->version > SSL3_VERSION)
+				{
+				s2n(n,q);
+				n+=2;
+				}
+
 			s->session->master_key_length=
-				ssl3_generate_master_secret(s,
+				s->method->ssl3_enc->generate_master_secret(s,
 					s->session->master_key,
 					tmp_buf,48);
 			memset(tmp_buf,0,48);
@@ -1323,7 +1346,7 @@ SSL *s;
 			else
 				{
 				/* we get them from the cert */
-				ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_HANDSHAKE_FAILURE);
+				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
 				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
 				goto err;
 				}
@@ -1342,7 +1365,9 @@ SSL *s;
 
 			/* use the 'p' output buffer for the DH key, but
 			 * make sure to clear it out afterwards */
+
 			n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
+
 			if (n <= 0)
 				{
 				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
@@ -1351,7 +1376,7 @@ SSL *s;
 
 			/* generate master key from the result */
 			s->session->master_key_length=
-				ssl3_generate_master_secret(s,
+				s->method->ssl3_enc->generate_master_secret(s,
 					s->session->master_key,p,n);
 			/* clean up */
 			memset(p,0,n);
@@ -1369,7 +1394,7 @@ SSL *s;
 		else
 #endif
 			{
-			ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_HANDSHAKE_FAILURE);
+			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
 			SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
 			goto err;
 			}
@@ -1395,8 +1420,11 @@ SSL *s;
 	unsigned char *p,*d;
 	unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
 	EVP_PKEY *pkey;
-	int i=0,j;
+	int i=0;
 	unsigned long n;
+#ifndef NO_DSA
+	int j;
+#endif
 
 	if (s->state == SSL3_ST_CW_CERT_VRFY_A)
 		{
@@ -1404,14 +1432,14 @@ SSL *s;
 		p= &(d[4]);
 		pkey=s->cert->key->privatekey;
 
-		ssl3_final_finish_mac(s,&(s->s3->finish_dgst2),
-			NULL,&(data[MD5_DIGEST_LENGTH]));
+		s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2),
+			&(data[MD5_DIGEST_LENGTH]));
 
 #ifndef NO_RSA
 		if (pkey->type == EVP_PKEY_RSA)
 			{
-			ssl3_final_finish_mac(s,&(s->s3->finish_dgst1),
-				NULL,&(data[0]));
+			s->method->ssl3_enc->cert_verify_mac(s,
+				&(s->s3->finish_dgst1),&(data[0]));
 			i=RSA_private_encrypt(
 				MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
 				data,&(p[2]),pkey->pkey.rsa,
@@ -1507,9 +1535,16 @@ SSL *s;
 		if (pkey != NULL) EVP_PKEY_free(pkey);
 		if (i == 0)
 			{
-			s->s3->tmp.cert_req=0;
-			ssl3_send_alert(s,SSL3_AL_WARNING,SSL3_AD_NO_CERTIFICATE);
-			return(1);
+			if (s->version == SSL3_VERSION)
+				{
+				s->s3->tmp.cert_req=0;
+				ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_NO_CERTIFICATE);
+				return(1);
+				}
+			else
+				{
+				s->s3->tmp.cert_req=2;
+				}
 			}
 
 		/* Ok, we have a cert */
@@ -1519,7 +1554,8 @@ SSL *s;
 	if (s->state == SSL3_ST_CW_CERT_C)
 		{
 		s->state=SSL3_ST_CW_CERT_D;
-		l=ssl3_output_cert_chain(s,s->cert->key->x509);
+		l=ssl3_output_cert_chain(s,
+			(s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
 		s->init_num=(int)l;
 		s->init_off=0;
 		}
@@ -1635,7 +1671,7 @@ SSL *s;
 		}
 	return(1);
 f_err:
-	ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_HANDSHAKE_FAILURE);
+	ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
 err:
 	return(0);
 	}
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index f1cd25e3d3..bbd9b637c5 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -1,5 +1,5 @@
 /* ssl/s3_enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -76,6 +76,56 @@ static unsigned char ssl3_pad_2[48]={
 	0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
 	0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c };
 
+#ifndef NO_PROTO
+static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
+	unsigned char *sender, int len, unsigned char *p);
+#else
+static int ssl3_handshake_mac();
+#endif
+
+static void ssl3_generate_key_block(s,km,num)
+SSL *s;
+unsigned char *km;
+int num;
+	{
+	MD5_CTX m5;
+	SHA_CTX s1;
+	unsigned char buf[8],smd[SHA_DIGEST_LENGTH];
+	unsigned char c='A';
+	int i,j,k;
+
+	k=0;
+	for (i=0; i<num; i+=MD5_DIGEST_LENGTH)
+		{
+		k++;
+		for (j=0; j<k; j++)
+			buf[j]=c;
+		c++;
+		SHA1_Init(  &s1);
+		SHA1_Update(&s1,buf,k);
+		SHA1_Update(&s1,s->session->master_key,
+			s->session->master_key_length);
+		SHA1_Update(&s1,s->s3->server_random,SSL3_RANDOM_SIZE);
+		SHA1_Update(&s1,s->s3->client_random,SSL3_RANDOM_SIZE);
+		SHA1_Final( smd,&s1);
+
+		MD5_Init(  &m5);
+		MD5_Update(&m5,s->session->master_key,
+			s->session->master_key_length);
+		MD5_Update(&m5,smd,SHA_DIGEST_LENGTH);
+		if ((i+MD5_DIGEST_LENGTH) > num)
+			{
+			MD5_Final(smd,&m5);
+			memcpy(km,smd,(num-i));
+			}
+		else
+			MD5_Final(km,&m5);
+
+		km+=MD5_DIGEST_LENGTH;
+		}
+	memset(smd,0,SHA_DIGEST_LENGTH);
+	}
+
 int ssl3_change_cipher_state(s,which)
 SSL *s;
 int which;
@@ -122,6 +172,8 @@ int which;
 		mac_secret= &(s->s3->write_mac_secret[0]);
 		}
 
+	EVP_CIPHER_CTX_init(dd);
+
 	p=s->s3->tmp.key_block;
 	i=EVP_MD_size(m);
 	j=(exp)?5:EVP_CIPHER_key_length(c);
@@ -164,18 +216,20 @@ int which;
 		MD5_Final(&(exp_key[0]),&md);
 		key= &(exp_key[0]);
 
-		MD5_Init(&md);
-		MD5_Update(&md,er1,SSL3_RANDOM_SIZE);
-		MD5_Update(&md,er2,SSL3_RANDOM_SIZE);
-		MD5_Final(&(exp_iv[0]),&md);
-		iv= &(exp_iv[0]);
+		if (k > 0)
+			{
+			MD5_Init(&md);
+			MD5_Update(&md,er1,SSL3_RANDOM_SIZE);
+			MD5_Update(&md,er2,SSL3_RANDOM_SIZE);
+			MD5_Final(&(exp_iv[0]),&md);
+			iv= &(exp_iv[0]);
+			}
 		}
 
-	s->session->key_arg_length=k;
-	if (k > 0)
-		memcpy(&(s->session->key_arg[0]),iv,k);
+	s->session->key_arg_length=0;
 
 	EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE));
+
 	memset(&(exp_key[0]),0,sizeof(exp_key));
 	memset(&(exp_iv[0]),0,sizeof(exp_iv));
 	return(1);
@@ -305,7 +359,7 @@ int send;
 			if (i > bs)
 				{
 				SSLerr(SSL_F_SSL3_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
-				ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_BAD_RECORD_MAC);
+				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPT_ERROR);
 				return(0);
 				}
 			rec->length-=i;
@@ -317,8 +371,8 @@ int send;
 void ssl3_init_finished_mac(s)
 SSL *s;
 	{
-	EVP_DigestInit(&(s->s3->finish_dgst1),EVP_md5());
-	EVP_DigestInit(&(s->s3->finish_dgst2),EVP_sha1());
+	EVP_DigestInit(&(s->s3->finish_dgst1),s->ctx->md5);
+	EVP_DigestInit(&(s->s3->finish_dgst2),s->ctx->sha1);
 	}
 
 void ssl3_finish_mac(s,buf,len)
@@ -330,10 +384,34 @@ int len;
 	EVP_DigestUpdate(&(s->s3->finish_dgst2),buf,len);
 	}
 
-int ssl3_final_finish_mac(s,in_ctx,sender,p)
+int ssl3_cert_verify_mac(s,ctx,p)
+SSL *s;
+EVP_MD_CTX *ctx;
+unsigned char *p;
+	{
+	return(ssl3_handshake_mac(s,ctx,NULL,0,p));
+	}
+
+int ssl3_final_finish_mac(s,ctx1,ctx2,sender,len,p)
+SSL *s;
+EVP_MD_CTX *ctx1,*ctx2;
+unsigned char *sender;
+int len;
+unsigned char *p;
+	{
+	int ret;
+
+	ret=ssl3_handshake_mac(s,ctx1,sender,len,p);
+	p+=ret;
+	ret+=ssl3_handshake_mac(s,ctx2,sender,len,p);
+	return(ret);
+	}
+
+static int ssl3_handshake_mac(s,in_ctx,sender,len,p)
 SSL *s;
 EVP_MD_CTX *in_ctx;
 unsigned char *sender;
+int len;
 unsigned char *p;
 	{
 	unsigned int ret;
@@ -348,7 +426,7 @@ unsigned char *p;
 	npad=(48/n)*n;
 
 	if (sender != NULL)
-		EVP_DigestUpdate(&ctx,sender,4);
+		EVP_DigestUpdate(&ctx,sender,len);
 	EVP_DigestUpdate(&ctx,s->session->master_key,
 		s->session->master_key_length);
 	EVP_DigestUpdate(&ctx,ssl3_pad_1,npad);
@@ -397,19 +475,6 @@ int send;
 	md_size=EVP_MD_size(hash);
 	npad=(48/md_size)*md_size;
 
-#ifdef MAC_DEBUG
-printf("npad=%d md_size=%d",npad,md_size);
-printf("\nmsec=");
-for (i=0; i<md_size; i++) printf("%02X ",mac_sec[i]);
-printf("\npad1=");
-for (i=0; i<npad; i++) printf("%02X ",ssl3_pad_1[i]);
-printf("\nseq =");
-for (i=0; i<8; i++) printf("%02X ",seq[i]);
-printf("\nreqt=%02X len=%04X\n",rec->type,rec->length);
-for (i=0; i<rec->length; i++) printf("%02X",rec->input[i]);
-printf("\n");
-#endif
-
 	/* Chop the digest off the end :-) */
 
 	EVP_DigestInit(  &md_ctx,hash);
@@ -433,12 +498,6 @@ printf("\n");
 	for (i=7; i>=0; i--)
 		if (++seq[i]) break; 
 
-#ifdef MAC_DEBUG
-printf("md=");
-for (i=0; i<md_size; i++) printf("%02X ",md[i]);
-printf("\n");
-#endif
-
 	return(md_size);
 	}
 
@@ -460,7 +519,7 @@ int len;
 
 	for (i=0; i<3; i++)
 		{
-		EVP_DigestInit(&ctx,EVP_sha1());
+		EVP_DigestInit(&ctx,s->ctx->sha1);
 		EVP_DigestUpdate(&ctx,salt[i],strlen((char *)salt[i]));
 		EVP_DigestUpdate(&ctx,p,len);
 		EVP_DigestUpdate(&ctx,&(s->s3->client_random[0]),
@@ -469,7 +528,7 @@ int len;
 			SSL3_RANDOM_SIZE);
 		EVP_DigestFinal(&ctx,buf,&n);
 
-		EVP_DigestInit(&ctx,EVP_md5());
+		EVP_DigestInit(&ctx,s->ctx->md5);
 		EVP_DigestUpdate(&ctx,p,len);
 		EVP_DigestUpdate(&ctx,buf,n);
 		EVP_DigestFinal(&ctx,out,&n);
@@ -479,3 +538,36 @@ int len;
 	return(ret);
 	}
 
+int ssl3_alert_code(code)
+int code;
+	{
+	switch (code)
+		{
+	case SSL_AD_CLOSE_NOTIFY:	return(SSL3_AD_CLOSE_NOTIFY);
+	case SSL_AD_UNEXPECTED_MESSAGE:	return(SSL3_AD_UNEXPECTED_MESSAGE);
+	case SSL_AD_BAD_RECORD_MAC:	return(SSL3_AD_BAD_RECORD_MAC);
+	case SSL_AD_DECRYPTION_FAILED:	return(SSL3_AD_BAD_RECORD_MAC);
+	case SSL_AD_RECORD_OVERFLOW:	return(SSL3_AD_BAD_RECORD_MAC);
+	case SSL_AD_DECOMPRESSION_FAILURE:return(SSL3_AD_DECOMPRESSION_FAILURE);
+	case SSL_AD_HANDSHAKE_FAILURE:	return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_NO_CERTIFICATE:	return(SSL3_AD_NO_CERTIFICATE);
+	case SSL_AD_BAD_CERTIFICATE:	return(SSL3_AD_BAD_CERTIFICATE);
+	case SSL_AD_UNSUPPORTED_CERTIFICATE:return(SSL3_AD_UNSUPPORTED_CERTIFICATE);
+	case SSL_AD_CERTIFICATE_REVOKED:return(SSL3_AD_CERTIFICATE_REVOKED);
+	case SSL_AD_CERTIFICATE_EXPIRED:return(SSL3_AD_CERTIFICATE_EXPIRED);
+	case SSL_AD_CERTIFICATE_UNKNOWN:return(SSL3_AD_CERTIFICATE_UNKNOWN);
+	case SSL_AD_ILLEGAL_PARAMETER:	return(SSL3_AD_ILLEGAL_PARAMETER);
+	case SSL_AD_UNKNOWN_CA:		return(SSL3_AD_BAD_CERTIFICATE);
+	case SSL_AD_ACCESS_DENIED:	return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_DECODE_ERROR:	return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_DECRYPT_ERROR:	return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_EXPORT_RESTRICION:	return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_PROTOCOL_VERSION:	return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_INSUFFICIENT_SECURITY:return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_INTERNAL_ERROR:	return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_USER_CANCLED:	return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_NO_RENEGOTIATION:	return(-1); /* Don't send it :-) */
+	default:			return(-1);
+		}
+	}
+
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index b7bac8e10f..0fd945025d 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -1,5 +1,5 @@
 /* ssl/s3_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -60,7 +60,7 @@
 #include "objects.h"
 #include "ssl_locl.h"
 
-char *ssl3_version_str="SSLv3 part of SSLeay 0.8.1b 29-Jun-1998";
+char *ssl3_version_str="SSLv3 part of SSLeay 0.9.0b 29-Jun-1998";
 
 #define SSL3_NUM_CIPHERS	(sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
 
@@ -131,8 +131,8 @@ SSL_CIPHER ssl3_ciphers[]={
 /* Cipher 1B */
 	{
 	1,
-	SSL3_TXT_ADH_DES_196_CBC_SHA,
-	SSL3_CK_ADH_DES_196_CBC_SHA,
+	SSL3_TXT_ADH_DES_192_CBC_SHA,
+	SSL3_CK_ADH_DES_192_CBC_SHA,
 	SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
 	0,
 	SSL_ALL_CIPHERS,
@@ -358,8 +358,22 @@ SSL_CIPHER ssl3_ciphers[]={
 /* end of list */
 	};
 
+static SSL3_ENC_METHOD SSLv3_enc_data={
+	ssl3_enc,
+	ssl3_mac,
+	ssl3_setup_key_block,
+	ssl3_generate_master_secret,
+	ssl3_change_cipher_state,
+	ssl3_final_finish_mac,
+	MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
+	ssl3_cert_verify_mac,
+	SSL3_MD_CLIENT_FINISHED_CONST,4,
+	SSL3_MD_SERVER_FINISHED_CONST,4,
+	ssl3_alert_code,
+	};
+
 static SSL_METHOD SSLv3_data= {
-	3,
+	SSL3_VERSION,
 	ssl3_new,
 	ssl3_clear,
 	ssl3_free,
@@ -379,6 +393,7 @@ static SSL_METHOD SSLv3_data= {
 	ssl3_get_cipher,
 	ssl_bad_method,
 	ssl3_default_timeout,
+	&SSLv3_enc_data,
 	};
 
 static long ssl3_default_timeout()
@@ -420,14 +435,18 @@ SSL *s;
 	SSL3_CTX *s3;
 
 	if ((s3=(SSL3_CTX *)Malloc(sizeof(SSL3_CTX))) == NULL) goto err;
+	memset(s3,0,sizeof(SSL3_CTX));
 
 	s->s3=s3;
+	/*
 	s->s3->tmp.ca_names=NULL;
 	s->s3->tmp.key_block=NULL;
+	s->s3->tmp.key_block_length=0;
 	s->s3->rbuf.buf=NULL;
 	s->s3->wbuf.buf=NULL;
+	*/
 
-	ssl3_clear(s);
+	s->method->ssl_clear(s);
 	return(1);
 err:
 	return(0);
@@ -465,16 +484,14 @@ SSL *s;
 	wp=s->s3->wbuf.buf;
 
 	memset(s->s3,0,sizeof(SSL3_CTX));
-	if (rp != NULL)
-		{
-		s->packet= &(s->s3->rbuf.buf[0]);
-		s->s3->rbuf.buf=rp;
-		s->s3->wbuf.buf=wp;
-		}
-	else
-		s->packet=NULL;
+	if (rp != NULL) s->s3->rbuf.buf=rp;
+	if (wp != NULL) s->s3->wbuf.buf=wp;
 	s->packet_length=0;
-	s->version=3;
+	s->s3->renegotiate=0;
+	s->s3->total_renegotiations=0;
+	s->s3->num_renegotiations=0;
+	s->s3->in_read_app_data=0;
+	s->version=SSL3_VERSION;
 	}
 
 long ssl3_ctrl(s,cmd,larg,parg)
@@ -483,7 +500,29 @@ int cmd;
 long larg;
 char *parg;
 	{
-	return(0);
+	int ret=0;
+
+	switch (cmd)
+		{
+	case SSL_CTRL_GET_SESSION_REUSED:
+		ret=s->hit;
+		break;
+	case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
+		break;
+	case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
+		ret=s->s3->num_renegotiations;
+		break;
+	case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
+		ret=s->s3->num_renegotiations;
+		s->s3->num_renegotiations=0;
+		break;
+	case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
+		ret=s->s3->total_renegotiations;
+		break;
+	default:
+		break;
+		}
+	return(ret);
 	}
 
 long ssl3_ctx_ctrl(ctx,cmd,larg,parg)
@@ -623,49 +662,6 @@ unsigned char *p;
 	return(2);
 	}
 
-void ssl3_generate_key_block(s,km,num)
-SSL *s;
-unsigned char *km;
-int num;
-	{
-	MD5_CTX m5;
-	SHA_CTX s1;
-	unsigned char buf[8],smd[SHA_DIGEST_LENGTH];
-	unsigned char c='A';
-	int i,j,k;
-
-	k=0;
-	for (i=0; i<num; i+=MD5_DIGEST_LENGTH)
-		{
-		k++;
-		for (j=0; j<k; j++)
-			buf[j]=c;
-		c++;
-		SHA1_Init(  &s1);
-		SHA1_Update(&s1,buf,k);
-		SHA1_Update(&s1,s->session->master_key,
-			s->session->master_key_length);
-		SHA1_Update(&s1,s->s3->server_random,SSL3_RANDOM_SIZE);
-		SHA1_Update(&s1,s->s3->client_random,SSL3_RANDOM_SIZE);
-		SHA1_Final( smd,&s1);
-
-		MD5_Init(  &m5);
-		MD5_Update(&m5,s->session->master_key,
-			s->session->master_key_length);
-		MD5_Update(&m5,smd,SHA_DIGEST_LENGTH);
-		if ((i+MD5_DIGEST_LENGTH) > num)
-			{
-			MD5_Final(smd,&m5);
-			memcpy(km,smd,(num-i));
-			}
-		else
-			MD5_Final(km,&m5);
-
-		km+=MD5_DIGEST_LENGTH;
-		}
-	memset(smd,0,SHA_DIGEST_LENGTH);
-	}
-
 int ssl3_part_read(s,i)
 SSL *s;
 int i;
@@ -754,7 +750,8 @@ unsigned char *p;
 		p[ret++]=SSL3_CT_DSS_FIXED_DH;
 #endif
 		}
-	if (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr))
+	if ((s->version == SSL3_VERSION) &&
+		(alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
 		{
 #ifndef NO_RSA
 		p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
@@ -767,7 +764,7 @@ unsigned char *p;
 #ifndef NO_RSA
 	p[ret++]=SSL3_CT_RSA_SIGN;
 #endif
-/*	p[ret++]=SSL3_CT_DSS_SIGN; */
+	p[ret++]=SSL3_CT_DSS_SIGN;
 	return(ret);
 	}
 
@@ -787,7 +784,7 @@ SSL *s;
 		{
 		s->shutdown|=SSL_SENT_SHUTDOWN;
 #if 1
-		ssl3_send_alert(s,SSL3_AL_WARNING,SSL3_AD_CLOSE_NOTIFY);
+		ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
 #endif
 		/* our shutdown alert has been sent now, and if it still needs
 	 	 * to be written, s->s3->alert_dispatch will be true */
@@ -814,7 +811,7 @@ SSL *s;
 
 int ssl3_write(s,buf,len)
 SSL *s;
-const char *buf;
+char *buf;
 int len;
 	{
 	int ret,n;
@@ -827,7 +824,8 @@ int len;
 		return(0);
 		}
 #endif
-	errno=0;
+	clear_sys_error();
+	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
 
 	/* This is an experimental flag that sends the
 	 * last handshake message in the same packet as the first
@@ -867,6 +865,7 @@ int len;
 			(char *)buf,len);
 		if (ret <= 0) return(ret);
 		}
+
 	return(ret);
 	}
 
@@ -875,8 +874,24 @@ SSL *s;
 char *buf;
 int len;
 	{
-	errno=0;
-	return(ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len));
+	int ret;
+	
+	clear_sys_error();
+	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
+	s->s3->in_read_app_data=1;
+	ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len);
+	if ((ret == -1) && (s->s3->in_read_app_data == 0))
+		{
+		ERR_get_error(); /* clear the error */
+		s->s3->in_read_app_data=0;
+		s->in_handshake++;
+		ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len);
+		s->in_handshake--;
+		}
+	else
+		s->s3->in_read_app_data=0;
+
+	return(ret);
 	}
 
 int ssl3_peek(s,buf,len)
@@ -889,7 +904,12 @@ int len;
 
 	rr= &(s->s3->rrec);
 	if ((rr->length == 0) || (rr->type != SSL3_RT_APPLICATION_DATA))
-		return(0);
+		{
+		n=ssl3_read(s,buf,1);
+		if (n <= 0) return(n);
+		rr->length++;
+		rr->off--;
+		}
 
 	if ((unsigned int)len > rr->length)
 		n=rr->length;
@@ -908,8 +928,34 @@ SSL *s;
 	if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
 		return(0);
 
-	if (!SSL_in_init(s))
-		s->state=SSL_ST_RENEGOTIATE;
+	s->s3->renegotiate=1;
 	return(1);
 	}
 
+int ssl3_renegotiate_check(s)
+SSL *s;
+	{
+	int ret=0;
+
+	if (s->s3->renegotiate)
+		{
+		if (	(s->s3->rbuf.left == 0) &&
+			(s->s3->wbuf.left == 0) &&
+			!SSL_in_init(s))
+			{
+/*
+if we are the server, and we have sent a 'RENEGOTIATE' message, we
+need to go to SSL_ST_ACCEPT.
+*/
+			/* SSL_ST_ACCEPT */
+			s->state=SSL_ST_RENEGOTIATE;
+			s->s3->renegotiate=0;
+			s->s3->num_renegotiations++;
+			s->s3->total_renegotiations++;
+			ret=1;
+			}
+		}
+	return(ret);
+	}
+
+
diff --git a/ssl/s3_meth.c b/ssl/s3_meth.c
index 4762b21442..3d66b4643a 100644
--- a/ssl/s3_meth.c
+++ b/ssl/s3_meth.c
@@ -1,5 +1,5 @@
 /* ssl/s3_meth.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -63,9 +63,9 @@
 static SSL_METHOD *ssl3_get_method(ver)
 int ver;
 	{
-	if (ver == 3)
+	if (ver == SSL3_VERSION)
 		return(SSLv3_method());
-	else
+	else 
 		return(NULL);
 	}
 
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 3be69ef138..2385080347 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -1,5 +1,5 @@
 /* ssl/s3_pkt.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -87,12 +87,14 @@ static int ssl3_write_pending(SSL *s, int type, char *buf, unsigned int len);
 static int ssl3_get_record(SSL *s);
 static int do_compress(SSL *ssl);
 static int do_uncompress(SSL *ssl);
+static int do_change_cipher_spec(SSL *ssl);
 #else
 static int do_ssl3_write();
 static int ssl3_write_pending();
 static int ssl3_get_record();
 static int do_compress();
 static int do_uncompress();
+static int do_change_cipher_spec();
 #endif
 
 static int ssl3_read_n(s,n,max,extend)
@@ -159,7 +161,7 @@ int extend;
 
 	while (newb < n)
 		{
-		errno=0;
+		clear_sys_error();
 		if (s->rbio != NULL)
 			{
 			s->rwstate=SSL_READING;
@@ -211,6 +213,7 @@ int extend;
 static int ssl3_get_record(s)
 SSL *s;
 	{
+	char tmp_buf[512];
 	int ssl_major,ssl_minor,al;
 	int n,i,ret= -1;
 	SSL3_BUFFER *rb;
@@ -226,7 +229,7 @@ SSL *s;
 	rb= &(s->s3->rbuf);
 	sess=s->session;
 
-	if (s->ctx->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
+	if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
 		extra=SSL3_RT_MAX_EXTRA;
 	else
 		extra=0;
@@ -257,25 +260,27 @@ again:
 			}
 		else
 			{
-		if (	(ssl_major != SSL3_VERSION_MAJOR) ||
-			(ssl_minor != SSL3_VERSION_MINOR))
-			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
-			goto f_err;
-			}
+			if (version != s->version)
+				{
+				SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
+				/* Send back error using their
+				 * version number :-) */
+				s->version=version;
+				al=SSL_AD_PROTOCOL_VERSION;
+				goto f_err;
+				}
 			}
 
-		if (s->version != SSL3_VERSION_MAJOR)
+		if ((version>>8) != SSL3_VERSION_MAJOR)
 			{
-			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_INTERNAL_ERROR);
+			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
 			goto err;
 			}
 
 		if (rr->length > 
 			(unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_RECORD_OVERFLOW;
 			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG);
 			goto f_err;
 			}
@@ -319,20 +324,25 @@ again:
 	/* check is not needed I belive */
 	if (rr->length > (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
 		{
-		al=SSL3_AD_ILLEGAL_PARAMETER;
+		al=SSL_AD_RECORD_OVERFLOW;
 		SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
 		goto f_err;
 		}
 
 	/* decrypt in place in 'rr->input' */
 	rr->data=rr->input;
+	memcpy(tmp_buf,rr->input,(rr->length > 512)?512:rr->length);
 
-	if (!ssl3_enc(s,0))
+	if (!s->method->ssl3_enc->enc(s,0))
 		{
-		al=SSL3_AD_ILLEGAL_PARAMETER;
+		al=SSL_AD_DECRYPT_ERROR;
 		goto f_err;
 		}
-
+#ifdef TLS_DEBUG
+printf("dec %d\n",rr->length);
+{ int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); }
+printf("\n");
+#endif
 	/* r->length is now the compressed data plus mac */
 	if (	(sess == NULL) ||
 		(s->enc_read_ctx == NULL) ||
@@ -345,24 +355,24 @@ again:
 
 		if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_RECORD_OVERFLOW;
 			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);
 			goto f_err;
 			}
 		/* check MAC for rr->input' */
 		if (rr->length < mac_size)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECODE_ERROR;
 			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);
 			goto f_err;
 			}
 		rr->length-=mac_size;
-		i=ssl3_mac(s,md,0);
+		i=s->method->ssl3_enc->mac(s,md,0);
 		if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
 			{
-			al=SSL3_AD_BAD_RECORD_MAC;
+			al=SSL_AD_BAD_RECORD_MAC;
 			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_MAC_DECODE);
-			ret=SSL_RWERR_BAD_MAC_DECODE;
+			ret= -1;
 			goto f_err;
 			}
 		}
@@ -373,13 +383,13 @@ again:
 		if (rr->length > 
 			(unsigned int)SSL3_RT_MAX_COMPRESSED_LENGTH+extra)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_RECORD_OVERFLOW;
 			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);
 			goto f_err;
 			}
 		if (!do_uncompress(s))
 			{
-			al=SSL3_AD_DECOMPRESSION_FAILURE;
+			al=SSL_AD_DECOMPRESSION_FAILURE;
 			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);
 			goto f_err;
 			}
@@ -387,7 +397,7 @@ again:
 
 	if (rr->length > (unsigned int)SSL3_RT_MAX_PLAIN_LENGTH+extra)
 		{
-		al=SSL3_AD_DECOMPRESSION_FAILURE;
+		al=SSL_AD_RECORD_OVERFLOW;
 		SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);
 		goto f_err;
 		}
@@ -426,7 +436,7 @@ SSL *ssl;
 	return(1);
 	}
 
-/* Call this write a data
+/* Call this to write data
  * It will return <= 0 if not all data has been sent or non-blocking IO.
  */
 int ssl3_write_bytes(s,type,buf,len)
@@ -460,7 +470,7 @@ int len;
 			nw=SSL3_RT_MAX_PLAIN_LENGTH;
 		else
 			nw=n;
-
+			
 		i=do_ssl3_write(s,type,&(buf[tot]),nw);
 		if (i <= 0)
 			{
@@ -526,8 +536,8 @@ unsigned int len;
 	*(p++)=type&0xff;
 	wr->type=type;
 
-	*(p++)=SSL3_VERSION_MAJOR;
-	*(p++)=SSL3_VERSION_MINOR;
+	*(p++)=(s->version>>8);
+	*(p++)=s->version&0xff;
 	
 	/* record where we are to write out packet length */
 	plen=p; 
@@ -562,14 +572,14 @@ unsigned int len;
 
 	if (mac_size != 0)
 		{
-		ssl3_mac(s,&(p[wr->length]),1);
+		s->method->ssl3_enc->mac(s,&(p[wr->length]),1);
 		wr->length+=mac_size;
 		wr->input=p;
 		wr->data=p;
 		}
 
 	/* ssl3_enc can only have an error on read */
-	ssl3_enc(s,1);
+	s->method->ssl3_enc->enc(s,1);
 
 	/* record length after mac and block padding */
 	s2n(wr->length,plen);
@@ -604,16 +614,17 @@ unsigned int len;
 	{
 	int i;
 
-	if ((s->s3->wpend_tot != (int)len) || (s->s3->wpend_buf != buf)
+/* XXXX */
+	if ((s->s3->wpend_tot > (int)len) || (s->s3->wpend_buf != buf)
 		|| (s->s3->wpend_type != type))
 		{
 		SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
-		return(SSL_RWERR_BAD_WRITE_RETRY);
+		return(-1);
 		}
 
 	for (;;)
 		{
-		errno=0;
+		clear_sys_error();
 		if (s->wbio != NULL)
 			{
 			s->rwstate=SSL_WRITING;
@@ -647,14 +658,14 @@ int len;
 	{
 	int al,i,j,n,ret;
 	SSL3_RECORD *rr;
-	unsigned char *sender;
 	void (*cb)()=NULL;
+	BIO *bio;
 
 	if (s->s3->rbuf.buf == NULL) /* Not initalised yet */
 		if (!ssl3_setup_buffers(s))
 			return(-1);
 
-	if (!s->in_handshake && SSL_in_before(s))
+	if (!s->in_handshake && SSL_in_init(s))
 		{
 		i=s->handshake_func(s);
 		if (i < 0) return(i);
@@ -684,7 +695,7 @@ start:
 
 	if (s->s3->change_cipher_spec && (rr->type != SSL3_RT_HANDSHAKE))
 		{
-		al=SSL3_AD_UNEXPECTED_MESSAGE;
+		al=SSL_AD_UNEXPECTED_MESSAGE;
 		SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
 		goto err;
 		}
@@ -705,21 +716,25 @@ start:
 		if ((rr->data[1] != 0) || (rr->data[2] != 0) ||
 			(rr->data[3] != 0))
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECODE_ERROR;
 			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CLIENT_REQUEST);
 			goto err;
 			}
 
 		if (SSL_is_init_finished(s) &&
-			!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
+			!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
+			!s->s3->renegotiate)
 			{
 			ssl3_renegotiate(s);
-			n=s->handshake_func(s);
-			if (n < 0) return(n);
-			if (n == 0)
+			if (ssl3_renegotiate_check(s))
 				{
-				SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
-				return(-1);
+				n=s->handshake_func(s);
+				if (n < 0) return(n);
+				if (n == 0)
+					{
+					SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+					return(-1);
+					}
 				}
 			}
 		rr->length=0;
@@ -734,7 +749,7 @@ start:
 			{
 			if ((rr->length != 2) || (rr->off != 0))
 				{
-				al=SSL3_AD_ILLEGAL_PARAMETER;
+				al=SSL_AD_DECODE_ERROR;
 				SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_ALERT_RECORD);
 				goto f_err;
 				}
@@ -759,7 +774,7 @@ start:
 			if (i == 1)
 				{
 				s->s3->warn_alert=n;
-				if (n == SSL3_AD_CLOSE_NOTIFY)
+				if (n == SSL_AD_CLOSE_NOTIFY)
 					{
 					s->shutdown|=SSL_RECEIVED_SHUTDOWN;
 					return(0);
@@ -767,16 +782,20 @@ start:
 				}
 			else if (i == 2)
 				{
+				char tmp[16];
+
 				s->rwstate=SSL_NOTHING;
 				s->s3->fatal_alert=n;
 				SSLerr(SSL_F_SSL3_READ_BYTES,1000+n);
+				sprintf(tmp,"%d",n);
+				ERR_add_error_data(2,"SSL alert number ",tmp);
 				s->shutdown|=SSL_RECEIVED_SHUTDOWN;
 				SSL_CTX_remove_session(s->ctx,s->session);
 				return(0);
 				}
 			else
 				{
-				al=SSL3_AD_ILLEGAL_PARAMETER;
+				al=SSL_AD_ILLEGAL_PARAMETER;
 				SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE);
 				goto f_err;
 				}
@@ -797,43 +816,17 @@ start:
 			if (	(rr->length != 1) || (rr->off != 0) ||
 				(rr->data[0] != SSL3_MT_CCS))
 				{
-				i=SSL3_AD_ILLEGAL_PARAMETER;
+				i=SSL_AD_ILLEGAL_PARAMETER;
 				SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
 				goto err;
 				}
 
 			rr->length=0;
-
 			s->s3->change_cipher_spec=1;
-
-			if (s->state & SSL_ST_ACCEPT)
-				i=SSL3_CHANGE_CIPHER_SERVER_READ;
-			else
-				i=SSL3_CHANGE_CIPHER_CLIENT_READ;
-
-			if (s->s3->tmp.key_block == NULL)
-				{
-				s->session->cipher=s->s3->tmp.new_cipher;
-				if (!ssl3_setup_key_block(s))
-					goto err;
-				}
-
-			if (!ssl3_change_cipher_state(s,i))
+			if (!do_change_cipher_spec(s))
 				goto err;
-
-			/* we have to record the message digest at
-			 * this point so we can get it before we read
-			 * the finished message */
-			sender=(s->state & SSL_ST_CONNECT)
-				?&(ssl3_server_finished_const[0])
-				:&(ssl3_client_finished_const[0]);
-
-			ssl3_final_finish_mac(s,&(s->s3->finish_dgst1),
-				sender,&(s->s3->tmp.finish_md1[0]));
-			ssl3_final_finish_mac(s,&(s->s3->finish_dgst2),
-				sender,&(s->s3->tmp.finish_md2[0]));
-
-			goto start;
+			else
+				goto start;
 			}
 
 		/* else we have a handshake */
@@ -853,12 +846,68 @@ start:
 				SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
 				return(-1);
 				}
-			goto start;
+
+			/* In the case where we try to read application data
+			 * the first time, but we trigger an SSL handshake, we
+			 * return -1 with the retry option set.  I do this
+			 * otherwise renegotiation can cause nasty problems 
+			 * in the non-blocking world */
+
+			s->rwstate=SSL_READING;
+			bio=SSL_get_rbio(s);
+			BIO_clear_retry_flags(bio);
+			BIO_set_retry_read(bio);
+			return(-1);
 			}
 
-		al=SSL3_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
-		goto f_err;
+		switch (rr->type)
+			{
+		default:
+#ifndef NO_TLS
+			/* TLS just ignores unknown message types */
+			if (s->version == TLS1_VERSION)
+				{
+				goto start;
+				}
+#endif
+		case SSL3_RT_CHANGE_CIPHER_SPEC:
+		case SSL3_RT_ALERT:
+		case SSL3_RT_HANDSHAKE:
+			al=SSL_AD_UNEXPECTED_MESSAGE;
+			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
+			goto f_err;
+		case SSL3_RT_APPLICATION_DATA:
+			/* At this point, we were expecting something else,
+			 * but have application data.  What we do is set the
+			 * error, and return -1.  On the way out, if the
+			 * library was running inside ssl3_read() and it makes
+			 * sense to read application data at this point, we
+			 * will indulge it.  This will mostly happen during
+			 * session renegotiation.
+			 */
+			if (s->s3->in_read_app_data &&
+				(s->s3->total_renegotiations != 0) &&
+				((
+				  (s->state & SSL_ST_CONNECT) &&
+				  (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
+				  (s->state <= SSL3_ST_CR_SRVR_HELLO_A)
+				 ) || (
+				  (s->state & SSL_ST_ACCEPT) &&
+				  (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
+				  (s->state >= SSL3_ST_SR_CLNT_HELLO_A)
+				 )
+				))
+				{
+				s->s3->in_read_app_data=0;
+				return(-1);
+				}
+			else
+				{
+				al=SSL_AD_UNEXPECTED_MESSAGE;
+				SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
+				goto f_err;
+				}
+			}
 		}
 
 	/* make sure that we are not getting application data when we
@@ -866,7 +915,7 @@ start:
 	if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
 		(s->enc_read_ctx == NULL))
 		{
-		al=SSL3_AD_UNEXPECTED_MESSAGE;
+		al=SSL_AD_UNEXPECTED_MESSAGE;
 		SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE);
 		goto f_err;
 		}
@@ -882,7 +931,10 @@ start:
 	rr->length-=n;
 	rr->off+=n;
 	if (rr->length <= 0)
+		{
 		s->rstate=SSL_ST_READ_HEADER;
+		rr->off=0;
+		}
 
 	if (type == SSL3_RT_HANDSHAKE)
 		ssl3_finish_mac(s,(unsigned char *)buf,n);
@@ -893,6 +945,49 @@ err:
 	return(-1);
 	}
 
+static int do_change_cipher_spec(s)
+SSL *s;
+	{
+	int i;
+	unsigned char *sender;
+	int slen;
+
+	if (s->state & SSL_ST_ACCEPT)
+		i=SSL3_CHANGE_CIPHER_SERVER_READ;
+	else
+		i=SSL3_CHANGE_CIPHER_CLIENT_READ;
+
+	if (s->s3->tmp.key_block == NULL)
+		{
+		s->session->cipher=s->s3->tmp.new_cipher;
+		if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
+		}
+
+	if (!s->method->ssl3_enc->change_cipher_state(s,i))
+		return(0);
+
+	/* we have to record the message digest at
+	 * this point so we can get it before we read
+	 * the finished message */
+	if (s->state & SSL_ST_CONNECT)
+		{
+		sender=s->method->ssl3_enc->server_finished;
+		slen=s->method->ssl3_enc->server_finished_len;
+		}
+	else
+		{
+		sender=s->method->ssl3_enc->client_finished;
+		slen=s->method->ssl3_enc->client_finished_len;
+		}
+
+	s->method->ssl3_enc->final_finish_mac(s,
+		&(s->s3->finish_dgst1),
+		&(s->s3->finish_dgst2),
+		sender,slen,&(s->s3->tmp.finish_md[0]));
+
+	return(1);
+	}
+
 int ssl3_do_write(s,type)
 SSL *s;
 int type;
@@ -914,6 +1009,9 @@ SSL *s;
 int level;
 int desc;
 	{
+	/* Map tls/ssl alert value to correct one */
+	desc=s->method->ssl3_enc->alert_value(desc);
+	if (desc < 0) return;
 	/* If a fatal one, remove from cache */
 	if ((level == 2) && (s->session != NULL))
 		SSL_CTX_remove_session(s->ctx,s->session);
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index ebff57506f..64903af151 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1,5 +1,5 @@
 /* ssl/s3_srvr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -96,14 +96,13 @@ static int ssl3_get_cert_verify();
 static int ssl3_get_client_key_exchange();
 static int ssl3_get_client_certificate();
 static int ssl3_send_hello_request();
-static SSL_METHOD *ssl3_get_server_method();
 
 #endif
 
 static SSL_METHOD *ssl3_get_server_method(ver)
 int ver;
 	{
-	if (ver == 3)
+	if (ver == SSL3_VERSION)
 		return(SSLv3_server_method());
 	else
 		return(NULL);
@@ -134,12 +133,12 @@ SSL *s;
 	long num1;
 	int ret= -1;
 	CERT *ct;
-	BIO *bbio,*under;
+	BIO *under;
 	int new_state,state,skip=0;
 
 	RAND_seed((unsigned char *)&Time,sizeof(Time));
 	ERR_clear_error();
-	errno=0;
+	clear_sys_error();
 
 	if (s->info_callback != NULL)
 		cb=s->info_callback;
@@ -179,7 +178,9 @@ SSL *s;
 
 			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
 
-			s->version=3;
+			if ((s->version>>8) != 3)
+				abort();
+			/* s->version=SSL3_VERSION; */
 			s->type=SSL_ST_ACCEPT;
 
 			if (s->init_buf == NULL)
@@ -206,39 +207,19 @@ SSL *s;
 			/* Ok, we now need to push on a buffering BIO so that
 			 * the output is sent in a way that TCP likes :-)
 			 */
-			if (s->bbio == NULL)
-				{
-				bbio=BIO_new(BIO_f_buffer());
-				if (bbio == NULL)
-					{
-					SSLerr(SSL_F_SSL3_ACCEPT,ERR_LIB_BUF);
-					ret= -1;
-					goto end;
-					}
-				s->bbio=bbio;
-				}
-			else
-				bbio=s->bbio;
-			BIO_reset(bbio);
-			if (!BIO_set_write_buffer_size(bbio,16*1024))
-				{
-				SSLerr(SSL_F_SSL3_ACCEPT,ERR_LIB_BUF);
-				ret= -1;
-				goto end;
-				}
+			if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
 
-			s->wbio=BIO_push(bbio,s->wbio);
-
-			s->ctx->sess_accept++;
 			s->init_num=0;
 
 			if (s->state != SSL_ST_RENEGOTIATE)
 				{
 				s->state=SSL3_ST_SR_CLNT_HELLO_A;
 				ssl3_init_finished_mac(s);
+				s->ctx->sess_accept++;
 				}
 			else
 				{
+				s->ctx->sess_accept_renegotiate++;
 				s->state=SSL3_ST_SW_HELLO_REQ_A;
 				}
 			break;
@@ -269,7 +250,7 @@ SSL *s;
 			s->state=SSL_ST_OK;
 			ret=1;
 			goto end;
-			break;
+			/* break; */
 
 		case SSL3_ST_SR_CLNT_HELLO_A:
 		case SSL3_ST_SR_CLNT_HELLO_B:
@@ -328,7 +309,7 @@ SSL *s;
 
 			/* clear this, it may get reset by
 			 * send_server_key_exchange */
-			if (s->ctx->options & SSL_OP_EPHEMERAL_RSA)
+			if (s->options & SSL_OP_EPHEMERAL_RSA)
 				s->s3->tmp.use_rsa_tmp=1;
 			else
 				s->s3->tmp.use_rsa_tmp=0;
@@ -364,10 +345,12 @@ SSL *s;
 				{
 				/* no cert request */
 				skip=1;
+				s->s3->tmp.cert_request=0;
 				s->state=SSL3_ST_SW_SRVR_DONE_A;
 				}
 			else
 				{
+				s->s3->tmp.cert_request=1;
 				ret=ssl3_send_certificate_request(s);
 				if (ret <= 0) goto end;
 				s->state=SSL3_ST_SW_SRVR_DONE_A;
@@ -417,10 +400,12 @@ SSL *s;
 
 			/* We need to get hashes here so if there is
 			 * a client cert, it can be verified */ 
-			ssl3_final_finish_mac(s,&(s->s3->finish_dgst1),
-				NULL,&(s->s3->tmp.finish_md1[0]));
-			ssl3_final_finish_mac(s,&(s->s3->finish_dgst2),
-				NULL,&(s->s3->tmp.finish_md2[0]));
+			s->method->ssl3_enc->cert_verify_mac(s,
+				&(s->s3->finish_dgst1),
+				&(s->s3->tmp.finish_md[0]));
+			s->method->ssl3_enc->cert_verify_mac(s,
+				&(s->s3->finish_dgst2),
+				&(s->s3->tmp.finish_md[MD5_DIGEST_LENGTH]));
 
 			break;
 
@@ -438,8 +423,7 @@ SSL *s;
 		case SSL3_ST_SR_FINISHED_A:
 		case SSL3_ST_SR_FINISHED_B:
 			ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
-				SSL3_ST_SR_FINISHED_B,
-				&(ssl3_client_finished_const[0]));
+				SSL3_ST_SR_FINISHED_B);
 			if (ret <= 0) goto end;
 			if (s->hit)
 				s->state=SSL_ST_OK;
@@ -452,7 +436,8 @@ SSL *s;
 		case SSL3_ST_SW_CHANGE_B:
 
 			s->session->cipher=s->s3->tmp.new_cipher;
-			if (!ssl3_setup_key_block(s)) { ret= -1; goto end; }
+			if (!s->method->ssl3_enc->setup_key_block(s))
+				{ ret= -1; goto end; }
 
 			ret=ssl3_send_change_cipher_spec(s,
 				SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B);
@@ -461,7 +446,7 @@ SSL *s;
 			s->state=SSL3_ST_SW_FINISHED_A;
 			s->init_num=0;
 
-			if (!ssl3_change_cipher_state(s,
+			if (!s->method->ssl3_enc->change_cipher_state(s,
 				SSL3_CHANGE_CIPHER_SERVER_WRITE))
 				{
 				ret= -1;
@@ -474,7 +459,8 @@ SSL *s;
 		case SSL3_ST_SW_FINISHED_B:
 			ret=ssl3_send_finished(s,
 				SSL3_ST_SW_FINISHED_A,SSL3_ST_SW_FINISHED_B,
-				&(ssl3_server_finished_const[0]));
+				s->method->ssl3_enc->server_finished,
+				s->method->ssl3_enc->server_finished_len);
 			if (ret <= 0) goto end;
 			s->state=SSL3_ST_SW_FLUSH;
 			if (s->hit)
@@ -513,18 +499,23 @@ SSL *s;
 			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
 
 			goto end;
-			break;
+			/* break; */
 
 		default:
 			SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_UNKNOWN_STATE);
 			ret= -1;
 			goto end;
-			break;
+			/* break; */
 			}
 		
 		if (!s->s3->tmp.reuse_message && !skip)
 			{
-			if (s->debug) BIO_flush(s->wbio);
+			if (s->debug)
+				{
+				if ((ret=BIO_flush(s->wbio)) <= 0)
+					goto end;
+				}
+
 
 			if ((cb != NULL) && (s->state != state))
 				{
@@ -578,6 +569,12 @@ SSL *s;
 	SSL_CIPHER *c;
 	STACK *ciphers=NULL;
 
+	/* We do this so that we will respond with our native type.
+	 * If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
+	 * This down switching should be handled by a different method.
+	 * If we are SSLv3, we will respond with SSLv3, even if prompted with
+	 * TLSv1.
+	 */
 	if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
 		{
 		s->first_packet=1;
@@ -593,11 +590,9 @@ SSL *s;
 	if (!ok) return((int)n);
 	d=p=(unsigned char *)s->init_buf->data;
 
-	if (p[0] != SSL3_VERSION_MAJOR)
-		{
-		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_WRONG_SSL_VERSION);
-		goto err;
-		}
+	/* The version number has already been checked in ssl3_get_message.
+	 * I a native TLSv1/SSLv3 method, the match must be correct except
+	 * perhaps for the first message */
 	p+=2;
 
 	/* load the client random */
@@ -615,7 +610,7 @@ SSL *s;
 		}
 	else
 		{
-		i=ssl_get_prev_session(s,j,p);
+		i=ssl_get_prev_session(s,p,j);
 		if (i == 1)
 			{ /* previous session */
 			s->hit=1;
@@ -632,14 +627,14 @@ SSL *s;
 	if ((i == 0) && (j != 0))
 		{
 		/* we need a cipher if we are not resuming a session */
-		al=SSL3_AD_ILLEGAL_PARAMETER;
+		al=SSL_AD_ILLEGAL_PARAMETER;
 		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
 		goto f_err;
 		}
 	if ((i+p) > (d+n))
 		{
 		/* not enough data */
-		al=SSL3_AD_ILLEGAL_PARAMETER;
+		al=SSL_AD_DECODE_ERROR;
 		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
 		goto f_err;
 		}
@@ -667,7 +662,7 @@ SSL *s;
 			}
 		if (j == 0)
 			{
-			if ((s->ctx->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_num(ciphers) == 1))
+			if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_num(ciphers) == 1))
 				{
 				/* Very bad for multi-threading.... */
 				s->session->cipher=
@@ -677,7 +672,7 @@ SSL *s;
 				{
 				/* we need to have the cipher in the cipher
 				 * list if we are asked to reuse it */
-				al=SSL3_AD_ILLEGAL_PARAMETER;
+				al=SSL_AD_ILLEGAL_PARAMETER;
 				SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING);
 				goto f_err;
 				}
@@ -693,18 +688,22 @@ SSL *s;
 	if (j >= i)
 		{
 		/* no compress */
-		al=SSL3_AD_ILLEGAL_PARAMETER;
+		al=SSL_AD_DECODE_ERROR;
 		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_COMPRESSION_SPECIFIED);
 		goto f_err;
 		}
 
-	if (p > (d+n))
+	/* TLS does not mind if there is extra stuff */
+	if (s->version == SSL3_VERSION)
 		{
-		/* wrong number of bytes,
-		 * there could be more to follow */
-		al=SSL3_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
-		goto f_err;
+		if (p > (d+n))
+			{
+			/* wrong number of bytes,
+			 * there could be more to follow */
+			al=SSL_AD_DECODE_ERROR;
+			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
+			goto f_err;
+			}
 		}
 
 	/* do nothing with compression */
@@ -719,7 +718,7 @@ SSL *s;
 		s->session->ciphers=ciphers;
 		if (ciphers == NULL)
 			{
-			al=SSL3_AD_HANDSHAKE_FAILURE;
+			al=SSL_AD_ILLEGAL_PARAMETER;
 			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_PASSED);
 			goto f_err;
 			}
@@ -729,7 +728,7 @@ SSL *s;
 
 		if (c == NULL)
 			{
-			al=SSL3_AD_HANDSHAKE_FAILURE;
+			al=SSL_AD_HANDSHAKE_FAILURE;
 			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER);
 			goto f_err;
 			}
@@ -743,7 +742,7 @@ SSL *s;
 		SSL_CIPHER *nc=NULL;
 		SSL_CIPHER *ec=NULL;
 
-		if (s->ctx->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
+		if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
 			{
 			sk=s->session->ciphers;
 			for (i=0; i<sk_num(sk); i++)
@@ -806,8 +805,8 @@ SSL *s;
 		/* Do the message type and length last */
 		d=p= &(buf[4]);
 
-		*(p++)=SSL3_VERSION_MAJOR;
-		*(p++)=SSL3_VERSION_MINOR;
+		*(p++)=s->version>>8;
+		*(p++)=s->version&0xff;
 
 		/* Random stuff */
 		memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
@@ -819,7 +818,10 @@ SSL *s;
 		 * back the new session-id or we send back a 0 length
 		 * session-id if we want it to be single use.
 		 * Currently I will not implement the '0' length session-id
+		 * 12-Jan-98 - I'll now support the '0' length stuff.
 		 */
+		if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER))
+			s->session->session_id_length=0;
 
 		sl=s->session->session_id_length;
 		*(p++)=sl;
@@ -920,7 +922,7 @@ SSL *s;
 				}
 			if (rsa == NULL)
 				{
-				al=SSL3_AD_HANDSHAKE_FAILURE;
+				al=SSL_AD_HANDSHAKE_FAILURE;
 				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY);
 				goto f_err;
 				}
@@ -940,7 +942,7 @@ SSL *s;
 					SSL_NOT_EXP)?0:1);
 			if (dhp == NULL)
 				{
-				al=SSL3_AD_HANDSHAKE_FAILURE;
+				al=SSL_AD_HANDSHAKE_FAILURE;
 				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
 				goto f_err;
 				}
@@ -953,7 +955,7 @@ SSL *s;
 			s->s3->tmp.dh=dh;
 			if (((dhp->pub_key == NULL) ||
 			     (dhp->priv_key == NULL) ||
-			     (s->ctx->options & SSL_OP_SINGLE_DH_USE)) &&
+			     (s->options & SSL_OP_SINGLE_DH_USE)) &&
 			    (!DH_generate_key(dh)))
 				{
 				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
@@ -977,7 +979,7 @@ SSL *s;
 		else 
 #endif
 			{
-			al=SSL3_AD_HANDSHAKE_FAILURE;
+			al=SSL_AD_HANDSHAKE_FAILURE;
 			SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
 			goto f_err;
 			}
@@ -992,7 +994,7 @@ SSL *s;
 			if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
 				== NULL)
 				{
-				al=SSL3_AD_HANDSHAKE_FAILURE;
+				al=SSL_AD_DECODE_ERROR;
 				goto f_err;
 				}
 			kn=EVP_PKEY_size(pkey);
@@ -1030,7 +1032,8 @@ SSL *s;
 				j=0;
 				for (num=2; num > 0; num--)
 					{
-					EVP_DigestInit(&md_ctx,(num == 2)?EVP_md5():EVP_sha1());
+					EVP_DigestInit(&md_ctx,(num == 2)
+						?s->ctx->md5:s->ctx->sha1);
 					EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
 					EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
 					EVP_DigestUpdate(&md_ctx,&(d[4]),n);
@@ -1072,7 +1075,7 @@ SSL *s;
 #endif
 				{
 				/* Is this error check actually needed? */
-				al=SSL3_AD_HANDSHAKE_FAILURE;
+				al=SSL_AD_HANDSHAKE_FAILURE;
 				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE);
 				goto f_err;
 				}
@@ -1135,7 +1138,7 @@ SSL *s;
 					goto err;
 					}
 				p=(unsigned char *)&(buf->data[4+n]);
-				if (!(s->ctx->options & SSL_OP_NETSCAPE_CA_DN_BUG))
+				if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
 					{
 					s2n(j,p);
 					i2d_X509_NAME(name,&p);
@@ -1181,9 +1184,11 @@ SSL *s;
 	unsigned long l;
 	unsigned char *p;
 	RSA *rsa=NULL;
-	BIGNUM *pub=NULL;
 	EVP_PKEY *pkey=NULL;
+#ifndef NO_DH
+	BIGNUM *pub=NULL;
 	DH *dh_srvr;
+#endif
 
 	n=ssl3_get_message(s,
 		SSL3_ST_SR_KEY_EXCH_A,
@@ -1213,7 +1218,7 @@ SSL *s;
 			 * be sent already */
 			if (rsa == NULL)
 				{
-				al=SSL3_AD_HANDSHAKE_FAILURE;
+				al=SSL_AD_HANDSHAKE_FAILURE;
 				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_PKEY);
 				goto f_err;
 
@@ -1226,22 +1231,41 @@ SSL *s;
 				(pkey->type != EVP_PKEY_RSA) ||
 				(pkey->pkey.rsa == NULL))
 				{
-				al=SSL3_AD_HANDSHAKE_FAILURE;
+				al=SSL_AD_HANDSHAKE_FAILURE;
 				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE);
 				goto f_err;
 				}
 			rsa=pkey->pkey.rsa;
 			}
 
+		/* TLS */
+		if (s->version > SSL3_VERSION)
+			{
+			n2s(p,i);
+			if (n != i+2)
+				{
+				if (!(s->options & SSL_OP_TLS_D5_BUG))
+					{
+					SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
+					goto err;
+					}
+				else
+					p-=2;
+				}
+			else
+				n=i;
+			}
+
 		i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING);
+
 #if 1
 		/* If a bad decrypt, use a dud master key */
 		if ((i != SSL_MAX_MASTER_KEY_LENGTH) ||
-			(p[0] != 3) ||
-			 (p[1] != 0))
+			((p[0] != (s->version>>8)) ||
+			 (p[1] != (s->version & 0xff))))
 			{
-			p[0]=3;
-			p[1]=0;
+			p[0]=(s->version>>8);
+			p[1]=(s->version & 0xff);
 			RAND_bytes(&(p[2]),SSL_MAX_MASTER_KEY_LENGTH-2);
 			i=SSL_MAX_MASTER_KEY_LENGTH;
 			}
@@ -1262,7 +1286,7 @@ SSL *s;
 #endif
 
 		s->session->master_key_length=
-			ssl3_generate_master_secret(s,
+			s->method->ssl3_enc->generate_master_secret(s,
 				s->session->master_key,
 				p,i);
 		memset(p,0,i);
@@ -1272,11 +1296,10 @@ SSL *s;
 #ifndef NO_DH
 		if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
 		{
-
 		n2s(p,i);
 		if (n != i+2)
 			{
-			if (!(s->ctx->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG))
+			if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG))
 				{
 				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
 				goto err;
@@ -1290,7 +1313,7 @@ SSL *s;
 
 		if (n == 0L) /* the parameters are in the cert */
 			{
-			al=SSL3_AD_HANDSHAKE_FAILURE;
+			al=SSL_AD_HANDSHAKE_FAILURE;
 			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_DECODE_DH_CERTS);
 			goto f_err;
 			}
@@ -1298,7 +1321,7 @@ SSL *s;
 			{
 			if (s->s3->tmp.dh == NULL)
 				{
-				al=SSL3_AD_HANDSHAKE_FAILURE;
+				al=SSL_AD_HANDSHAKE_FAILURE;
 				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
 				goto f_err;
 				}
@@ -1312,6 +1335,7 @@ SSL *s;
 			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BN_LIB);
 			goto err;
 			}
+
 		i=DH_compute_key(p,pub,dh_srvr);
 
 		if (i <= 0)
@@ -1326,13 +1350,13 @@ SSL *s;
 		BN_clear_free(pub);
 		pub=NULL;
 		s->session->master_key_length=
-			ssl3_generate_master_secret(s,
+			s->method->ssl3_enc->generate_master_secret(s,
 				s->session->master_key,p,i);
 		}
 	else
 #endif
 		{
-		al=SSL3_AD_HANDSHAKE_FAILURE;
+		al=SSL_AD_HANDSHAKE_FAILURE;
 		SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNKNOWN_CIPHER_TYPE);
 		goto f_err;
 		}
@@ -1340,7 +1364,9 @@ SSL *s;
 	return(1);
 f_err:
 	ssl3_send_alert(s,SSL3_AL_FATAL,al);
+#if !defined(NO_DH) || !defined(NO_RSA)
 err:
+#endif
 	return(-1);
 	}
 
@@ -1380,8 +1406,8 @@ SSL *s;
 		s->s3->tmp.reuse_message=1;
 		if ((peer != NULL) && (type | EVP_PKT_SIGN))
 			{
+			al=SSL_AD_UNEXPECTED_MESSAGE;
 			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE);
-			al=SSL3_AD_UNEXPECTED_MESSAGE;
 			goto f_err;
 			}
 		ret=1;
@@ -1391,21 +1417,21 @@ SSL *s;
 	if (peer == NULL)
 		{
 		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_NO_CLIENT_CERT_RECEIVED);
-		al=SSL3_AD_UNEXPECTED_MESSAGE;
+		al=SSL_AD_UNEXPECTED_MESSAGE;
 		goto f_err;
 		}
 
 	if (!(type & EVP_PKT_SIGN))
 		{
 		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
-		al=SSL3_AD_ILLEGAL_PARAMETER;
+		al=SSL_AD_ILLEGAL_PARAMETER;
 		goto f_err;
 		}
 
 	if (s->s3->change_cipher_spec)
 		{
 		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
-		al=SSL3_AD_UNEXPECTED_MESSAGE;
+		al=SSL_AD_UNEXPECTED_MESSAGE;
 		goto f_err;
 		}
 
@@ -1416,7 +1442,7 @@ SSL *s;
 	if (i > n)
 		{
 		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH);
-		al=SSL3_AD_ILLEGAL_PARAMETER;
+		al=SSL_AD_DECODE_ERROR;
 		goto f_err;
 		}
 
@@ -1424,7 +1450,7 @@ SSL *s;
 	if ((i > j) || (n > j) || (n <= 0))
 		{
 		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_WRONG_SIGNATURE_SIZE);
-		al=SSL3_AD_ILLEGAL_PARAMETER;
+		al=SSL_AD_DECODE_ERROR;
 		goto f_err;
 		}
 
@@ -1434,17 +1460,15 @@ SSL *s;
 		i=RSA_public_decrypt(i,p,p,pkey->pkey.rsa,RSA_PKCS1_PADDING);
 		if (i < 0)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECRYPT_ERROR;
 			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_DECRYPT);
 			goto f_err;
 			}
 		if ((i != (MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH)) ||
-			memcmp(&(s->s3->tmp.finish_md1[0]),
-				p,MD5_DIGEST_LENGTH) ||
-			memcmp(&(s->s3->tmp.finish_md2[0]),
-				&(p[MD5_DIGEST_LENGTH]),SHA_DIGEST_LENGTH))
+			memcmp(&(s->s3->tmp.finish_md[0]),p,
+				MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH))
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECRYPT_ERROR;
 			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_SIGNATURE);
 			goto f_err;
 			}
@@ -1454,12 +1478,13 @@ SSL *s;
 #ifndef NO_DSA
 		if (pkey->type == EVP_PKEY_DSA)
 		{
-		j=DSA_verify(pkey->save_type,s->s3->tmp.finish_md2,
+		j=DSA_verify(pkey->save_type,
+			&(s->s3->tmp.finish_md[MD5_DIGEST_LENGTH]),
 			SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);
 		if (j <= 0)
 			{
 			/* bad signature */
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECRYPT_ERROR;
 			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_DSA_SIGNATURE);
 			goto f_err;
 			}
@@ -1468,7 +1493,7 @@ SSL *s;
 #endif
 		{
 		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_INTERNAL_ERROR);
-		al=SSL3_AD_UNSUPPORTED_CERTIFICATE;
+		al=SSL_AD_UNSUPPORTED_CERTIFICATE;
 		goto f_err;
 		}
 
@@ -1511,7 +1536,14 @@ SSL *s;
 			(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
 			{
 			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
-			al=SSL3_AD_NO_CERTIFICATE;
+			al=SSL_AD_HANDSHAKE_FAILURE;
+			goto f_err;
+			}
+		/* If tls asked for a client cert we must return a 0 list */
+		if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request)
+			{
+			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST);
+			al=SSL_AD_UNEXPECTED_MESSAGE;
 			goto f_err;
 			}
 		s->s3->tmp.reuse_message=1;
@@ -1520,7 +1552,7 @@ SSL *s;
 
 	if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
 		{
-		al=SSL3_AD_UNEXPECTED_MESSAGE;
+		al=SSL_AD_UNEXPECTED_MESSAGE;
 		SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE);
 		goto f_err;
 		}
@@ -1535,7 +1567,7 @@ SSL *s;
 	n2l3(p,llen);
 	if (llen+3 != n)
 		{
-		al=SSL3_AD_ILLEGAL_PARAMETER;
+		al=SSL_AD_DECODE_ERROR;
 		SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
 		goto f_err;
 		}
@@ -1544,7 +1576,7 @@ SSL *s;
 		n2l3(p,l);
 		if ((l+nc+3) > llen)
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECODE_ERROR;
 			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
 			goto f_err;
 			}
@@ -1558,7 +1590,7 @@ SSL *s;
 			}
 		if (p != (q+l))
 			{
-			al=SSL3_AD_ILLEGAL_PARAMETER;
+			al=SSL_AD_DECODE_ERROR;
 			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
 			goto f_err;
 			}
@@ -1573,22 +1605,36 @@ SSL *s;
 
 	if (sk_num(sk) <= 0)
 		{
-		al=SSL3_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATES_PASSED);
-		goto f_err;
+		/* TLS does not mind 0 certs returned */
+		if (s->version == SSL3_VERSION)
+			{
+			al=SSL_AD_HANDSHAKE_FAILURE;
+			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATES_RETURNED);
+			goto f_err;
+			}
+		/* Fail for TLS only if we required a certificate */
+		else if ((s->verify_mode & SSL_VERIFY_PEER) &&
+			 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
+			{
+			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
+			al=SSL_AD_HANDSHAKE_FAILURE;
+			goto f_err;
+			}
 		}
-	i=ssl_verify_cert_chain(s,sk);
-	if (!i)
+	else
 		{
-		al=ssl_verify_alarm_type(s->verify_result);
-		SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);
-		goto f_err;
+		i=ssl_verify_cert_chain(s,sk);
+		if (!i)
+			{
+			al=ssl_verify_alarm_type(s->verify_result);
+			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);
+			goto f_err;
+			}
 		}
 
 	/* This should not be needed */
 	if (s->session->peer != NULL)
 		X509_free(s->session->peer);
-	
 	s->session->peer=(X509 *)sk_shift(sk);
 
 	ret=1;
diff --git a/ssl/ssl.c b/ssl/ssl.c
index fcc29b0e45..1f769a18f2 100644
--- a/ssl/ssl.c
+++ b/ssl/ssl.c
@@ -1,5 +1,5 @@
 /* ssl/ssl.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/ssl/ssl.err b/ssl/ssl.err
index f3bc5d37ab..c54326c624 100644
--- a/ssl/ssl.err
+++ b/ssl/ssl.err
@@ -82,29 +82,34 @@
 #define SSL_F_SSL_GET_NEW_SESSION			 178
 #define SSL_F_SSL_GET_SERVER_SEND_CERT			 179
 #define SSL_F_SSL_GET_SIGN_PKEY				 180
-#define SSL_F_SSL_LOAD_CLIENT_CA_FILE			 181
-#define SSL_F_SSL_NEW					 182
-#define SSL_F_SSL_RSA_PRIVATE_DECRYPT			 183
-#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT			 184
-#define SSL_F_SSL_SESSION_NEW				 185
-#define SSL_F_SSL_SESSION_PRINT_FP			 186
-#define SSL_F_SSL_SET_FD				 187
-#define SSL_F_SSL_SET_PKEY				 188
-#define SSL_F_SSL_SET_RFD				 189
-#define SSL_F_SSL_SET_SESSION				 190
-#define SSL_F_SSL_SET_WFD				 191
-#define SSL_F_SSL_UNDEFINED_FUNCTION			 192
-#define SSL_F_SSL_USE_CERTIFICATE			 193
-#define SSL_F_SSL_USE_CERTIFICATE_ASN1			 194
-#define SSL_F_SSL_USE_CERTIFICATE_FILE			 195
-#define SSL_F_SSL_USE_PRIVATEKEY			 196
-#define SSL_F_SSL_USE_PRIVATEKEY_ASN1			 197
-#define SSL_F_SSL_USE_PRIVATEKEY_FILE			 198
-#define SSL_F_SSL_USE_RSAPRIVATEKEY			 199
-#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1		 200
-#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE		 201
-#define SSL_F_SSL_WRITE					 202
-#define SSL_F_WRITE_PENDING				 203
+#define SSL_F_SSL_INIT_WBIO_BUFFER			 181
+#define SSL_F_SSL_LOAD_CLIENT_CA_FILE			 182
+#define SSL_F_SSL_NEW					 183
+#define SSL_F_SSL_RSA_PRIVATE_DECRYPT			 184
+#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT			 185
+#define SSL_F_SSL_SESSION_NEW				 186
+#define SSL_F_SSL_SESSION_PRINT_FP			 187
+#define SSL_F_SSL_SET_CERT				 188
+#define SSL_F_SSL_SET_FD				 189
+#define SSL_F_SSL_SET_PKEY				 190
+#define SSL_F_SSL_SET_RFD				 191
+#define SSL_F_SSL_SET_SESSION				 192
+#define SSL_F_SSL_SET_WFD				 193
+#define SSL_F_SSL_UNDEFINED_FUNCTION			 194
+#define SSL_F_SSL_USE_CERTIFICATE			 195
+#define SSL_F_SSL_USE_CERTIFICATE_ASN1			 196
+#define SSL_F_SSL_USE_CERTIFICATE_FILE			 197
+#define SSL_F_SSL_USE_PRIVATEKEY			 198
+#define SSL_F_SSL_USE_PRIVATEKEY_ASN1			 199
+#define SSL_F_SSL_USE_PRIVATEKEY_FILE			 200
+#define SSL_F_SSL_USE_RSAPRIVATEKEY			 201
+#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1		 202
+#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE		 203
+#define SSL_F_SSL_WRITE					 204
+#define SSL_F_TLS1_CHANGE_CIPHER_STATE			 205
+#define SSL_F_TLS1_ENC					 206
+#define SSL_F_TLS1_SETUP_KEY_BLOCK			 207
+#define SSL_F_WRITE_PENDING				 208
 
 /* Reason codes. */
 #define SSL_R_APP_DATA_IN_HANDSHAKE			 100
@@ -123,103 +128,109 @@
 #define SSL_R_BAD_MAC_DECODE				 113
 #define SSL_R_BAD_MESSAGE_TYPE				 114
 #define SSL_R_BAD_PACKET_LENGTH				 115
-#define SSL_R_BAD_RESPONSE_ARGUMENT			 116
-#define SSL_R_BAD_RSA_DECRYPT				 117
-#define SSL_R_BAD_RSA_ENCRYPT				 118
-#define SSL_R_BAD_RSA_E_LENGTH				 119
-#define SSL_R_BAD_RSA_MODULUS_LENGTH			 120
-#define SSL_R_BAD_RSA_SIGNATURE				 121
-#define SSL_R_BAD_SIGNATURE				 122
-#define SSL_R_BAD_SSL_FILETYPE				 123
-#define SSL_R_BAD_SSL_SESSION_ID_LENGTH			 124
-#define SSL_R_BAD_STATE					 125
-#define SSL_R_BAD_WRITE_RETRY				 126
-#define SSL_R_BIO_NOT_SET				 127
-#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG			 128
-#define SSL_R_BN_LIB					 129
-#define SSL_R_CA_DN_LENGTH_MISMATCH			 130
-#define SSL_R_CA_DN_TOO_LONG				 131
-#define SSL_R_CCS_RECEIVED_EARLY			 132
-#define SSL_R_CERTIFICATE_VERIFY_FAILED			 133
-#define SSL_R_CERT_LENGTH_MISMATCH			 134
-#define SSL_R_CHALLENGE_IS_DIFFERENT			 135
-#define SSL_R_CIPHER_CODE_WRONG_LENGTH			 136
-#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE		 137
-#define SSL_R_CIPHER_TABLE_SRC_ERROR			 138
-#define SSL_R_COMPRESSED_LENGTH_TOO_LONG		 139
-#define SSL_R_COMPRESSION_FAILURE			 140
-#define SSL_R_CONNECTION_ID_IS_DIFFERENT		 141
-#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED		 142
-#define SSL_R_DATA_LENGTH_TOO_LONG			 143
-#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG		 144
-#define SSL_R_DIGEST_CHECK_FAILED			 145
-#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG			 146
-#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST		 147
-#define SSL_R_EXCESSIVE_MESSAGE_SIZE			 148
-#define SSL_R_EXTRA_DATA_IN_MESSAGE			 149
-#define SSL_R_GOT_A_FIN_BEFORE_A_CCS			 150
-#define SSL_R_INTERNAL_ERROR				 151
-#define SSL_R_INVALID_CHALLENGE_LENGTH			 152
-#define SSL_R_LENGTH_MISMATCH				 153
-#define SSL_R_LENGTH_TOO_SHORT				 154
-#define SSL_R_LIBRARY_HAS_NO_CIPHERS			 155
-#define SSL_R_MISSING_DH_DSA_CERT			 156
-#define SSL_R_MISSING_DH_KEY				 157
-#define SSL_R_MISSING_DH_RSA_CERT			 158
-#define SSL_R_MISSING_DSA_SIGNING_CERT			 159
-#define SSL_R_MISSING_EXPORT_TMP_DH_KEY			 160
-#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY		 161
-#define SSL_R_MISSING_RSA_CERTIFICATE			 162
-#define SSL_R_MISSING_RSA_ENCRYPTING_CERT		 163
-#define SSL_R_MISSING_RSA_SIGNING_CERT			 164
-#define SSL_R_MISSING_TMP_DH_KEY			 165
-#define SSL_R_MISSING_TMP_RSA_KEY			 166
-#define SSL_R_MISSING_TMP_RSA_PKEY			 167
-#define SSL_R_MISSING_VERIFY_MESSAGE			 168
-#define SSL_R_NON_SSLV2_INITIAL_PACKET			 169
-#define SSL_R_NO_CERTIFICATES_PASSED			 170
-#define SSL_R_NO_CERTIFICATE_ASSIGNED			 171
-#define SSL_R_NO_CERTIFICATE_RETURNED			 172
-#define SSL_R_NO_CERTIFICATE_SET			 173
-#define SSL_R_NO_CERTIFICATE_SPECIFIED			 174
-#define SSL_R_NO_CIPHERS_AVAILABLE			 175
-#define SSL_R_NO_CIPHERS_PASSED				 176
-#define SSL_R_NO_CIPHERS_SPECIFIED			 177
-#define SSL_R_NO_CIPHER_LIST				 178
-#define SSL_R_NO_CIPHER_MATCH				 179
-#define SSL_R_NO_CLIENT_CERT_RECEIVED			 180
-#define SSL_R_NO_COMPRESSION_SPECIFIED			 181
-#define SSL_R_NO_PRIVATEKEY				 182
-#define SSL_R_NO_PRIVATE_KEY_ASSIGNED			 183
-#define SSL_R_NO_PUBLICKEY				 184
-#define SSL_R_NO_SHARED_CIPHER				 185
-#define SSL_R_NULL_SSL_CTX				 186
-#define SSL_R_NULL_SSL_METHOD_PASSED			 187
-#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED		 188
-#define SSL_R_PACKET_LENGTH_TOO_LONG			 189
-#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE		 190
-#define SSL_R_PEER_ERROR				 191
-#define SSL_R_PEER_ERROR_CERTIFICATE			 192
-#define SSL_R_PEER_ERROR_NO_CERTIFICATE			 193
-#define SSL_R_PEER_ERROR_NO_CIPHER			 194
-#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE	 195
-#define SSL_R_PRE_MAC_LENGTH_TOO_LONG			 196
-#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS		 197
-#define SSL_R_PROTOCOL_IS_SHUTDOWN			 198
-#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR			 199
-#define SSL_R_PUBLIC_KEY_IS_NOT_RSA			 200
-#define SSL_R_PUBLIC_KEY_NOT_RSA			 201
-#define SSL_R_READ_BIO_NOT_SET				 202
-#define SSL_R_READ_WRONG_PACKET_TYPE			 203
-#define SSL_R_RECORD_LENGTH_MISMATCH			 204
-#define SSL_R_RECORD_TOO_LARGE				 205
-#define SSL_R_REQUIRED_CIPHER_MISSING			 206
-#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO		 207
-#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO			 208
-#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO		 209
-#define SSL_R_SHORT_READ				 210
-#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE	 211
-#define SSL_R_SSL3_SESSION_ID_TOO_SHORT			 212
+#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER		 116
+#define SSL_R_BAD_RESPONSE_ARGUMENT			 117
+#define SSL_R_BAD_RSA_DECRYPT				 118
+#define SSL_R_BAD_RSA_ENCRYPT				 119
+#define SSL_R_BAD_RSA_E_LENGTH				 120
+#define SSL_R_BAD_RSA_MODULUS_LENGTH			 121
+#define SSL_R_BAD_RSA_SIGNATURE				 122
+#define SSL_R_BAD_SIGNATURE				 123
+#define SSL_R_BAD_SSL_FILETYPE				 124
+#define SSL_R_BAD_SSL_SESSION_ID_LENGTH			 125
+#define SSL_R_BAD_STATE					 126
+#define SSL_R_BAD_WRITE_RETRY				 127
+#define SSL_R_BIO_NOT_SET				 128
+#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG			 129
+#define SSL_R_BN_LIB					 130
+#define SSL_R_CA_DN_LENGTH_MISMATCH			 131
+#define SSL_R_CA_DN_TOO_LONG				 132
+#define SSL_R_CCS_RECEIVED_EARLY			 133
+#define SSL_R_CERTIFICATE_VERIFY_FAILED			 134
+#define SSL_R_CERT_LENGTH_MISMATCH			 135
+#define SSL_R_CHALLENGE_IS_DIFFERENT			 136
+#define SSL_R_CIPHER_CODE_WRONG_LENGTH			 137
+#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE		 138
+#define SSL_R_CIPHER_TABLE_SRC_ERROR			 139
+#define SSL_R_COMPRESSED_LENGTH_TOO_LONG		 140
+#define SSL_R_COMPRESSION_FAILURE			 141
+#define SSL_R_CONNECTION_ID_IS_DIFFERENT		 142
+#define SSL_R_CONNECTION_TYPE_NOT_SET			 143
+#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED		 144
+#define SSL_R_DATA_LENGTH_TOO_LONG			 145
+#define SSL_R_DECRYPTION_FAILED				 146
+#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG		 147
+#define SSL_R_DIGEST_CHECK_FAILED			 148
+#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG			 149
+#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST		 150
+#define SSL_R_EXCESSIVE_MESSAGE_SIZE			 151
+#define SSL_R_EXTRA_DATA_IN_MESSAGE			 152
+#define SSL_R_GOT_A_FIN_BEFORE_A_CCS			 153
+#define SSL_R_HTTPS_PROXY_REQUEST			 154
+#define SSL_R_HTTP_REQUEST				 155
+#define SSL_R_INTERNAL_ERROR				 156
+#define SSL_R_INVALID_CHALLENGE_LENGTH			 157
+#define SSL_R_LENGTH_MISMATCH				 158
+#define SSL_R_LENGTH_TOO_SHORT				 159
+#define SSL_R_LIBRARY_HAS_NO_CIPHERS			 160
+#define SSL_R_MISSING_DH_DSA_CERT			 161
+#define SSL_R_MISSING_DH_KEY				 162
+#define SSL_R_MISSING_DH_RSA_CERT			 163
+#define SSL_R_MISSING_DSA_SIGNING_CERT			 164
+#define SSL_R_MISSING_EXPORT_TMP_DH_KEY			 165
+#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY		 166
+#define SSL_R_MISSING_RSA_CERTIFICATE			 167
+#define SSL_R_MISSING_RSA_ENCRYPTING_CERT		 168
+#define SSL_R_MISSING_RSA_SIGNING_CERT			 169
+#define SSL_R_MISSING_TMP_DH_KEY			 170
+#define SSL_R_MISSING_TMP_RSA_KEY			 171
+#define SSL_R_MISSING_TMP_RSA_PKEY			 172
+#define SSL_R_MISSING_VERIFY_MESSAGE			 173
+#define SSL_R_NON_SSLV2_INITIAL_PACKET			 174
+#define SSL_R_NO_CERTIFICATES_RETURNED			 175
+#define SSL_R_NO_CERTIFICATE_ASSIGNED			 176
+#define SSL_R_NO_CERTIFICATE_RETURNED			 177
+#define SSL_R_NO_CERTIFICATE_SET			 178
+#define SSL_R_NO_CERTIFICATE_SPECIFIED			 179
+#define SSL_R_NO_CIPHERS_AVAILABLE			 180
+#define SSL_R_NO_CIPHERS_PASSED				 181
+#define SSL_R_NO_CIPHERS_SPECIFIED			 182
+#define SSL_R_NO_CIPHER_LIST				 183
+#define SSL_R_NO_CIPHER_MATCH				 184
+#define SSL_R_NO_CLIENT_CERT_RECEIVED			 185
+#define SSL_R_NO_COMPRESSION_SPECIFIED			 186
+#define SSL_R_NO_PRIVATEKEY				 187
+#define SSL_R_NO_PRIVATE_KEY_ASSIGNED			 188
+#define SSL_R_NO_PROTOCOLS_AVAILABLE			 189
+#define SSL_R_NO_PUBLICKEY				 190
+#define SSL_R_NO_SHARED_CIPHER				 191
+#define SSL_R_NULL_SSL_CTX				 192
+#define SSL_R_NULL_SSL_METHOD_PASSED			 193
+#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED		 194
+#define SSL_R_PACKET_LENGTH_TOO_LONG			 195
+#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE		 196
+#define SSL_R_PEER_ERROR				 197
+#define SSL_R_PEER_ERROR_CERTIFICATE			 198
+#define SSL_R_PEER_ERROR_NO_CERTIFICATE			 199
+#define SSL_R_PEER_ERROR_NO_CIPHER			 200
+#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE	 201
+#define SSL_R_PRE_MAC_LENGTH_TOO_LONG			 202
+#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS		 203
+#define SSL_R_PROTOCOL_IS_SHUTDOWN			 204
+#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR			 205
+#define SSL_R_PUBLIC_KEY_IS_NOT_RSA			 206
+#define SSL_R_PUBLIC_KEY_NOT_RSA			 207
+#define SSL_R_READ_BIO_NOT_SET				 208
+#define SSL_R_READ_WRONG_PACKET_TYPE			 209
+#define SSL_R_RECORD_LENGTH_MISMATCH			 210
+#define SSL_R_RECORD_TOO_LARGE				 211
+#define SSL_R_REQUIRED_CIPHER_MISSING			 212
+#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO		 213
+#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO			 214
+#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO		 215
+#define SSL_R_SHORT_READ				 216
+#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE	 217
+#define SSL_R_SSL3_SESSION_ID_TOO_SHORT			 218
 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE		 1042
 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC		 1020
 #define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED		 1045
@@ -229,44 +240,51 @@
 #define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE		 1040
 #define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER		 1047
 #define SSL_R_SSLV3_ALERT_NO_CERTIFICATE		 1041
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE	 213
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE	 214
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER		 215
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 216
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE	 219
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE	 220
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER		 221
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 222
 #define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE		 1010
-#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE	 217
+#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE	 223
 #define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE	 1043
-#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION	 218
-#define SSL_R_SSL_HANDSHAKE_FAILURE			 219
-#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS		 220
-#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT		 221
-#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER		 222
-#define SSL_R_UNABLE_TO_DECODE_DH_CERTS			 223
-#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY		 224
-#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS		 225
-#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS	 226
-#define SSL_R_UNABLE_TO_FIND_SSL_METHOD			 227
-#define SSL_R_UNEXPECTED_MESSAGE			 228
-#define SSL_R_UNEXPECTED_RECORD				 229
-#define SSL_R_UNKNOWN_ALERT_TYPE			 230
-#define SSL_R_UNKNOWN_CERTIFICATE_TYPE			 231
-#define SSL_R_UNKNOWN_CIPHER_RETURNED			 232
-#define SSL_R_UNKNOWN_CIPHER_TYPE			 233
-#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE			 234
-#define SSL_R_UNKNOWN_PKEY_TYPE				 235
-#define SSL_R_UNKNOWN_PROTOCOL				 236
-#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE			 237
-#define SSL_R_UNKNOWN_SSL_VERSION			 238
-#define SSL_R_UNKNOWN_STATE				 239
-#define SSL_R_UNSUPPORTED_CIPHER			 240
-#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM		 241
-#define SSL_R_UNSUPPORTED_SSL_VERSION			 242
-#define SSL_R_WRITE_BIO_NOT_SET				 243
-#define SSL_R_WRONG_CIPHER_RETURNED			 244
-#define SSL_R_WRONG_MESSAGE_TYPE			 245
-#define SSL_R_WRONG_NUMBER_OF_KEY_BITS			 246
-#define SSL_R_WRONG_SIGNATURE_LENGTH			 247
-#define SSL_R_WRONG_SIGNATURE_SIZE			 248
-#define SSL_R_WRONG_SSL_VERSION				 249
-#define SSL_R_WRONG_VERSION_NUMBER			 250
-#define SSL_R_X509_LIB					 251
+#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION	 224
+#define SSL_R_SSL_HANDSHAKE_FAILURE			 225
+#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS		 226
+#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT		 227
+#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER	 228
+#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 229
+#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG	 230
+#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER		 231
+#define SSL_R_UNABLE_TO_DECODE_DH_CERTS			 232
+#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY		 233
+#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS		 234
+#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS	 235
+#define SSL_R_UNABLE_TO_FIND_SSL_METHOD			 236
+#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES		 237
+#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES		 238
+#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES		 239
+#define SSL_R_UNEXPECTED_MESSAGE			 240
+#define SSL_R_UNEXPECTED_RECORD				 241
+#define SSL_R_UNKNOWN_ALERT_TYPE			 242
+#define SSL_R_UNKNOWN_CERTIFICATE_TYPE			 243
+#define SSL_R_UNKNOWN_CIPHER_RETURNED			 244
+#define SSL_R_UNKNOWN_CIPHER_TYPE			 245
+#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE			 246
+#define SSL_R_UNKNOWN_PKEY_TYPE				 247
+#define SSL_R_UNKNOWN_PROTOCOL				 248
+#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE			 249
+#define SSL_R_UNKNOWN_SSL_VERSION			 250
+#define SSL_R_UNKNOWN_STATE				 251
+#define SSL_R_UNSUPPORTED_CIPHER			 252
+#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM		 253
+#define SSL_R_UNSUPPORTED_PROTOCOL			 254
+#define SSL_R_UNSUPPORTED_SSL_VERSION			 255
+#define SSL_R_WRITE_BIO_NOT_SET				 256
+#define SSL_R_WRONG_CIPHER_RETURNED			 257
+#define SSL_R_WRONG_MESSAGE_TYPE			 258
+#define SSL_R_WRONG_NUMBER_OF_KEY_BITS			 259
+#define SSL_R_WRONG_SIGNATURE_LENGTH			 260
+#define SSL_R_WRONG_SIGNATURE_SIZE			 261
+#define SSL_R_WRONG_SSL_VERSION				 262
+#define SSL_R_WRONG_VERSION_NUMBER			 263
+#define SSL_R_X509_LIB					 264
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 594295d5e0..cf8f9651b2 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1,5 +1,5 @@
 /* ssl/ssl.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -118,7 +118,6 @@ extern "C" {
 #define SSL_TXT_RC2		"RC2"
 #define SSL_TXT_IDEA		"IDEA"
 #define SSL_TXT_MD5		"MD5"
-#define SSL_TXT_SHA0		"SHA0"
 #define SSL_TXT_SHA1		"SHA1"
 #define SSL_TXT_SHA		"SHA"
 #define SSL_TXT_EXP		"EXP"
@@ -130,22 +129,18 @@ extern "C" {
 /* 'DEFAULT' at the start of the cipher list insert the following string
  * in addition to this being the default cipher string */
 #ifndef NO_RSA
-#define SSL_DEFAULT_CIPHER_LIST	"!ADH:RC4+RSA:HIGH:MEDIUM:LOW:EXP:+SSLv2:+EXP"
+#define SSL_DEFAULT_CIPHER_LIST	"ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
 #else
 #define SSL_ALLOW_ADH
 #define SSL_DEFAULT_CIPHER_LIST	"HIGH:MEDIUM:LOW:ADH+3DES:ADH+RC4:ADH+DES:+EXP"
 #endif
 
+/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
 #define SSL_SENT_SHUTDOWN	1
 #define SSL_RECEIVED_SHUTDOWN	2
-#define SSL_CTX_set_quiet_shutdown(ctx,y) ((ctx)->quiet_shutdown=(y));
-#define SSL_CTX_get_quiet_shutdown(ctx) ((ctx)->quiet_shutdown);
-#define SSL_set_quiet_shutdown(s,y)	((s)->quiet_shutdown=(y));
-#define SSL_get_quiet_shutdown(s)	((s)->quiet_shutdown);
-#define SSL_set_shutdown(s,mode)	((s)->shutdown=(mode))
-#define SSL_get_shutdown(s)		((s)->shutdown)
-#define SSL_version(s)			((s)->version)
 
+#include "crypto.h"
+#include "lhash.h"
 #include "buffer.h"
 #include "bio.h"
 #include "x509.h"
@@ -153,6 +148,9 @@ extern "C" {
 #define SSL_FILETYPE_ASN1	X509_FILETYPE_ASN1
 #define SSL_FILETYPE_PEM	X509_FILETYPE_PEM
 
+/* This is needed to stop compilers complaining about the
+ * 'struct ssl_st *' function parameters used to prototype callbacks
+ * in SSL_CTX. */
 typedef struct ssl_st *ssl_crock_st;
 
 /* used to hold info on the particular ciphers used */
@@ -166,7 +164,7 @@ typedef struct ssl_cipher_st
 	unsigned long mask;		/* used for matching */
 	} SSL_CIPHER;
 
-/* Used to hold functions for SSLv2 or SSLv3 functions */
+/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
 typedef struct ssl_method_st
 	{
 	int version;
@@ -189,6 +187,7 @@ typedef struct ssl_method_st
 	SSL_CIPHER *(*get_cipher)();
 	struct ssl_method_st *(*get_ssl_method)();
 	long (*get_timeout)();
+	struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
 	} SSL_METHOD;
 
 typedef struct ssl_compression_st
@@ -248,28 +247,39 @@ typedef struct ssl_session_st
 
 	STACK /* SSL_CIPHER */ *ciphers; /* shared ciphers? */
 
-	char *app_data; /* application specific data */
+	CRYPTO_EX_DATA ex_data; /* application specific data */
+
+	/* These are used to make removal of session-ids more
+	 * efficient and to implement a maximum cache size. */
+	struct ssl_session_st *prev,*next;
 	} SSL_SESSION;
 
 #define SSL_OP_MICROSOFT_SESS_ID_BUG			0x00000001L
 #define SSL_OP_NETSCAPE_CHALLENGE_BUG			0x00000002L
-#define SSL_OP_NETSCAPE_CA_DN_BUG			0x00000004L
 #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x00000008L
 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG		0x00000010L
 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER		0x00000020L
 #define SSL_OP_MSIE_SSLV2_RSA_PADDING			0x00000040L
 #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG			0x00000080L
+#define SSL_OP_TLS_D5_BUG				0x00000100L
+#define	SSL_OP_TLS_BLOCK_PADDING_BUG			0x00000200L
 
 /* If set, only use tmp_dh parameters once */
 #define SSL_OP_SINGLE_DH_USE				0x00100000L
 /* Set to also use the tmp_rsa key when doing RSA operations. */
 #define SSL_OP_EPHEMERAL_RSA				0x00200000L
 
+#define SSL_OP_NETSCAPE_CA_DN_BUG			0x20000000L
 #define SSL_OP_NON_EXPORT_FIRST 			0x40000000L
 #define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG		0x80000000L
 #define SSL_OP_ALL					0x000FFFFFL
 
 #define SSL_CTX_set_options(ctx,op)	((ctx)->options|=(op))
+#define SSL_set_options(ssl,op)		((ssl)->options|=(op))
+
+#define SSL_OP_NO_SSLv2					0x01000000L
+#define SSL_OP_NO_SSLv3					0x02000000L
+#define SSL_OP_NO_TLSv1					0x04000000L
 
 /* Normally you will only use these if your application wants to use
  * the certificate store in other places, perhaps PKCS7 */
@@ -278,6 +288,8 @@ typedef struct ssl_session_st
                 (X509_STORE_free((ctx)->cert_store),(ctx)->cert_store=(cs))
 
 
+#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT	(1024*20)
+
 typedef struct ssl_ctx_st
 	{
 	SSL_METHOD *method;
@@ -289,6 +301,11 @@ typedef struct ssl_ctx_st
 
 	struct x509_store_st /* X509_STORE */ *cert_store;
 	struct lhash_st /* LHASH */ *sessions;	/* a set of SSL_SESSION's */
+	/* Most session-ids that will be cached, default is
+	 * SSL_SESSION_CACHE_SIZE_DEFAULT. 0 is unlimited. */
+	unsigned long session_cache_size;
+	struct ssl_session_st *session_cache_head;
+	struct ssl_session_st *session_cache_tail;
 
 	/* This can have one of 2 values, ored together,
 	 * SSL_SESS_CACHE_CLIENT,
@@ -322,12 +339,15 @@ typedef struct ssl_ctx_st
 	SSL_SESSION *(*get_session_cb)();
 #endif
 
-	int sess_connect;	/* SSL new (expensive) connection - started */
-	int sess_connect_good;	/* SSL new (expensive) connection - finished */
-	int sess_accept;	/* SSL new (expensive) accept - started */
-	int sess_accept_good;	/* SSL new (expensive) accept - finished */
+	int sess_connect;	/* SSL new connection - started */
+	int sess_connect_renegotiate;/* SSL renegotiatene  - requested */
+	int sess_connect_good;	/* SSL new connection/renegotiate - finished */
+	int sess_accept;	/* SSL new accept - started */
+	int sess_accept_renegotiate;/* SSL renegotiatene - requested */
+	int sess_accept_good;	/* SSL accept/renegotiate - finished */
 	int sess_miss;		/* session lookup misses  */
 	int sess_timeout;	/* session reuse attempt on timeouted session */
+	int sess_cache_full;	/* session removed due to full cache */
 	int sess_hit;		/* session reuse actually done */
 	int sess_cb_hit;	/* session-id that was not in the cache was
 				 * passed back via the callback.  This
@@ -360,16 +380,22 @@ typedef struct ssl_ctx_st
 
 	int quiet_shutdown;
 
-	char *app_data;
+	CRYPTO_EX_DATA ex_data;
+
+	EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */
+	EVP_MD *md5;	/* For SSLv3/TLSv1 'ssl3-md5' */
+	EVP_MD *sha1;   /* For SSLv3/TLSv1 'ssl3->sha1' */
 	} SSL_CTX;
 
-#define SSL_SESS_CACHE_OFF	0x00
-#define SSL_SESS_CACHE_CLIENT	0x01
-#define SSL_SESS_CACHE_SERVER	0x02
+#define SSL_SESS_CACHE_OFF			0x0000
+#define SSL_SESS_CACHE_CLIENT			0x0001
+#define SSL_SESS_CACHE_SERVER			0x0002
 #define SSL_SESS_CACHE_BOTH	(SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
-#define SSL_SESS_CACHE_NO_AUTO_CLEAR	0x80
-
-#define SSL_session_reused(s)	((s)->hit)
+#define SSL_SESS_CACHE_NO_AUTO_CLEAR		0x0080
+/* This one, when set, makes the server session-id lookup not look
+ * in the cache.  If there is an application get_session callback
+ * defined, this will still get called. */
+#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP	0x0100
 
 #define SSL_CTX_sessions(ctx)		((ctx)->sessions)
 /* You will need to include lhash.h to access the following #define */
@@ -377,11 +403,17 @@ typedef struct ssl_ctx_st
 #define SSL_CTX_sess_connect(ctx)	((ctx)->sess_connect)
 #define SSL_CTX_sess_connect_good(ctx)	((ctx)->sess_connect_good)
 #define SSL_CTX_sess_accept(ctx)	((ctx)->sess_accept)
+#define SSL_CTX_sess_accept_renegotiate(ctx)	((ctx)->sess_accept_renegotiate)
+#define SSL_CTX_sess_connect_renegotiate(ctx)	((ctx)->sess_connect_renegotiate)
 #define SSL_CTX_sess_accept_good(ctx)	((ctx)->sess_accept_good)
 #define SSL_CTX_sess_hits(ctx)		((ctx)->sess_hit)
 #define SSL_CTX_sess_cb_hits(ctx)	((ctx)->sess_cb_hit)
 #define SSL_CTX_sess_misses(ctx)	((ctx)->sess_miss)
 #define SSL_CTX_sess_timeouts(ctx)	((ctx)->sess_timeout)
+#define SSL_CTX_sess_cache_full(ctx)	((ctx)->sess_cache_full)
+
+#define SSL_CTX_sess_set_cache_size(ctx,t) ((ctx)->session_cache_size=(t))
+#define SSL_CTX_sess_get_cache_size(ctx)   ((ctx)->session_cache_size)
 
 #define SSL_CTX_sess_set_new_cb(ctx,cb)	((ctx)->new_session_cb=(cb))
 #define SSL_CTX_sess_get_new_cb(ctx)	((ctx)->new_session_cb)
@@ -510,30 +542,29 @@ typedef struct ssl_st
 	int debug;	
 
 	/* extra application data */
-	int verify_result;
-	char *app_data;
+	long verify_result;
+	CRYPTO_EX_DATA ex_data;
 
 	/* for server side, keep the list of CA_dn we can use */
 	STACK /* X509_NAME */ *client_CA;
 
+	int references;
+	unsigned long options;
 	int first_packet;
 	} SSL;
 
 #include "ssl2.h"
 #include "ssl3.h"
+#include "tls1.h" /* This is mostly sslv3 with a few tweaks */
 #include "ssl23.h"
 
-/* application stuff */
-#define SSL_set_verify_result(s,arg)	((s)->verify_result=(long)arg)
-#define SSL_get_verify_result(s)	((s)->verify_result)
-#define SSL_set_app_data(s,arg)		((s)->app_data=(char *)arg)
-#define SSL_get_app_data(s)		((s)->app_data)
-
-#define SSL_SESSION_set_app_data(s,arg)		((s)->app_data=(char *)arg)
-#define SSL_SESSION_get_app_data(s)		((s)->app_data)
-
-#define SSL_CTX_set_app_data(ctx,arg)	((ctx)->app_data=(char *)arg)
-#define SSL_CTX_get_app_data(ctx)	((ctx)->app_data)
+/* compatablity */
+#define SSL_set_app_data(s,arg)		(SSL_set_ex_data(s,0,(char *)arg))
+#define SSL_get_app_data(s)		(SSL_get_ex_data(s,0))
+#define SSL_SESSION_set_app_data(s,a)	(SSL_SESSION_set_ex_data(s,0,(char *)a))
+#define SSL_SESSION_get_app_data(s)	(SSL_SESSION_get_ex_data(s,0))
+#define SSL_CTX_get_app_data(ctx)	(SSL_CTX_get_ex_data(ctx,0))
+#define SSL_CTX_set_app_data(ctx,arg)	(SSL_CTX_set_ex_data(ctx,0,(char *)arg))
 
 /* The following are the possible values for ssl->state are are
  * used to indicate where we are upto in the SSL connection establishment.
@@ -542,7 +573,6 @@ typedef struct ssl_st
  * It can also be useful to work out where you were when the connection
  * failed */
 
-#define SSL_state(a)			((a)->state)
 #define SSL_ST_CONNECT			0x1000
 #define SSL_ST_ACCEPT			0x2000
 #define SSL_ST_MASK			0x0FFF
@@ -551,10 +581,6 @@ typedef struct ssl_st
 #define SSL_ST_OK			0x03
 #define SSL_ST_RENEGOTIATE		(0x04|SSL_ST_INIT)
 
-/* SSL info callback functions */
-#define SSL_set_info_callback(ssl,cb)	((ssl)->info_callback=(cb))
-#define SSL_get_info_callback(ssl)	((ssl)->info_callback)
-
 #define SSL_CB_LOOP			0x01
 #define SSL_CB_EXIT			0x02
 #define SSL_CB_READ			0x04
@@ -570,11 +596,12 @@ typedef struct ssl_st
 #define SSL_CB_HANDSHAKE_DONE		0x20
 
 /* Is the SSL_connection established? */
-#define SSL_is_init_finished(a)		((a)->state == SSL_ST_OK)
-#define SSL_in_init(a)			((a)->state&SSL_ST_INIT)
-#define SSL_in_before(a)		((a)->state&SSL_ST_BEFORE)
-#define SSL_in_connect_init(a)		((a)->state&SSL_ST_CONNECT)
-#define SSL_in_accept_init(a)		((a)->state&SSL_ST_ACCEPT)
+#define SSL_get_state(a)		SSL_state(a)
+#define SSL_is_init_finished(a)		(SSL_state(a) == SSL_ST_OK)
+#define SSL_in_init(a)			(SSL_state(a)&SSL_ST_INIT)
+#define SSL_in_before(a)		(SSL_state(a)&SSL_ST_BEFORE)
+#define SSL_in_connect_init(a)		(SSL_state(a)&SSL_ST_CONNECT)
+#define SSL_in_accept_init(a)		(SSL_state(a)&SSL_ST_ACCEPT)
 
 /* The following 2 states are kept in ssl->rstate when reads fail,
  * you should not need these */
@@ -589,20 +616,6 @@ typedef struct ssl_st
 #define SSL_VERIFY_FAIL_IF_NO_PEER_CERT	0x02
 #define SSL_VERIFY_CLIENT_ONCE		0x04
 
-#define SSL_RWERR_BAD_WRITE_RETRY	(-2)
-#define SSL_RWERR_BAD_MAC_DECODE	(-3)
-#define SSL_RWERR_INTERNAL_ERROR	(-4) /* should not get this one */
-#define SSL_RWERR_WRONG_RECORD_TYPE	(-5) /* used internally */
-
-#define SSL_CTX_set_default_verify_paths(ctx) \
-		X509_STORE_set_default_paths((ctx)->cert_store)
-#define SSL_CTX_load_verify_locations(ctx,CAfile,CApath) \
-		X509_STORE_load_locations((ctx)->cert_store,\
-		(CAfile),(CApath))
-
-#define SSL_get_session(s)	((s)->session)
-#define SSL_get_SSL_CTX(s)	((s)->ctx)
-
 /* this is for backward compatablility */
 #if 0 /* NEW_SSLEAY */
 #define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)
@@ -620,6 +633,10 @@ typedef struct ssl_st
 		SSL_CIPHER_get_version(SSL_get_current_cipher(s))
 #define SSL_get_cipher_name(s) \
 		SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+#define SSL_get_time(a)		SSL_SESSION_get_time(a)
+#define SSL_set_time(a,b)	SSL_SESSION_set_time((a),(b))
+#define SSL_get_timeout(a)	SSL_SESSION_get_timeout(a)
+#define SSL_set_timeout(a,b)	SSL_SESSION_set_timeout((a),(b))
 
 /* VMS linker has a 31 char name limit */
 #define SSL_CTX_set_cert_verify_callback(a,b,c) \
@@ -643,6 +660,32 @@ typedef struct ssl_st
 		PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL)
 #endif
 
+/* These alert types are for SSLv3 and TLSv1 */
+#define SSL_AD_CLOSE_NOTIFY		SSL3_AD_CLOSE_NOTIFY
+#define SSL_AD_UNEXPECTED_MESSAGE	SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
+#define SSL_AD_BAD_RECORD_MAC		SSL3_AD_BAD_RECORD_MAC     /* fatal */
+#define SSL_AD_DECRYPTION_FAILED	TLS1_AD_DECRYPTION_FAILED
+#define SSL_AD_RECORD_OVERFLOW		TLS1_AD_RECORD_OVERFLOW
+#define SSL_AD_DECOMPRESSION_FAILURE	SSL3_AD_DECOMPRESSION_FAILURE/* fatal */
+#define SSL_AD_HANDSHAKE_FAILURE	SSL3_AD_HANDSHAKE_FAILURE/* fatal */
+#define SSL_AD_NO_CERTIFICATE		SSL3_AD_NO_CERTIFICATE /* Not for TLS */
+#define SSL_AD_BAD_CERTIFICATE		SSL3_AD_BAD_CERTIFICATE
+#define SSL_AD_UNSUPPORTED_CERTIFICATE	SSL3_AD_UNSUPPORTED_CERTIFICATE
+#define SSL_AD_CERTIFICATE_REVOKED	SSL3_AD_CERTIFICATE_REVOKED
+#define SSL_AD_CERTIFICATE_EXPIRED	SSL3_AD_CERTIFICATE_EXPIRED
+#define SSL_AD_CERTIFICATE_UNKNOWN	SSL3_AD_CERTIFICATE_UNKNOWN
+#define SSL_AD_ILLEGAL_PARAMETER	SSL3_AD_ILLEGAL_PARAMETER   /* fatal */
+#define SSL_AD_UNKNOWN_CA		TLS1_AD_UNKNOWN_CA	/* fatal */
+#define SSL_AD_ACCESS_DENIED		TLS1_AD_ACCESS_DENIED	/* fatal */
+#define SSL_AD_DECODE_ERROR		TLS1_AD_DECODE_ERROR	/* fatal */
+#define SSL_AD_DECRYPT_ERROR		TLS1_AD_DECRYPT_ERROR
+#define SSL_AD_EXPORT_RESTRICION	TLS1_AD_EXPORT_RESTRICION/* fatal */
+#define SSL_AD_PROTOCOL_VERSION		TLS1_AD_PROTOCOL_VERSION /* fatal */
+#define SSL_AD_INSUFFICIENT_SECURITY	TLS1_AD_INSUFFICIENT_SECURITY/* fatal */
+#define SSL_AD_INTERNAL_ERROR		TLS1_AD_INTERNAL_ERROR	/* fatal */
+#define SSL_AD_USER_CANCLED		TLS1_AD_USER_CANCLED
+#define SSL_AD_NO_RENEGOTIATION		TLS1_AD_NO_RENEGOTIATION
+
 #define SSL_ERROR_NONE			0
 #define SSL_ERROR_SSL			1
 #define SSL_ERROR_WANT_READ		2
@@ -652,11 +695,26 @@ typedef struct ssl_st
 #define SSL_ERROR_ZERO_RETURN		6
 #define SSL_ERROR_WANT_CONNECT		7
 
-#define SSL_CTRL_NEED_TMP_RSA		1
-#define SSL_CTRL_SET_TMP_RSA		2
-#define SSL_CTRL_SET_TMP_DH		3
-#define SSL_CTRL_SET_TMP_RSA_CB		4
-#define SSL_CTRL_SET_TMP_DH_CB		5
+#define SSL_CTRL_NEED_TMP_RSA			1
+#define SSL_CTRL_SET_TMP_RSA			2
+#define SSL_CTRL_SET_TMP_DH			3
+#define SSL_CTRL_SET_TMP_RSA_CB			4
+#define SSL_CTRL_SET_TMP_DH_CB			5
+/* Add these ones */
+#define SSL_CTRL_GET_SESSION_REUSED		6
+#define SSL_CTRL_GET_CLIENT_CERT_REQUEST	7
+#define SSL_CTRL_GET_NUM_RENEGOTIATIONS		8
+#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS	9
+#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS	10
+
+#define SSL_session_reused(ssl) \
+	SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
+#define SSL_num_renegotiations(ssl) \
+	SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
+#define SSL_clear_num_renegotiations(ssl) \
+	SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
+#define SSL_total_renegotiations(ssl) \
+	SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
 
 #define SSL_CTX_need_tmp_RSA(ctx) \
 	SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
@@ -672,13 +730,15 @@ typedef struct ssl_st
 #define SSL_CTX_set_tmp_rsa_callback(ctx,cb) \
 	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,0,(char *)cb)
 #define SSL_CTX_set_tmp_dh_callback(ctx,dh) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,0,(char *)cb)
+	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,0,(char *)dh)
 
 #ifndef NOPROTO
 
 #ifdef HEADER_BIO_H
 BIO_METHOD *BIO_f_ssl(void);
 BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
+BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
 int BIO_ssl_copy_session_id(BIO *to,BIO *from);
 void BIO_ssl_shutdown(BIO *ssl_bio);
 
@@ -717,27 +777,37 @@ int	(*SSL_get_verify_callback(SSL *s))();
 void	SSL_set_verify(SSL *s, int mode, int (*callback) ());
 int	SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
 int	SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
-int	SSL_use_RSAPrivateKey_file(SSL *ssl, char *file, int type);
 int	SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
 int	SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len);
-int	SSL_use_PrivateKey_file(SSL *ssl, char *file, int type);
 int	SSL_use_certificate(SSL *ssl, X509 *x);
 int	SSL_use_certificate_ASN1(SSL *ssl, int len, unsigned char *d);
+
+#ifndef NO_STDIO
+int	SSL_use_RSAPrivateKey_file(SSL *ssl, char *file, int type);
+int	SSL_use_PrivateKey_file(SSL *ssl, char *file, int type);
 int	SSL_use_certificate_file(SSL *ssl, char *file, int type);
+int	SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type);
+int	SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, char *file, int type);
+int	SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type);
+STACK * SSL_load_client_CA_file(char *file);
+#endif
+
 void	ERR_load_SSL_strings(void );
 void	SSL_load_error_strings(void );
 char * 	SSL_state_string(SSL *s);
 char * 	SSL_rstate_string(SSL *s);
 char * 	SSL_state_string_long(SSL *s);
 char * 	SSL_rstate_string_long(SSL *s);
-long	SSL_get_time(SSL_SESSION *s);
-long	SSL_set_time(SSL_SESSION *s, long t);
-long	SSL_get_timeout(SSL_SESSION *s);
-long	SSL_set_timeout(SSL_SESSION *s, long t);
+long	SSL_SESSION_get_time(SSL_SESSION *s);
+long	SSL_SESSION_set_time(SSL_SESSION *s, long t);
+long	SSL_SESSION_get_timeout(SSL_SESSION *s);
+long	SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
 void	SSL_copy_session_id(SSL *to,SSL *from);
 
 SSL_SESSION *SSL_SESSION_new(void);
-#ifndef WIN16
+unsigned long SSL_SESSION_hash(SSL_SESSION *a);
+int	SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b);
+#ifndef NO_FP_API
 int	SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses);
 #endif
 #ifdef HEADER_BIO_H
@@ -762,14 +832,11 @@ void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*callback)());
 void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(),char *arg);
 int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
 int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
-int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type);
 int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
 int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx,
 	unsigned char *d, long len);
-int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, char *file, int type);
 int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
 int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
-int SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type);
 
 void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx,int (*cb)());
 
@@ -793,17 +860,21 @@ char *	SSL_get_version(SSL *s);
 /* This sets the 'default' SSL version that SSL_new() will create */
 int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth);
 
-SSL_METHOD *SSLv2_method(void);		/* sslv2 */
-SSL_METHOD *SSLv2_server_method(void);	/* sslv2 */
-SSL_METHOD *SSLv2_client_method(void);	/* sslv2 */
+SSL_METHOD *SSLv2_method(void);		/* SSLv2 */
+SSL_METHOD *SSLv2_server_method(void);	/* SSLv2 */
+SSL_METHOD *SSLv2_client_method(void);	/* SSLv2 */
 
-SSL_METHOD *SSLv3_method(void);		/* sslv3 */
-SSL_METHOD *SSLv3_server_method(void);	/* sslv3 */
-SSL_METHOD *SSLv3_client_method(void);	/* sslv3 */
+SSL_METHOD *SSLv3_method(void);		/* SSLv3 */
+SSL_METHOD *SSLv3_server_method(void);	/* SSLv3 */
+SSL_METHOD *SSLv3_client_method(void);	/* SSLv3 */
 
-SSL_METHOD *SSLv23_method(void);	/* sslv3 but can rollback to v2 */
-SSL_METHOD *SSLv23_server_method(void);	/* sslv3 but can rollback to v2 */
-SSL_METHOD *SSLv23_client_method(void);	/* sslv3 but can rollback to v2 */
+SSL_METHOD *SSLv23_method(void);	/* SSLv3 but can rollback to v2 */
+SSL_METHOD *SSLv23_server_method(void);	/* SSLv3 but can rollback to v2 */
+SSL_METHOD *SSLv23_client_method(void);	/* SSLv3 but can rollback to v2 */
+
+SSL_METHOD *TLSv1_method(void);		/* TLSv1.0 */
+SSL_METHOD *TLSv1_server_method(void);	/* TLSv1.0 */
+SSL_METHOD *TLSv1_client_method(void);	/* TLSv1.0 */
 
 STACK *SSL_get_ciphers(SSL *s);
 
@@ -818,7 +889,6 @@ char *SSL_alert_type_string(int value);
 char *SSL_alert_desc_string_long(int value);
 char *SSL_alert_desc_string(int value);
 
-STACK *SSL_load_client_CA_file(char *file);
 void SSL_set_client_CA_list(SSL *s, STACK *list);
 void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK *list);
 STACK *SSL_get_client_CA_list(SSL *s);
@@ -841,10 +911,45 @@ SSL *SSL_dup(SSL *ssl);
 X509 *SSL_get_certificate(SSL *ssl);
 /* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
 
+void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
+int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx);
+void SSL_set_quiet_shutdown(SSL *ssl,int mode);
+int SSL_get_quiet_shutdown(SSL *ssl);
+void SSL_set_shutdown(SSL *ssl,int mode);
+int SSL_get_shutdown(SSL *ssl);
+int SSL_version(SSL *ssl);
+int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
+int SSL_CTX_load_verify_locations(SSL_CTX *ctx,char *CAfile,char *CApath);
+SSL_SESSION *SSL_get_session(SSL *ssl);
+SSL_CTX *SSL_get_SSL_CTX(SSL *ssl);
+void SSL_set_info_callback(SSL *ssl,void (*cb)());
+void (*SSL_get_info_callback(SSL *ssl))();
+int SSL_state(SSL *ssl);
+
+void SSL_set_verify_result(SSL *ssl,long v);
+long SSL_get_verify_result(SSL *ssl);
+
+int SSL_set_ex_data(SSL *ssl,int idx,char *data);
+char *SSL_get_ex_data(SSL *ssl,int idx);
+int SSL_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+	int (*dup_func)(), void (*free_func)());
+
+int SSL_SESSION_set_ex_data(SSL_SESSION *ss,int idx,char *data);
+char *SSL_SESSION_get_ex_data(SSL_SESSION *ss,int idx);
+int SSL_SESSION_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+	int (*dup_func)(), void (*free_func)());
+
+int SSL_CTX_set_ex_data(SSL_CTX *ssl,int idx,char *data);
+char *SSL_CTX_get_ex_data(SSL_CTX *ssl,int idx);
+int SSL_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+	int (*dup_func)(), void (*free_func)());
+
 #else
 
 BIO_METHOD *BIO_f_ssl();
 BIO *BIO_new_ssl();
+BIO *BIO_new_ssl_connect();
+BIO *BIO_new_buffer_ssl_connect();
 int BIO_ssl_copy_session_id();
 void BIO_ssl_shutdown();
 
@@ -881,27 +986,37 @@ int	SSL_get_verify_mode();
 void	SSL_set_verify();
 int	SSL_use_RSAPrivateKey();
 int	SSL_use_RSAPrivateKey_ASN1();
-int	SSL_use_RSAPrivateKey_file();
 int	SSL_use_PrivateKey();
 int	SSL_use_PrivateKey_ASN1();
-int	SSL_use_PrivateKey_file();
 int	SSL_use_certificate();
 int	SSL_use_certificate_ASN1();
+
+#ifndef NO_STDIO
+int	SSL_use_RSAPrivateKey_file();
+int	SSL_use_PrivateKey_file();
 int	SSL_use_certificate_file();
+int	SSL_CTX_use_RSAPrivateKey_file();
+int	SSL_CTX_use_PrivateKey_file();
+int	SSL_CTX_use_certificate_file();
+STACK * SSL_load_client_CA_file();
+#endif
+
 void	ERR_load_SSL_strings();
 void	SSL_load_error_strings();
 char * 	SSL_state_string();
 char * 	SSL_rstate_string();
 char * 	SSL_state_string_long();
 char * 	SSL_rstate_string_long();
-long	SSL_get_time();
-long	SSL_set_time();
-long	SSL_get_timeout();
-long	SSL_set_timeout();
+long	SSL_SESSION_get_time();
+long	SSL_SESSION_set_time();
+long	SSL_SESSION_get_timeout();
+long	SSL_SESSION_set_timeout();
 void	SSL_copy_session_id();
 
 SSL_SESSION *SSL_SESSION_new();
-#ifndef WIN16
+unsigned long SSL_SESSION_hash();
+int	SSL_SESSION_cmp();
+#ifndef NO_FP_API
 int	SSL_SESSION_print_fp();
 #endif
 #ifdef HEADER_BIO_H
@@ -926,13 +1041,10 @@ void SSL_CTX_set_verify();
 void SSL_CTX_set_cert_verify_cb();
 int SSL_CTX_use_RSAPrivateKey();
 int SSL_CTX_use_RSAPrivateKey_ASN1();
-int SSL_CTX_use_RSAPrivateKey_file();
 int SSL_CTX_use_PrivateKey();
 int SSL_CTX_use_PrivateKey_ASN1();
-int SSL_CTX_use_PrivateKey_file();
 int SSL_CTX_use_certificate();
 int SSL_CTX_use_certificate_ASN1();
-int SSL_CTX_use_certificate_file();
 
 void SSL_CTX_set_default_passwd_cb();
 
@@ -967,6 +1079,10 @@ SSL_METHOD *SSLv23_method();
 SSL_METHOD *SSLv23_server_method();
 SSL_METHOD *SSLv23_client_method();
 
+SSL_METHOD *TLSv1_method();
+SSL_METHOD *TLSv1_server_method();
+SSL_METHOD *TLSv1_client_method();
+
 STACK *SSL_get_ciphers();
 
 int SSL_do_handshake();
@@ -980,7 +1096,6 @@ char *SSL_alert_type_string();
 char *SSL_alert_desc_string_long();
 char *SSL_alert_desc_string();
 
-STACK *SSL_load_client_CA_file();
 void SSL_set_client_CA_list();
 void SSL_CTX_set_client_CA_list();
 STACK *SSL_get_client_CA_list();
@@ -1005,6 +1120,36 @@ X509 *SSL_get_certificate();
 
 #ifdef this_is_for_mk1mf_pl
 EVP *SSL_get_privatekey();
+
+void SSL_CTX_set_quiet_shutdown();
+int SSL_CTX_get_quiet_shutdown();
+void SSL_set_quiet_shutdown();
+int SSL_get_quiet_shutdown();
+void SSL_set_shutdown();
+int SSL_get_shutdown();
+int SSL_version();
+int SSL_CTX_set_default_verify_paths();
+int SSL_CTX_load_verify_locations();
+SSL_SESSION *SSL_get_session();
+SSL_CTX *SSL_get_SSL_CTX();
+void SSL_set_info_callback();
+int (*SSL_get_info_callback())();
+int SSL_state();
+void SSL_set_verify_result();
+long SSL_get_verify_result();
+
+int SSL_set_ex_data();
+char *SSL_get_ex_data();
+int SSL_get_ex_new_index();
+
+int SSL_SESSION_set_ex_data();
+char *SSL_SESSION_get_ex_data();
+int SSL_SESSION_get_ex_new_index();
+
+int SSL_CTX_set_ex_data();
+char *SSL_CTX_get_ex_data();
+int SSL_CTX_get_ex_new_index();
+
 #endif
 
 #endif
@@ -1094,29 +1239,34 @@ EVP *SSL_get_privatekey();
 #define SSL_F_SSL_GET_NEW_SESSION			 178
 #define SSL_F_SSL_GET_SERVER_SEND_CERT			 179
 #define SSL_F_SSL_GET_SIGN_PKEY				 180
-#define SSL_F_SSL_LOAD_CLIENT_CA_FILE			 181
-#define SSL_F_SSL_NEW					 182
-#define SSL_F_SSL_RSA_PRIVATE_DECRYPT			 183
-#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT			 184
-#define SSL_F_SSL_SESSION_NEW				 185
-#define SSL_F_SSL_SESSION_PRINT_FP			 186
-#define SSL_F_SSL_SET_FD				 187
-#define SSL_F_SSL_SET_PKEY				 188
-#define SSL_F_SSL_SET_RFD				 189
-#define SSL_F_SSL_SET_SESSION				 190
-#define SSL_F_SSL_SET_WFD				 191
-#define SSL_F_SSL_UNDEFINED_FUNCTION			 192
-#define SSL_F_SSL_USE_CERTIFICATE			 193
-#define SSL_F_SSL_USE_CERTIFICATE_ASN1			 194
-#define SSL_F_SSL_USE_CERTIFICATE_FILE			 195
-#define SSL_F_SSL_USE_PRIVATEKEY			 196
-#define SSL_F_SSL_USE_PRIVATEKEY_ASN1			 197
-#define SSL_F_SSL_USE_PRIVATEKEY_FILE			 198
-#define SSL_F_SSL_USE_RSAPRIVATEKEY			 199
-#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1		 200
-#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE		 201
-#define SSL_F_SSL_WRITE					 202
-#define SSL_F_WRITE_PENDING				 203
+#define SSL_F_SSL_INIT_WBIO_BUFFER			 181
+#define SSL_F_SSL_LOAD_CLIENT_CA_FILE			 182
+#define SSL_F_SSL_NEW					 183
+#define SSL_F_SSL_RSA_PRIVATE_DECRYPT			 184
+#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT			 185
+#define SSL_F_SSL_SESSION_NEW				 186
+#define SSL_F_SSL_SESSION_PRINT_FP			 187
+#define SSL_F_SSL_SET_CERT				 188
+#define SSL_F_SSL_SET_FD				 189
+#define SSL_F_SSL_SET_PKEY				 190
+#define SSL_F_SSL_SET_RFD				 191
+#define SSL_F_SSL_SET_SESSION				 192
+#define SSL_F_SSL_SET_WFD				 193
+#define SSL_F_SSL_UNDEFINED_FUNCTION			 194
+#define SSL_F_SSL_USE_CERTIFICATE			 195
+#define SSL_F_SSL_USE_CERTIFICATE_ASN1			 196
+#define SSL_F_SSL_USE_CERTIFICATE_FILE			 197
+#define SSL_F_SSL_USE_PRIVATEKEY			 198
+#define SSL_F_SSL_USE_PRIVATEKEY_ASN1			 199
+#define SSL_F_SSL_USE_PRIVATEKEY_FILE			 200
+#define SSL_F_SSL_USE_RSAPRIVATEKEY			 201
+#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1		 202
+#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE		 203
+#define SSL_F_SSL_WRITE					 204
+#define SSL_F_TLS1_CHANGE_CIPHER_STATE			 205
+#define SSL_F_TLS1_ENC					 206
+#define SSL_F_TLS1_SETUP_KEY_BLOCK			 207
+#define SSL_F_WRITE_PENDING				 208
 
 /* Reason codes. */
 #define SSL_R_APP_DATA_IN_HANDSHAKE			 100
@@ -1135,103 +1285,109 @@ EVP *SSL_get_privatekey();
 #define SSL_R_BAD_MAC_DECODE				 113
 #define SSL_R_BAD_MESSAGE_TYPE				 114
 #define SSL_R_BAD_PACKET_LENGTH				 115
-#define SSL_R_BAD_RESPONSE_ARGUMENT			 116
-#define SSL_R_BAD_RSA_DECRYPT				 117
-#define SSL_R_BAD_RSA_ENCRYPT				 118
-#define SSL_R_BAD_RSA_E_LENGTH				 119
-#define SSL_R_BAD_RSA_MODULUS_LENGTH			 120
-#define SSL_R_BAD_RSA_SIGNATURE				 121
-#define SSL_R_BAD_SIGNATURE				 122
-#define SSL_R_BAD_SSL_FILETYPE				 123
-#define SSL_R_BAD_SSL_SESSION_ID_LENGTH			 124
-#define SSL_R_BAD_STATE					 125
-#define SSL_R_BAD_WRITE_RETRY				 126
-#define SSL_R_BIO_NOT_SET				 127
-#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG			 128
-#define SSL_R_BN_LIB					 129
-#define SSL_R_CA_DN_LENGTH_MISMATCH			 130
-#define SSL_R_CA_DN_TOO_LONG				 131
-#define SSL_R_CCS_RECEIVED_EARLY			 132
-#define SSL_R_CERTIFICATE_VERIFY_FAILED			 133
-#define SSL_R_CERT_LENGTH_MISMATCH			 134
-#define SSL_R_CHALLENGE_IS_DIFFERENT			 135
-#define SSL_R_CIPHER_CODE_WRONG_LENGTH			 136
-#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE		 137
-#define SSL_R_CIPHER_TABLE_SRC_ERROR			 138
-#define SSL_R_COMPRESSED_LENGTH_TOO_LONG		 139
-#define SSL_R_COMPRESSION_FAILURE			 140
-#define SSL_R_CONNECTION_ID_IS_DIFFERENT		 141
-#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED		 142
-#define SSL_R_DATA_LENGTH_TOO_LONG			 143
-#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG		 144
-#define SSL_R_DIGEST_CHECK_FAILED			 145
-#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG			 146
-#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST		 147
-#define SSL_R_EXCESSIVE_MESSAGE_SIZE			 148
-#define SSL_R_EXTRA_DATA_IN_MESSAGE			 149
-#define SSL_R_GOT_A_FIN_BEFORE_A_CCS			 150
-#define SSL_R_INTERNAL_ERROR				 151
-#define SSL_R_INVALID_CHALLENGE_LENGTH			 152
-#define SSL_R_LENGTH_MISMATCH				 153
-#define SSL_R_LENGTH_TOO_SHORT				 154
-#define SSL_R_LIBRARY_HAS_NO_CIPHERS			 155
-#define SSL_R_MISSING_DH_DSA_CERT			 156
-#define SSL_R_MISSING_DH_KEY				 157
-#define SSL_R_MISSING_DH_RSA_CERT			 158
-#define SSL_R_MISSING_DSA_SIGNING_CERT			 159
-#define SSL_R_MISSING_EXPORT_TMP_DH_KEY			 160
-#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY		 161
-#define SSL_R_MISSING_RSA_CERTIFICATE			 162
-#define SSL_R_MISSING_RSA_ENCRYPTING_CERT		 163
-#define SSL_R_MISSING_RSA_SIGNING_CERT			 164
-#define SSL_R_MISSING_TMP_DH_KEY			 165
-#define SSL_R_MISSING_TMP_RSA_KEY			 166
-#define SSL_R_MISSING_TMP_RSA_PKEY			 167
-#define SSL_R_MISSING_VERIFY_MESSAGE			 168
-#define SSL_R_NON_SSLV2_INITIAL_PACKET			 169
-#define SSL_R_NO_CERTIFICATES_PASSED			 170
-#define SSL_R_NO_CERTIFICATE_ASSIGNED			 171
-#define SSL_R_NO_CERTIFICATE_RETURNED			 172
-#define SSL_R_NO_CERTIFICATE_SET			 173
-#define SSL_R_NO_CERTIFICATE_SPECIFIED			 174
-#define SSL_R_NO_CIPHERS_AVAILABLE			 175
-#define SSL_R_NO_CIPHERS_PASSED				 176
-#define SSL_R_NO_CIPHERS_SPECIFIED			 177
-#define SSL_R_NO_CIPHER_LIST				 178
-#define SSL_R_NO_CIPHER_MATCH				 179
-#define SSL_R_NO_CLIENT_CERT_RECEIVED			 180
-#define SSL_R_NO_COMPRESSION_SPECIFIED			 181
-#define SSL_R_NO_PRIVATEKEY				 182
-#define SSL_R_NO_PRIVATE_KEY_ASSIGNED			 183
-#define SSL_R_NO_PUBLICKEY				 184
-#define SSL_R_NO_SHARED_CIPHER				 185
-#define SSL_R_NULL_SSL_CTX				 186
-#define SSL_R_NULL_SSL_METHOD_PASSED			 187
-#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED		 188
-#define SSL_R_PACKET_LENGTH_TOO_LONG			 189
-#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE		 190
-#define SSL_R_PEER_ERROR				 191
-#define SSL_R_PEER_ERROR_CERTIFICATE			 192
-#define SSL_R_PEER_ERROR_NO_CERTIFICATE			 193
-#define SSL_R_PEER_ERROR_NO_CIPHER			 194
-#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE	 195
-#define SSL_R_PRE_MAC_LENGTH_TOO_LONG			 196
-#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS		 197
-#define SSL_R_PROTOCOL_IS_SHUTDOWN			 198
-#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR			 199
-#define SSL_R_PUBLIC_KEY_IS_NOT_RSA			 200
-#define SSL_R_PUBLIC_KEY_NOT_RSA			 201
-#define SSL_R_READ_BIO_NOT_SET				 202
-#define SSL_R_READ_WRONG_PACKET_TYPE			 203
-#define SSL_R_RECORD_LENGTH_MISMATCH			 204
-#define SSL_R_RECORD_TOO_LARGE				 205
-#define SSL_R_REQUIRED_CIPHER_MISSING			 206
-#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO		 207
-#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO			 208
-#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO		 209
-#define SSL_R_SHORT_READ				 210
-#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE	 211
-#define SSL_R_SSL3_SESSION_ID_TOO_SHORT			 212
+#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER		 116
+#define SSL_R_BAD_RESPONSE_ARGUMENT			 117
+#define SSL_R_BAD_RSA_DECRYPT				 118
+#define SSL_R_BAD_RSA_ENCRYPT				 119
+#define SSL_R_BAD_RSA_E_LENGTH				 120
+#define SSL_R_BAD_RSA_MODULUS_LENGTH			 121
+#define SSL_R_BAD_RSA_SIGNATURE				 122
+#define SSL_R_BAD_SIGNATURE				 123
+#define SSL_R_BAD_SSL_FILETYPE				 124
+#define SSL_R_BAD_SSL_SESSION_ID_LENGTH			 125
+#define SSL_R_BAD_STATE					 126
+#define SSL_R_BAD_WRITE_RETRY				 127
+#define SSL_R_BIO_NOT_SET				 128
+#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG			 129
+#define SSL_R_BN_LIB					 130
+#define SSL_R_CA_DN_LENGTH_MISMATCH			 131
+#define SSL_R_CA_DN_TOO_LONG				 132
+#define SSL_R_CCS_RECEIVED_EARLY			 133
+#define SSL_R_CERTIFICATE_VERIFY_FAILED			 134
+#define SSL_R_CERT_LENGTH_MISMATCH			 135
+#define SSL_R_CHALLENGE_IS_DIFFERENT			 136
+#define SSL_R_CIPHER_CODE_WRONG_LENGTH			 137
+#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE		 138
+#define SSL_R_CIPHER_TABLE_SRC_ERROR			 139
+#define SSL_R_COMPRESSED_LENGTH_TOO_LONG		 140
+#define SSL_R_COMPRESSION_FAILURE			 141
+#define SSL_R_CONNECTION_ID_IS_DIFFERENT		 142
+#define SSL_R_CONNECTION_TYPE_NOT_SET			 143
+#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED		 144
+#define SSL_R_DATA_LENGTH_TOO_LONG			 145
+#define SSL_R_DECRYPTION_FAILED				 146
+#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG		 147
+#define SSL_R_DIGEST_CHECK_FAILED			 148
+#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG			 149
+#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST		 150
+#define SSL_R_EXCESSIVE_MESSAGE_SIZE			 151
+#define SSL_R_EXTRA_DATA_IN_MESSAGE			 152
+#define SSL_R_GOT_A_FIN_BEFORE_A_CCS			 153
+#define SSL_R_HTTPS_PROXY_REQUEST			 154
+#define SSL_R_HTTP_REQUEST				 155
+#define SSL_R_INTERNAL_ERROR				 156
+#define SSL_R_INVALID_CHALLENGE_LENGTH			 157
+#define SSL_R_LENGTH_MISMATCH				 158
+#define SSL_R_LENGTH_TOO_SHORT				 159
+#define SSL_R_LIBRARY_HAS_NO_CIPHERS			 160
+#define SSL_R_MISSING_DH_DSA_CERT			 161
+#define SSL_R_MISSING_DH_KEY				 162
+#define SSL_R_MISSING_DH_RSA_CERT			 163
+#define SSL_R_MISSING_DSA_SIGNING_CERT			 164
+#define SSL_R_MISSING_EXPORT_TMP_DH_KEY			 165
+#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY		 166
+#define SSL_R_MISSING_RSA_CERTIFICATE			 167
+#define SSL_R_MISSING_RSA_ENCRYPTING_CERT		 168
+#define SSL_R_MISSING_RSA_SIGNING_CERT			 169
+#define SSL_R_MISSING_TMP_DH_KEY			 170
+#define SSL_R_MISSING_TMP_RSA_KEY			 171
+#define SSL_R_MISSING_TMP_RSA_PKEY			 172
+#define SSL_R_MISSING_VERIFY_MESSAGE			 173
+#define SSL_R_NON_SSLV2_INITIAL_PACKET			 174
+#define SSL_R_NO_CERTIFICATES_RETURNED			 175
+#define SSL_R_NO_CERTIFICATE_ASSIGNED			 176
+#define SSL_R_NO_CERTIFICATE_RETURNED			 177
+#define SSL_R_NO_CERTIFICATE_SET			 178
+#define SSL_R_NO_CERTIFICATE_SPECIFIED			 179
+#define SSL_R_NO_CIPHERS_AVAILABLE			 180
+#define SSL_R_NO_CIPHERS_PASSED				 181
+#define SSL_R_NO_CIPHERS_SPECIFIED			 182
+#define SSL_R_NO_CIPHER_LIST				 183
+#define SSL_R_NO_CIPHER_MATCH				 184
+#define SSL_R_NO_CLIENT_CERT_RECEIVED			 185
+#define SSL_R_NO_COMPRESSION_SPECIFIED			 186
+#define SSL_R_NO_PRIVATEKEY				 187
+#define SSL_R_NO_PRIVATE_KEY_ASSIGNED			 188
+#define SSL_R_NO_PROTOCOLS_AVAILABLE			 189
+#define SSL_R_NO_PUBLICKEY				 190
+#define SSL_R_NO_SHARED_CIPHER				 191
+#define SSL_R_NULL_SSL_CTX				 192
+#define SSL_R_NULL_SSL_METHOD_PASSED			 193
+#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED		 194
+#define SSL_R_PACKET_LENGTH_TOO_LONG			 195
+#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE		 196
+#define SSL_R_PEER_ERROR				 197
+#define SSL_R_PEER_ERROR_CERTIFICATE			 198
+#define SSL_R_PEER_ERROR_NO_CERTIFICATE			 199
+#define SSL_R_PEER_ERROR_NO_CIPHER			 200
+#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE	 201
+#define SSL_R_PRE_MAC_LENGTH_TOO_LONG			 202
+#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS		 203
+#define SSL_R_PROTOCOL_IS_SHUTDOWN			 204
+#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR			 205
+#define SSL_R_PUBLIC_KEY_IS_NOT_RSA			 206
+#define SSL_R_PUBLIC_KEY_NOT_RSA			 207
+#define SSL_R_READ_BIO_NOT_SET				 208
+#define SSL_R_READ_WRONG_PACKET_TYPE			 209
+#define SSL_R_RECORD_LENGTH_MISMATCH			 210
+#define SSL_R_RECORD_TOO_LARGE				 211
+#define SSL_R_REQUIRED_CIPHER_MISSING			 212
+#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO		 213
+#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO			 214
+#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO		 215
+#define SSL_R_SHORT_READ				 216
+#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE	 217
+#define SSL_R_SSL3_SESSION_ID_TOO_SHORT			 218
 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE		 1042
 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC		 1020
 #define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED		 1045
@@ -1241,47 +1397,54 @@ EVP *SSL_get_privatekey();
 #define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE		 1040
 #define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER		 1047
 #define SSL_R_SSLV3_ALERT_NO_CERTIFICATE		 1041
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE	 213
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE	 214
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER		 215
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 216
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE	 219
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE	 220
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER		 221
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 222
 #define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE		 1010
-#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE	 217
+#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE	 223
 #define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE	 1043
-#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION	 218
-#define SSL_R_SSL_HANDSHAKE_FAILURE			 219
-#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS		 220
-#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT		 221
-#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER		 222
-#define SSL_R_UNABLE_TO_DECODE_DH_CERTS			 223
-#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY		 224
-#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS		 225
-#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS	 226
-#define SSL_R_UNABLE_TO_FIND_SSL_METHOD			 227
-#define SSL_R_UNEXPECTED_MESSAGE			 228
-#define SSL_R_UNEXPECTED_RECORD				 229
-#define SSL_R_UNKNOWN_ALERT_TYPE			 230
-#define SSL_R_UNKNOWN_CERTIFICATE_TYPE			 231
-#define SSL_R_UNKNOWN_CIPHER_RETURNED			 232
-#define SSL_R_UNKNOWN_CIPHER_TYPE			 233
-#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE			 234
-#define SSL_R_UNKNOWN_PKEY_TYPE				 235
-#define SSL_R_UNKNOWN_PROTOCOL				 236
-#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE			 237
-#define SSL_R_UNKNOWN_SSL_VERSION			 238
-#define SSL_R_UNKNOWN_STATE				 239
-#define SSL_R_UNSUPPORTED_CIPHER			 240
-#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM		 241
-#define SSL_R_UNSUPPORTED_SSL_VERSION			 242
-#define SSL_R_WRITE_BIO_NOT_SET				 243
-#define SSL_R_WRONG_CIPHER_RETURNED			 244
-#define SSL_R_WRONG_MESSAGE_TYPE			 245
-#define SSL_R_WRONG_NUMBER_OF_KEY_BITS			 246
-#define SSL_R_WRONG_SIGNATURE_LENGTH			 247
-#define SSL_R_WRONG_SIGNATURE_SIZE			 248
-#define SSL_R_WRONG_SSL_VERSION				 249
-#define SSL_R_WRONG_VERSION_NUMBER			 250
-#define SSL_R_X509_LIB					 251
+#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION	 224
+#define SSL_R_SSL_HANDSHAKE_FAILURE			 225
+#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS		 226
+#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT		 227
+#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER	 228
+#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 229
+#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG	 230
+#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER		 231
+#define SSL_R_UNABLE_TO_DECODE_DH_CERTS			 232
+#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY		 233
+#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS		 234
+#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS	 235
+#define SSL_R_UNABLE_TO_FIND_SSL_METHOD			 236
+#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES		 237
+#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES		 238
+#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES		 239
+#define SSL_R_UNEXPECTED_MESSAGE			 240
+#define SSL_R_UNEXPECTED_RECORD				 241
+#define SSL_R_UNKNOWN_ALERT_TYPE			 242
+#define SSL_R_UNKNOWN_CERTIFICATE_TYPE			 243
+#define SSL_R_UNKNOWN_CIPHER_RETURNED			 244
+#define SSL_R_UNKNOWN_CIPHER_TYPE			 245
+#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE			 246
+#define SSL_R_UNKNOWN_PKEY_TYPE				 247
+#define SSL_R_UNKNOWN_PROTOCOL				 248
+#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE			 249
+#define SSL_R_UNKNOWN_SSL_VERSION			 250
+#define SSL_R_UNKNOWN_STATE				 251
+#define SSL_R_UNSUPPORTED_CIPHER			 252
+#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM		 253
+#define SSL_R_UNSUPPORTED_PROTOCOL			 254
+#define SSL_R_UNSUPPORTED_SSL_VERSION			 255
+#define SSL_R_WRITE_BIO_NOT_SET				 256
+#define SSL_R_WRONG_CIPHER_RETURNED			 257
+#define SSL_R_WRONG_MESSAGE_TYPE			 258
+#define SSL_R_WRONG_NUMBER_OF_KEY_BITS			 259
+#define SSL_R_WRONG_SIGNATURE_LENGTH			 260
+#define SSL_R_WRONG_SIGNATURE_SIZE			 261
+#define SSL_R_WRONG_SSL_VERSION				 262
+#define SSL_R_WRONG_VERSION_NUMBER			 263
+#define SSL_R_X509_LIB					 264
  
 #ifdef  __cplusplus
 }
diff --git a/ssl/ssl2.h b/ssl/ssl2.h
index db353f5841..3dc94e520b 100644
--- a/ssl/ssl2.h
+++ b/ssl/ssl2.h
@@ -1,5 +1,5 @@
 /* ssl/ssl2.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -64,6 +64,9 @@ extern "C" {
 #endif
 
 /* Protocol Version Codes */
+#define SSL2_VERSION		0x0002
+#define SSL2_VERSION_MAJOR	0x00
+#define SSL2_VERSION_MINOR	0x02
 #define SSL2_CLIENT_VERSION	0x0002
 #define SSL2_SERVER_VERSION	0x0002
 
@@ -150,7 +153,6 @@ extern "C" {
 
 typedef struct ssl2_ctx_st
 	{
-	int first_packet;	/* enable first packet checking in server */
 	int three_byte_header;
 	int clear_text;		/* clear text */
 	int escape;		/* not used in SSLv2 */
diff --git a/ssl/ssl23.h b/ssl/ssl23.h
index 6e6f26bbb3..d3228983c7 100644
--- a/ssl/ssl23.h
+++ b/ssl/ssl23.h
@@ -1,5 +1,5 @@
 /* ssl/ssl23.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index 9675ec2d7d..95772eef60 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -1,5 +1,5 @@
 /* ssl/ssl3.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -94,7 +94,7 @@ extern "C" {
 #define SSL3_CK_ADH_RC4_128_MD5			0x03000018
 #define SSL3_CK_ADH_DES_40_CBC_SHA		0x03000019
 #define SSL3_CK_ADH_DES_64_CBC_SHA		0x0300001A
-#define SSL3_CK_ADH_DES_196_CBC_SHA		0x0300001B
+#define SSL3_CK_ADH_DES_192_CBC_SHA		0x0300001B
 
 #define SSL3_CK_FZA_DMS_NULL_SHA		0x0300001C
 #define SSL3_CK_FZA_DMS_FZA_SHA			0x0300001D
@@ -106,7 +106,7 @@ extern "C" {
 #define SSL3_TXT_RSA_RC4_128_MD5		"RC4-MD5"
 #define SSL3_TXT_RSA_RC4_128_SHA		"RC4-SHA"
 #define SSL3_TXT_RSA_RC2_40_MD5			"EXP-RC2-CBC-MD5"
-#define SSL3_TXT_RSA_IDEA_128_SHA		"IDEA-CBC-MD5"
+#define SSL3_TXT_RSA_IDEA_128_SHA		"IDEA-CBC-SHA"
 #define SSL3_TXT_RSA_DES_40_CBC_SHA		"EXP-DES-CBC-SHA"
 #define SSL3_TXT_RSA_DES_64_CBC_SHA		"DES-CBC-SHA"
 #define SSL3_TXT_RSA_DES_192_CBC3_SHA		"DES-CBC3-SHA"
@@ -121,7 +121,7 @@ extern "C" {
 #define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA		"EXP-EDH-DSS-DES-CBC-SHA"
 #define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA		"EDH-DSS-DES-CBC-SHA"
 #define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA	"EDH-DSS-DES-CBC3-SHA"
-#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA		"EXP-EDH-RSA-DES-CBC"
+#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA		"EXP-EDH-RSA-DES-CBC-SHA"
 #define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA		"EDH-RSA-DES-CBC-SHA"
 #define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA	"EDH-RSA-DES-CBC3-SHA"
 
@@ -129,7 +129,7 @@ extern "C" {
 #define SSL3_TXT_ADH_RC4_128_MD5		"ADH-RC4-MD5"
 #define SSL3_TXT_ADH_DES_40_CBC_SHA		"EXP-ADH-DES-CBC-SHA"
 #define SSL3_TXT_ADH_DES_64_CBC_SHA		"ADH-DES-CBC-SHA"
-#define SSL3_TXT_ADH_DES_196_CBC_SHA		"ADH-DES-CBC3-SHA"
+#define SSL3_TXT_ADH_DES_192_CBC_SHA		"ADH-DES-CBC3-SHA"
 
 #define SSL3_TXT_FZA_DMS_NULL_SHA		"FZA-NULL-SHA"
 #define SSL3_TXT_FZA_DMS_FZA_SHA		"FZA-FZA-CBC-SHA"
@@ -172,8 +172,8 @@ extern "C" {
 #define SSL3_RS_PART_READ		4
 #define SSL3_RS_PART_WRITE		5
 
-#define SSL3_MD_CLIENT_FINISHED_CONST	0x43,0x4C,0x4E,0x54
-#define SSL3_MD_SERVER_FINISHED_CONST	0x53,0x52,0x56,0x52
+#define SSL3_MD_CLIENT_FINISHED_CONST	{0x43,0x4C,0x4E,0x54}
+#define SSL3_MD_SERVER_FINISHED_CONST	{0x53,0x52,0x56,0x52}
 
 #define SSL3_VERSION			0x0300
 #define SSL3_VERSION_MAJOR		0x03
@@ -236,6 +236,34 @@ typedef struct ssl3_compression_st {
 #define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS	0x0001
 #define SSL3_FLAGS_DELAY_CLIENT_FINISHED	0x0002
 #define SSL3_FLAGS_POP_BUFFER			0x0004
+#define	TLS1_FLAGS_TLS_PADDING_BUG		0x0008
+
+#if 0
+#define AD_CLOSE_NOTIFY			0
+#define AD_UNEXPECTED_MESSAGE		1
+#define AD_BAD_RECORD_MAC		2
+#define AD_DECRYPTION_FAILED		3
+#define AD_RECORD_OVERFLOW		4
+#define AD_DECOMPRESSION_FAILURE	5	/* fatal */
+#define AD_HANDSHAKE_FAILURE		6	/* fatal */
+#define AD_NO_CERTIFICATE		7	/* Not under TLS */
+#define AD_BAD_CERTIFICATE		8
+#define AD_UNSUPPORTED_CERTIFICATE	9
+#define AD_CERTIFICATE_REVOKED		10	
+#define AD_CERTIFICATE_EXPIRED		11
+#define AD_CERTIFICATE_UNKNOWN		12
+#define AD_ILLEGAL_PARAMETER		13	/* fatal */
+#define AD_UNKNOWN_CA			14	/* fatal */
+#define AD_ACCESS_DENIED		15	/* fatal */
+#define AD_DECODE_ERROR			16	/* fatal */
+#define AD_DECRYPT_ERROR		17
+#define AD_EXPORT_RESTRICION		18	/* fatal */
+#define AD_PROTOCOL_VERSION		19	/* fatal */
+#define AD_INSUFFICIENT_SECURITY	20	/* fatal */
+#define AD_INTERNAL_ERROR		21	/* fatal */
+#define AD_USER_CANCLED			22
+#define AD_NO_RENEGOTIATION		23
+#endif
 
 typedef struct ssl3_ctx_st
 	{
@@ -279,9 +307,17 @@ typedef struct ssl3_ctx_st
 	int alert_dispatch;
 	char send_alert[2];
 
+	/* This flag is set when we should renegotiate ASAP, basically when
+	 * there is no more data in the read or write buffers */
+	int renegotiate;
+	int total_renegotiations;
+	int num_renegotiations;
+
+	int in_read_app_data;
+
 	struct	{
-		unsigned char finish_md1[EVP_MAX_MD_SIZE];
-		unsigned char finish_md2[EVP_MAX_MD_SIZE];
+		/* Actually only needs to be 16+20 for SSLv3 and 12 for TLS */
+		unsigned char finish_md[EVP_MAX_MD_SIZE*2];
 		
 		unsigned long message_size;
 		int message_type;
@@ -309,6 +345,7 @@ typedef struct ssl3_ctx_st
 		EVP_CIPHER *new_sym_enc;
 		EVP_MD *new_hash;
 		SSL_COMPRESSION *new_compression;
+		int cert_request;
 		} tmp;
 	} SSL3_CTX;
 
@@ -353,6 +390,7 @@ typedef struct ssl3_ctx_st
 /* extra state */
 #define SSL3_ST_SW_FLUSH		(0x100|SSL_ST_ACCEPT)
 /* read from client */
+/* Do not change the number values, they do matter */
 #define SSL3_ST_SR_CLNT_HELLO_A		(0x110|SSL_ST_ACCEPT)
 #define SSL3_ST_SR_CLNT_HELLO_B		(0x111|SSL_ST_ACCEPT)
 #define SSL3_ST_SR_CLNT_HELLO_C		(0x112|SSL_ST_ACCEPT)
diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c
index 36b03335bb..65f3a59386 100644
--- a/ssl/ssl_algs.c
+++ b/ssl/ssl_algs.c
@@ -1,5 +1,5 @@
 /* ssl/ssl_algs.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -82,9 +82,12 @@ void SSLeay_add_ssl_algorithms()
 #endif
 #ifndef NO_MD5
 	EVP_add_digest(EVP_md5());
+	EVP_add_alias(SN_md5,"ssl2-md5");
+	EVP_add_alias(SN_md5,"ssl3-md5");
 #endif
 #ifndef NO_SHA1
 	EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
+	EVP_add_alias(SN_sha1,"ssl3-sha1");
 #endif
 #if !defined(NO_SHA1) && !defined(NO_DSA)
 	EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 873497a877..116a83de64 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -1,5 +1,5 @@
 /* ssl/ssl_asn1.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -116,7 +116,7 @@ unsigned char **pp;
 		l=in->cipher_id;
 	else
 		l=in->cipher->id;
-	if (in->ssl_version == 2)
+	if (in->ssl_version == SSL2_VERSION)
 		{
 		a.cipher.length=3;
 		buf[0]=((unsigned char)(l>>16L))&0xff;
@@ -221,7 +221,7 @@ long length;
 
 	os.data=NULL; os.length=0;
 	M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
-	if (ssl_version == 2)
+	if (ssl_version == SSL2_VERSION)
 		{
 		if (os.length != 3)
 			{
@@ -233,7 +233,7 @@ long length;
 			((unsigned long)os.data[1]<< 8L)|
 			 (unsigned long)os.data[2];
 		}
-	else if (ssl_version == 3)
+	else if ((ssl_version>>8) == 3)
 		{
 		if (os.length != 2)
 			{
@@ -254,9 +254,9 @@ long length;
 	ret->cipher_id=id;
 
 	M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
-	if (ssl_version == 3)
+	if ((ssl_version>>8) == SSL3_VERSION)
 		i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
-	else /* if (ssl_version == 2) */
+	else /* if (ssl_version == SSL2_VERSION) */
 		i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
 
 	if (os.length > i)
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 0c040d9cf3..c1cb86e1b7 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -1,5 +1,5 @@
 /* ssl/ssl_cert.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -94,6 +94,9 @@ CERT *c;
 	int i;
 
 	i=CRYPTO_add(&c->references,-1,CRYPTO_LOCK_SSL_CERT);
+#ifdef REF_PRINT
+	REF_PRINT("CERT",c);
+#endif
 	if (i > 0) return;
 #ifdef REF_CHECK
 	if (i < 0)
@@ -215,7 +218,8 @@ SSL *s;
 	{
 	if (s->type == SSL_ST_CONNECT)
 		{ /* we are in the client */
-		if ((s->version == 3) && (s->s3 != NULL))
+		if (((s->version>>8) == SSL3_VERSION_MAJOR) &&
+			(s->s3 != NULL))
 			return(s->s3->tmp.ca_names);
 		else
 			return(NULL);
@@ -270,6 +274,7 @@ X509_NAME **a,**b;
 	return(X509_NAME_cmp(*a,*b));
 	}
 
+#ifndef NO_STDIO
 STACK *SSL_load_client_CA_file(file)
 char *file;
 	{
@@ -280,11 +285,9 @@ char *file;
 
 	ret=sk_new(NULL);
 	sk=sk_new(name_cmp);
-#ifdef WIN16
-	in=BIO_new(BIO_s_file_internal_w16());
-#else
-	in=BIO_new(BIO_s_file());
-#endif
+
+	in=BIO_new(BIO_s_file_internal());
+
 	if ((ret == NULL) || (sk == NULL) || (in == NULL))
 		{
 		SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
@@ -322,5 +325,5 @@ err:
 	if (x != NULL) X509_free(x);
 	return(ret);
 	}
-
+#endif
 
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 9fed3ad59a..820994408b 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1,5 +1,5 @@
 /* ssl/ssl_ciph.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -74,11 +74,10 @@ static EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
 	};
 
 #define SSL_MD_MD5_IDX	0
-#define SSL_MD_SHA0_IDX	1
-#define SSL_MD_SHA1_IDX	2
-#define SSL_MD_NUM_IDX	3
+#define SSL_MD_SHA1_IDX	1
+#define SSL_MD_NUM_IDX	2
 static EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
-	NULL,NULL,NULL,
+	NULL,NULL,
 	};
 
 typedef struct cipher_sort_st
@@ -90,16 +89,24 @@ typedef struct cipher_sort_st
 #define CIPHER_ADD	1
 #define CIPHER_KILL	2
 #define CIPHER_DEL	3
-#define CIPHER_ORDER	4
+#define CIPHER_ORD	4
 
 typedef struct cipher_choice_st
 	{
 	int type;
 	unsigned long algorithms;
 	unsigned long mask;
-	STACK *order;
+	long top;
 	} CIPHER_CHOICE;
 
+typedef struct cipher_order_st
+	{
+	SSL_CIPHER *cipher;
+	int active;
+	int dead;
+	struct cipher_order_st *next,*prev;
+	} CIPHER_ORDER;
+
 static SSL_CIPHER cipher_aliases[]={
 	{0,SSL_TXT_ALL, 0,SSL_ALL,   0,SSL_ALL},	/* must be first */
 	{0,SSL_TXT_kRSA,0,SSL_kRSA,  0,SSL_MKEY_MASK},
@@ -126,7 +133,6 @@ static SSL_CIPHER cipher_aliases[]={
 	{0,SSL_TXT_eFZA,0,SSL_eFZA,  0,SSL_ENC_MASK},
 
 	{0,SSL_TXT_MD5,	0,SSL_MD5,   0,SSL_MAC_MASK},
-	{0,SSL_TXT_SHA0,0,SSL_SHA0,  0,SSL_MAC_MASK},
 	{0,SSL_TXT_SHA1,0,SSL_SHA1,  0,SSL_MAC_MASK},
 	{0,SSL_TXT_SHA,	0,SSL_SHA,   0,SSL_MAC_MASK},
 
@@ -169,8 +175,6 @@ static void load_ciphers()
 
 	ssl_digest_methods[SSL_MD_MD5_IDX]=
 		EVP_get_digestbyname(SN_md5);
-	ssl_digest_methods[SSL_MD_SHA0_IDX]=
-		EVP_get_digestbyname(SN_sha);
 	ssl_digest_methods[SSL_MD_SHA1_IDX]=
 		EVP_get_digestbyname(SN_sha1);
 	}
@@ -225,9 +229,6 @@ EVP_MD **md;
 	case SSL_MD5:
 		i=SSL_MD_MD5_IDX;
 		break;
-	case SSL_SHA0:
-		i=SSL_MD_SHA0_IDX;
-		break;
 	case SSL_SHA1:
 		i=SSL_MD_SHA1_IDX;
 		break;
@@ -246,6 +247,25 @@ EVP_MD **md;
 		return(0);
 	}
 
+#define ITEM_SEP(a) \
+	(((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
+
+static void ll_append_tail(head,curr,tail)
+CIPHER_ORDER **head,*curr,**tail;
+	{
+	if (curr == *tail) return;
+	if (curr == *head)
+		*head=curr->next;
+	if (curr->prev != NULL)
+		curr->prev->next=curr->next;
+	if (curr->next != NULL) /* should always be true */
+		curr->next->prev=curr->prev;
+	(*tail)->next=curr;
+	curr->prev= *tail;
+	curr->next=NULL;
+	*tail=curr;
+	}
+
 STACK *ssl_create_cipher_list(ssl_method,cipher_list,cipher_list_by_id,str)
 SSL_METHOD *ssl_method;
 STACK **cipher_list,**cipher_list_by_id;
@@ -262,9 +282,11 @@ char *str;
 	int i,j,k,num=0,ch,multi;
 	unsigned long al;
 	STACK *ca_list=NULL;
-	STACK *c_list=NULL;
-	int old_x,old_y,current_x,num_x;
+	int current_x,num_x;
 	CIPHER_CHOICE *ops=NULL;
+	CIPHER_ORDER *list=NULL,*head=NULL,*tail=NULL,*curr,*tail2,*curr2;
+	int list_num;
+	int type;
 	SSL_CIPHER c_tmp,*cp;
 
 	if (str == NULL) return(NULL);
@@ -278,6 +300,7 @@ char *str;
 			goto err;
 			}
 		strcpy(tmp_str,SSL_DEFAULT_CIPHER_LIST);
+		strcat(tmp_str,":");
 		strcat(tmp_str,&(str[7]));
 		str=tmp_str;
 		}
@@ -286,7 +309,6 @@ char *str;
 	num=ssl_method->num_ciphers();
 
 	if ((ret=(STACK *)sk_new(NULL)) == NULL) goto err;
-	if ((c_list=(STACK *)sk_new(NULL)) == NULL) goto err;
 	if ((ca_list=(STACK *)sk_new(cmp_by_name)) == NULL) goto err;
 
 	mask =SSL_kFZA;
@@ -312,20 +334,42 @@ char *str;
 	mask|=(ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL)?SSL_eFZA:0;
 
 	mask|=(ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL)?SSL_MD5 :0;
-	mask|=(ssl_digest_methods[SSL_MD_SHA0_IDX] == NULL)?SSL_SHA0:0;
 	mask|=(ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL)?SSL_SHA1:0;
 
+	if ((list=(CIPHER_ORDER *)Malloc(sizeof(CIPHER_ORDER)*num)) == NULL)
+		goto err;
+
 	/* Get the initial list of ciphers */
+	list_num=0;
 	for (i=0; i<num; i++)
 		{
 		c=ssl_method->get_cipher((unsigned int)i);
 		/* drop those that use any of that is not available */
 		if ((c != NULL) && c->valid && !(c->algorithms & mask))
 			{
-			if (!sk_push(c_list,(char *)c)) goto err;
+			list[list_num].cipher=c;
+			list[list_num].next=NULL;
+			list[list_num].prev=NULL;
+			list[list_num].active=0;
+			list_num++;
 			if (!sk_push(ca_list,(char *)c)) goto err;
 			}
 		}
+	
+	for (i=1; i<list_num-1; i++)
+		{
+		list[i].prev= &(list[i-1]);
+		list[i].next= &(list[i+1]);
+		}
+	if (list_num > 0)
+		{
+		head= &(list[0]);
+		head->prev=NULL;
+		head->next= &(list[1]);
+		tail= &(list[list_num-1]);
+		tail->prev= &(list[list_num-2]);
+		tail->next=NULL;
+		}
 
 	/* special case */
 	cipher_aliases[0].algorithms= ~mask;
@@ -346,12 +390,11 @@ char *str;
 	/* how many parameters are there? */
 	num=1;
 	for (l=str; *l; l++)
-		if (*l == ':') num++;
+		if (ITEM_SEP(*l))
+			num++;
 	ops=(CIPHER_CHOICE *)Malloc(sizeof(CIPHER_CHOICE)*num);
 	if (ops == NULL) goto err;
 	memset(ops,0,sizeof(CIPHER_CHOICE)*num);
-	for (i=0; i<num; i++)
-		if ((ops[i].order=sk_new_null()) == NULL) goto err;
 
 	/* we now parse the input string and create our operations */
 	l=str;
@@ -361,16 +404,19 @@ char *str;
 	for (;;)
 		{
 		ch= *l;
+
+		if (ch == '\0') break;
+
 		if (ch == '-')
 			{ j=CIPHER_DEL; l++; }
 		else if (ch == '+')
-			{ j=CIPHER_ORDER; l++; }
+			{ j=CIPHER_ORD; l++; }
 		else if (ch == '!')
 			{ j=CIPHER_KILL; l++; }
 		else	
 			{ j=CIPHER_ADD; }
 
-		if (*l == ':')
+		if (ITEM_SEP(ch))
 			{
 			l++;
 			continue;
@@ -395,20 +441,20 @@ char *str;
 				 if (i >= (CL_BUF-2)) break;
 				 }
 			buf[i]='\0';
-			if (ch != '\0') l++;
 
 			/* check for multi-part specification */
-			multi=(ch == '+')?1:0;
+			if (ch == '+')
+				{
+				multi=1;
+				l++;
+				}
+			else
+				multi=0;
 
 			c_tmp.name=buf;
 			j=sk_find(ca_list,(char *)&c_tmp);
 			if (j < 0)
-				{
-				if (ch == '\0')
-					break;
-				else
-					continue;
-				}
+				goto end_loop;
 
 			cp=(SSL_CIPHER *)sk_value(ca_list,j);
 			ops[current_x].algorithms|=cp->algorithms;
@@ -419,87 +465,86 @@ char *str;
 			}
 		current_x++;
 		if (ch == '\0') break;
+end_loop:
+		/* Make sure we scan until the next valid start point */
+		while ((*l != '\0') && ITEM_SEP(*l))
+			l++;
 		}
 
 	num_x=current_x;
 	current_x=0;
 
-#ifdef CIPHER_DEBUG
-	printf("<--->\n");
-#endif
-
-	for (i=0; i<sk_num(c_list); i++)
+	/* We will now process the list of ciphers, once for each category, to
+	 * decide what we should do with it. */
+	for (j=0; j<num_x; j++)
 		{
-		old_x= -1;
-		old_y= -1;
-		cp=(SSL_CIPHER *)sk_value(c_list,i);
-#ifdef CIPHER_DEBUG
-		printf("[%s]\n",cp->name);
-#endif
-		for (j=0; j<num_x; j++)
+		algorithms=ops[j].algorithms;
+		type=ops[j].type;
+		mask=ops[j].mask;
+
+		curr=head;
+		curr2=head;
+		tail2=tail;
+		for (;;)
 			{
-			algorithms=ops[j].algorithms;
-			ma=ops[j].mask & cp->algorithms;
-#ifdef CIPHER_DEBUG
-			printf("  %s %08lX&%08lX==0 || %08lX != %08lX \n",
-				cp->name,ops[j].mask,cp->algorithms,ma,algorithms);
-#endif
+			if ((curr == NULL) || (curr == tail2)) break;
+			curr=curr2;
+			curr2=curr->next;
+
+			cp=curr->cipher;
+			ma=mask & cp->algorithms;
 			if ((ma == 0) || ((ma & algorithms) != ma))
 				{
+				/* does not apply */
 				continue;
 				}
-			k=ops[j].type;
-#ifdef CIPHER_DEBUG
-			printf(">>%s\n",cp->name);
-#endif
 
 			/* add the cipher if it has not been added yet. */
-			if (k == CIPHER_ADD)
+			if (type == CIPHER_ADD)
 				{
-				if (old_x < 0)
+				if (!curr->active)
 					{
-					old_x=j;
-					old_y=sk_num(ops[j].order);
-					sk_push(ops[j].order,(char *)cp);
+					ll_append_tail(&head,curr,&tail);
+					curr->active=1;
 					}
 				}
 			/* Move the added cipher to this location */
-			else if (k == CIPHER_ORDER)
+			else if (type == CIPHER_ORD)
 				{
-				if (old_x >= 0)
+				if (curr->active)
 					{
-					sk_value(ops[old_x].order,old_y)=NULL;
-					old_y=sk_num(ops[j].order);
-					sk_push(ops[j].order,(char *)cp);
-					old_x=j;
+					ll_append_tail(&head,curr,&tail);
 					}
 				}
-			/* Remove added cipher */
-			else if ((k == CIPHER_DEL) || (k == CIPHER_KILL))
+			else if	(type == CIPHER_DEL)
+				curr->active=0;
+			if (type == CIPHER_KILL)
 				{
-				if (old_x >= 0)
-					{
-					sk_value(ops[old_x].order,old_y)=NULL;
-					old_x= -1;
-					}
-				if (k == CIPHER_KILL)
-					break;
+				if (head == curr)
+					head=curr->next;
+				else
+					curr->prev->next=curr->next;
+				if (tail == curr)
+					tail=curr->prev;
+				curr->active=0;
+				if (curr->next != NULL)
+					curr->next->prev=curr->prev;
+				if (curr->prev != NULL)
+					curr->prev->next=curr->next;
+				curr->next=NULL;
+				curr->prev=NULL;
 				}
 			}
 		}
 
-	for (i=0; i<num_x; i++)
+	for (curr=head; curr != NULL; curr=curr->next)
 		{
-		for (j=0; j<sk_num(ops[i].order); j++)
+		if (curr->active)
 			{
-			cp=(SSL_CIPHER *)sk_value(ops[i].order,j);
-			if (cp != NULL)
-				{
-				sk_push(ret,(char *)cp);
+			sk_push(ret,(char *)curr->cipher);
 #ifdef CIPHER_DEBUG
-				printf("<%s>\n",cp->name);
+			printf("<%s>\n",curr->cipher->name);
 #endif
-				}
 			}
 		}
 
@@ -528,16 +573,10 @@ char *str;
 	ret=NULL;
 err:
 	if (tmp_str) Free(tmp_str);
-	if (ops != NULL)
-		{
-		for (i=0; i<num; i++)
-			if (ops[i].order != NULL)
-				sk_free(ops[i].order);
-		Free(ops);
-		}
+	if (ops != NULL) Free(ops);
 	if (ret != NULL) sk_free(ret);
-	if (c_list != NULL) sk_free(c_list);
 	if (ca_list != NULL) sk_free(ca_list);
+	if (list != NULL) Free(list);
 	return(ok);
 	}
 
@@ -639,9 +678,6 @@ int len;
 	case SSL_MD5:
 		mac="MD5";
 		break;
-	case SSL_SHA0:
-		mac="SHA0";
-		break;
 	case SSL_SHA1:
 		mac="SHA1";
 		break;
@@ -667,9 +703,10 @@ SSL_CIPHER *c;
 	{
 	int i;
 
+	if (c == NULL) return("(NONE)");
 	i=(int)(c->id>>24L);
 	if (i == 3)
-		return("SSLv3");
+		return("TLSv1/SSLv3");
 	else if (i == 2)
 		return("SSLv2");
 	else
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 18a1a22a82..bcbb98591f 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -60,6 +60,7 @@
 #include "ssl.h"
 
 /* BEGIN ERROR CODES */
+#ifndef NO_ERR
 static ERR_STRING_DATA SSL_str_functs[]=
 	{
 {ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0),	"CLIENT_CERTIFICATE"},
@@ -143,12 +144,14 @@ static ERR_STRING_DATA SSL_str_functs[]=
 {ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0),	"SSL_GET_NEW_SESSION"},
 {ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0),	"SSL_GET_SERVER_SEND_CERT"},
 {ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0),	"SSL_GET_SIGN_PKEY"},
+{ERR_PACK(0,SSL_F_SSL_INIT_WBIO_BUFFER,0),	"SSL_INIT_WBIO_BUFFER"},
 {ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0),	"SSL_load_client_CA_file"},
 {ERR_PACK(0,SSL_F_SSL_NEW,0),	"SSL_new"},
 {ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0),	"SSL_RSA_PRIVATE_DECRYPT"},
 {ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0),	"SSL_RSA_PUBLIC_ENCRYPT"},
 {ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0),	"SSL_SESSION_new"},
 {ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0),	"SSL_SESSION_print_fp"},
+{ERR_PACK(0,SSL_F_SSL_SET_CERT,0),	"SSL_SET_CERT"},
 {ERR_PACK(0,SSL_F_SSL_SET_FD,0),	"SSL_set_fd"},
 {ERR_PACK(0,SSL_F_SSL_SET_PKEY,0),	"SSL_SET_PKEY"},
 {ERR_PACK(0,SSL_F_SSL_SET_RFD,0),	"SSL_set_rfd"},
@@ -165,6 +168,9 @@ static ERR_STRING_DATA SSL_str_functs[]=
 {ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0),	"SSL_use_RSAPrivateKey_ASN1"},
 {ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0),	"SSL_use_RSAPrivateKey_file"},
 {ERR_PACK(0,SSL_F_SSL_WRITE,0),	"SSL_write"},
+{ERR_PACK(0,SSL_F_TLS1_CHANGE_CIPHER_STATE,0),	"TLS1_CHANGE_CIPHER_STATE"},
+{ERR_PACK(0,SSL_F_TLS1_ENC,0),	"TLS1_ENC"},
+{ERR_PACK(0,SSL_F_TLS1_SETUP_KEY_BLOCK,0),	"TLS1_SETUP_KEY_BLOCK"},
 {ERR_PACK(0,SSL_F_WRITE_PENDING,0),	"WRITE_PENDING"},
 {0,NULL},
 	};
@@ -187,6 +193,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {SSL_R_BAD_MAC_DECODE                    ,"bad mac decode"},
 {SSL_R_BAD_MESSAGE_TYPE                  ,"bad message type"},
 {SSL_R_BAD_PACKET_LENGTH                 ,"bad packet length"},
+{SSL_R_BAD_PROTOCOL_VERSION_NUMBER       ,"bad protocol version number"},
 {SSL_R_BAD_RESPONSE_ARGUMENT             ,"bad response argument"},
 {SSL_R_BAD_RSA_DECRYPT                   ,"bad rsa decrypt"},
 {SSL_R_BAD_RSA_ENCRYPT                   ,"bad rsa encrypt"},
@@ -213,8 +220,10 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {SSL_R_COMPRESSED_LENGTH_TOO_LONG        ,"compressed length too long"},
 {SSL_R_COMPRESSION_FAILURE               ,"compression failure"},
 {SSL_R_CONNECTION_ID_IS_DIFFERENT        ,"connection id is different"},
+{SSL_R_CONNECTION_TYPE_NOT_SET           ,"connection type not set"},
 {SSL_R_DATA_BETWEEN_CCS_AND_FINISHED     ,"data between ccs and finished"},
 {SSL_R_DATA_LENGTH_TOO_LONG              ,"data length too long"},
+{SSL_R_DECRYPTION_FAILED                 ,"decryption failed"},
 {SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG   ,"dh public value length is wrong"},
 {SSL_R_DIGEST_CHECK_FAILED               ,"digest check failed"},
 {SSL_R_ENCRYPTED_LENGTH_TOO_LONG         ,"encrypted length too long"},
@@ -222,6 +231,8 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {SSL_R_EXCESSIVE_MESSAGE_SIZE            ,"excessive message size"},
 {SSL_R_EXTRA_DATA_IN_MESSAGE             ,"extra data in message"},
 {SSL_R_GOT_A_FIN_BEFORE_A_CCS            ,"got a fin before a ccs"},
+{SSL_R_HTTPS_PROXY_REQUEST               ,"https proxy request"},
+{SSL_R_HTTP_REQUEST                      ,"http request"},
 {SSL_R_INTERNAL_ERROR                    ,"internal error"},
 {SSL_R_INVALID_CHALLENGE_LENGTH          ,"invalid challenge length"},
 {SSL_R_LENGTH_MISMATCH                   ,"length mismatch"},
@@ -241,7 +252,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {SSL_R_MISSING_TMP_RSA_PKEY              ,"missing tmp rsa pkey"},
 {SSL_R_MISSING_VERIFY_MESSAGE            ,"missing verify message"},
 {SSL_R_NON_SSLV2_INITIAL_PACKET          ,"non sslv2 initial packet"},
-{SSL_R_NO_CERTIFICATES_PASSED            ,"no certificates passed"},
+{SSL_R_NO_CERTIFICATES_RETURNED          ,"no certificates returned"},
 {SSL_R_NO_CERTIFICATE_ASSIGNED           ,"no certificate assigned"},
 {SSL_R_NO_CERTIFICATE_RETURNED           ,"no certificate returned"},
 {SSL_R_NO_CERTIFICATE_SET                ,"no certificate set"},
@@ -255,6 +266,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {SSL_R_NO_COMPRESSION_SPECIFIED          ,"no compression specified"},
 {SSL_R_NO_PRIVATEKEY                     ,"no privatekey"},
 {SSL_R_NO_PRIVATE_KEY_ASSIGNED           ,"no private key assigned"},
+{SSL_R_NO_PROTOCOLS_AVAILABLE            ,"no protocols available"},
 {SSL_R_NO_PUBLICKEY                      ,"no publickey"},
 {SSL_R_NO_SHARED_CIPHER                  ,"no shared cipher"},
 {SSL_R_NULL_SSL_CTX                      ,"null ssl ctx"},
@@ -304,12 +316,18 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {SSL_R_SSL_HANDSHAKE_FAILURE             ,"ssl handshake failure"},
 {SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS        ,"ssl library has no ciphers"},
 {SSL_R_SSL_SESSION_ID_IS_DIFFERENT       ,"ssl session id is different"},
+{SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"},
+{SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"},
+{SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"},
 {SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER   ,"tried to use unsupported cipher"},
 {SSL_R_UNABLE_TO_DECODE_DH_CERTS         ,"unable to decode dh certs"},
 {SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY      ,"unable to extract public key"},
 {SSL_R_UNABLE_TO_FIND_DH_PARAMETERS      ,"unable to find dh parameters"},
 {SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"},
 {SSL_R_UNABLE_TO_FIND_SSL_METHOD         ,"unable to find ssl method"},
+{SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES  ,"unable to load ssl2 md5 routines"},
+{SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES  ,"unable to load ssl3 md5 routines"},
+{SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ,"unable to load ssl3 sha1 routines"},
 {SSL_R_UNEXPECTED_MESSAGE                ,"unexpected message"},
 {SSL_R_UNEXPECTED_RECORD                 ,"unexpected record"},
 {SSL_R_UNKNOWN_ALERT_TYPE                ,"unknown alert type"},
@@ -324,6 +342,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {SSL_R_UNKNOWN_STATE                     ,"unknown state"},
 {SSL_R_UNSUPPORTED_CIPHER                ,"unsupported cipher"},
 {SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"},
+{SSL_R_UNSUPPORTED_PROTOCOL              ,"unsupported protocol"},
 {SSL_R_UNSUPPORTED_SSL_VERSION           ,"unsupported ssl version"},
 {SSL_R_WRITE_BIO_NOT_SET                 ,"write bio not set"},
 {SSL_R_WRONG_CIPHER_RETURNED             ,"wrong cipher returned"},
@@ -337,14 +356,19 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {0,NULL},
 	};
 
+#endif
+
 void ERR_load_SSL_strings()
 	{
 	static int init=1;
 
-	if (init)
-		{
+	if (init);
+		{;
 		init=0;
+#ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_SSL,SSL_str_functs);
 		ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons);
+#endif
+
 		}
 	}
diff --git a/ssl/ssl_err2.c b/ssl/ssl_err2.c
index a159fbb7cd..0b91f7b8d2 100644
--- a/ssl/ssl_err2.c
+++ b/ssl/ssl_err2.c
@@ -1,5 +1,5 @@
 /* ssl/ssl_err2.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index be091b1e75..f562ec6b14 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1,5 +1,5 @@
 /* ssl/ssl_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -61,13 +61,21 @@
 #include "lhash.h"
 #include "ssl_locl.h"
 
-#ifndef NOPROTO
-static unsigned long conn_hash(SSL_SESSION *a);
-#else
-static unsigned long conn_hash();
-#endif
+char *SSL_version_str="SSLeay 0.9.0b 29-Jun-1998";
+
+static STACK *ssl_meth=NULL;
+static STACK *ssl_ctx_meth=NULL;
+static int ssl_meth_num=0;
+static int ssl_ctx_meth_num=0;
 
-char *SSL_version_str="SSLeay 0.8.1b 29-Jun-1998";
+SSL3_ENC_METHOD ssl3_undef_enc_method={
+	ssl_undefined_function,
+	ssl_undefined_function,
+	ssl_undefined_function,
+	ssl_undefined_function,
+	ssl_undefined_function,
+	ssl_undefined_function,
+	};
 
 void SSL_clear(s)
 SSL *s;
@@ -178,7 +186,12 @@ SSL_CTX *ctx;
 		}
 
 	s->quiet_shutdown=ctx->quiet_shutdown;
+	s->references=1;
+	s->options=ctx->options;
 	SSL_clear(s);
+
+	CRYPTO_new_ex_data(ssl_meth,(char *)s,&s->ex_data);
+
 	return(s);
 err:
 	SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
@@ -188,6 +201,23 @@ err:
 void SSL_free(s)
 SSL *s;
 	{
+	int i;
+
+	i=CRYPTO_add(&s->references,-1,CRYPTO_LOCK_SSL);
+#ifdef REF_PRINT
+	REF_PRINT("SSL",s);
+#endif
+	if (i > 0) return;
+#ifdef REF_CHECK
+	if (i < 0)
+		{
+		fprintf(stderr,"SSL_free, bad reference count\n");
+		abort(); /* ok */
+		}
+#endif
+
+	CRYPTO_free_ex_data(ssl_meth,(char *)s,&s->ex_data);
+
 	if (s->bbio != NULL)
 		{
 		/* If the buffering BIO is in place, pop it off */
@@ -196,6 +226,7 @@ SSL *s;
 			s->wbio=BIO_pop(s->wbio);
 			}
 		BIO_free(s->bbio);
+		s->bbio=NULL;
 		}
 	if (s->rbio != NULL)
 		BIO_free_all(s->rbio);
@@ -303,12 +334,18 @@ int fd;
 	int ret=0;
 	BIO *bio=NULL;
 
-	bio=BIO_new(BIO_s_socket());
+	if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
+		|| ((int)BIO_get_fd(s->rbio,NULL) != fd))
+		{
+		bio=BIO_new(BIO_s_socket());
 
-	if (bio == NULL)
-		{ SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; }
-	BIO_set_fd(bio,fd,BIO_NOCLOSE);
-	SSL_set_bio(s,SSL_get_rbio(s),bio);
+		if (bio == NULL)
+			{ SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; }
+		BIO_set_fd(bio,fd,BIO_NOCLOSE);
+		SSL_set_bio(s,SSL_get_rbio(s),bio);
+		}
+	else
+		SSL_set_bio(s,SSL_get_rbio(s),SSL_get_rbio(s));
 	ret=1;
 err:
 	return(ret);
@@ -321,15 +358,21 @@ int fd;
 	int ret=0;
 	BIO *bio=NULL;
 
-	bio=BIO_new(BIO_s_socket());
-
-	if (bio == NULL)
+	if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
+		|| ((int)BIO_get_fd(s->wbio,NULL) != fd))
 		{
-		SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB);
-		goto err;
+		bio=BIO_new(BIO_s_socket());
+
+		if (bio == NULL)
+			{
+			SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB);
+			goto err;
+			}
+		BIO_set_fd(bio,fd,BIO_NOCLOSE);
+		SSL_set_bio(s,bio,SSL_get_wbio(s));
 		}
-	BIO_set_fd(bio,fd,BIO_NOCLOSE);
-	SSL_set_bio(s,bio,SSL_get_wbio(s));
+	else
+		SSL_set_bio(s,SSL_get_wbio(s),SSL_get_wbio(s));
 	ret=1;
 err:
 	return(ret);
@@ -449,6 +492,7 @@ SSL *t,*f;
 	if (tmp != NULL) ssl_cert_free(tmp);
 	}
 
+/* Fix this so it checks all the valid key/cert options */
 int SSL_CTX_check_private_key(ctx)
 SSL_CTX *ctx;
 	{
@@ -467,6 +511,7 @@ SSL_CTX *ctx;
 	return(X509_check_private_key(ctx->default_cert->key->x509, ctx->default_cert->key->privatekey));
 	}
 
+/* Fix this function so that it takes an optional type parameter */
 int SSL_check_private_key(ssl)
 SSL *ssl;
 	{
@@ -560,6 +605,7 @@ SSL *s;
 int SSL_renegotiate(s)
 SSL *s;
 	{
+	s->new_session=1;
 	return(s->method->ssl_renegotiate(s));
 	}
 
@@ -614,7 +660,7 @@ SSL *s;
 		{
 		return(s->cipher_list);
 		}
-	else if ((s != NULL) && (s->ctx != NULL) &&
+	else if ((s->ctx != NULL) &&
 		(s->ctx->cipher_list != NULL))
 		{
 		return(s->ctx->cipher_list);
@@ -699,13 +745,14 @@ int len;
 
 	p=buf;
 	sk=s->session->ciphers;
-	len--;
 	for (i=0; i<sk_num(sk); i++)
 		{
+		/* Decrement for either the ':' or a '\0' */
+		len--;
 		c=(SSL_CIPHER *)sk_value(sk,i);
 		for (cp=c->name; *cp; )
 			{
-			if (--len == 0)
+			if (len-- == 0)
 				{
 				*p='\0';
 				return(buf);
@@ -787,27 +834,25 @@ err:
 	return(NULL);
 	}
 
-static unsigned long conn_hash(a)
+unsigned long SSL_SESSION_hash(a)
 SSL_SESSION *a;
 	{
 	unsigned long l;
 
 	l=      (a->session_id[0]     )|(a->session_id[1]<< 8L)|
-		(a->session_id[1]<<16L)|(a->session_id[2]<<24L);
+		(a->session_id[2]<<16L)|(a->session_id[3]<<24L);
 	return(l);
 	}
 
-static int session_cmp(a, b)
+int SSL_SESSION_cmp(a, b)
 SSL_SESSION *a;
 SSL_SESSION *b;
 	{
-	int i;
-
-	i=a->session_id_length - b->session_id_length;
-	if (i == 0)
-		return(memcmp(a->session_id,b->session_id,
-			a->session_id_length));
-	else    return(1);
+	if (a->ssl_version != b->ssl_version)
+		return(1);
+	if (a->session_id_length != b->session_id_length)
+		return(1);
+	return(memcmp(a->session_id,b->session_id,a->session_id_length));
 	}
 
 SSL_CTX *SSL_CTX_new(meth)
@@ -830,6 +875,9 @@ SSL_METHOD *meth;
 
 	ret->cert_store=NULL;
 	ret->session_cache_mode=SSL_SESS_CACHE_SERVER;
+	ret->session_cache_size=SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
+	ret->session_cache_head=NULL;
+	ret->session_cache_tail=NULL;
 
 	/* We take the system default */
 	ret->session_timeout=meth->get_timeout();
@@ -841,9 +889,12 @@ SSL_METHOD *meth;
 	ret->sess_connect=0;
 	ret->sess_connect_good=0;
 	ret->sess_accept=0;
+	ret->sess_accept_renegotiate=0;
+	ret->sess_connect_renegotiate=0;
 	ret->sess_accept_good=0;
 	ret->sess_miss=0;
 	ret->sess_timeout=0;
+	ret->sess_cache_full=0;
 	ret->sess_hit=0;
 	ret->sess_cb_hit=0;
 
@@ -870,7 +921,7 @@ SSL_METHOD *meth;
 	ret->default_passwd_callback=NULL;
 	ret->client_cert_cb=NULL;
 
-	ret->sessions=lh_new(conn_hash,session_cmp);
+	ret->sessions=lh_new(SSL_SESSION_hash,SSL_SESSION_cmp);
 	if (ret->sessions == NULL) goto err;
 	ret->cert_store=X509_STORE_new();
 	if (ret->cert_store == NULL) goto err;
@@ -884,9 +935,27 @@ SSL_METHOD *meth;
 		goto err2;
 		}
 
+	if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
+		{
+		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
+		goto err2;
+		}
+	if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL)
+		{
+		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
+		goto err2;
+		}
+	if ((ret->sha1=EVP_get_digestbyname("ssl3-sha1")) == NULL)
+		{
+		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
+		goto err2;
+		}
+
 	if ((ret->client_CA=sk_new_null()) == NULL)
 		goto err;
 
+	CRYPTO_new_ex_data(ssl_ctx_meth,(char *)ret,&ret->ex_data);
+
 	return(ret);
 err:
 	SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
@@ -903,6 +972,9 @@ SSL_CTX *a;
 	if (a == NULL) return;
 
 	i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX);
+#ifdef REF_PRINT
+	REF_PRINT("SSL_CTX",a);
+#endif
 	if (i > 0) return;
 #ifdef REF_CHECK
 	if (i < 0)
@@ -911,6 +983,7 @@ SSL_CTX *a;
 		abort(); /* ok */
 		}
 #endif
+	CRYPTO_free_ex_data(ssl_ctx_meth,(char *)a,&a->ex_data);
 
 	if (a->sessions != NULL)
 		{
@@ -1126,22 +1199,34 @@ void ssl_update_cache(s,mode)
 SSL *s;
 int mode;
 	{
+	int i;
+
+	/* If the session_id_length is 0, we are not supposed to cache it,
+	 * and it would be rather hard to do anyway :-) */
+	if (s->session->session_id_length == 0) return;
+
 	if ((s->ctx->session_cache_mode & mode)
 		&& (!s->hit)
 		&& SSL_CTX_add_session(s->ctx,s->session)
 		&& (s->ctx->new_session_cb != NULL))
 		{
-		CRYPTO_add(&s->session->references,1,
-			CRYPTO_LOCK_SSL_SESSION);
+		CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
 		if (!s->ctx->new_session_cb(s,s->session))
 			SSL_SESSION_free(s->session);
 		}
 
 	/* auto flush every 255 connections */
-	if ((!(s->ctx->session_cache_mode &
-		SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
-		((s->ctx->sess_connect_good & 0xff) == 0))
-		SSL_CTX_flush_sessions(s->ctx,time(NULL));
+	i=s->ctx->session_cache_mode;
+	if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
+		((i & mode) == mode))
+		{
+		if (  (((mode & SSL_SESS_CACHE_CLIENT)
+			?s->ctx->sess_connect_good
+			:s->ctx->sess_accept_good) & 0xff) == 0xff)
+			{
+			SSL_CTX_flush_sessions(s->ctx,time(NULL));
+			}
+		}
 	}
 
 SSL_METHOD *SSL_get_ssl_method(s)
@@ -1231,7 +1316,7 @@ int i;
 
 	if (i == 0)
 		{
-		if (s->version == 2)
+		if (s->version == SSL2_VERSION)
 			{
 			/* assume it is the socket being closed */
 			return(SSL_ERROR_ZERO_RETURN);
@@ -1239,7 +1324,7 @@ int i;
 		else
 			{
 			if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
-				(s->s3->warn_alert == SSL3_AD_CLOSE_NOTIFY))
+				(s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
 				return(SSL_ERROR_ZERO_RETURN);
 			}
 		}
@@ -1249,15 +1334,19 @@ int i;
 int SSL_do_handshake(s)
 SSL *s;
 	{
+	int ret=1;
+
 	if (s->handshake_func == NULL)
 		{
-		SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_INTERNAL_ERROR);
+		SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_CONNECTION_TYPE_NOT_SET);
 		return(-1);
 		}
+	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
 	if (SSL_in_init(s) || SSL_in_before(s))
-		return(s->handshake_func(s));
-	else
-		return(1);
+		{
+		ret=s->handshake_func(s);
+		}
+	return(ret);
 	}
 
 /* For the next 2 functions, SSL_clear() sets shutdown and so
@@ -1299,9 +1388,11 @@ int ver;
 char *SSL_get_version(s)
 SSL *s;
 	{
-	if (s->version == 3)
+	if (s->version == TLS1_VERSION)
+		return("TLSv1");
+	else if (s->version == SSL3_VERSION)
 		return("SSLv3");
-	else if (s->version == 2)
+	else if (s->version == SSL2_VERSION)
 		return("SSLv2");
 	else
 		return("unknown");
@@ -1327,9 +1418,11 @@ SSL *s;
 	SSL_set_info_callback(ret,SSL_get_info_callback(s));
 	
 	ret->debug=s->debug;
+	ret->options=s->options;
 
 	/* copy app data, a little dangerous perhaps */
-	SSL_set_app_data(ret,SSL_get_app_data(s));
+	if (!CRYPTO_dup_ex_data(ssl_meth,&ret->ex_data,&s->ex_data))
+		goto err;
 
 	/* setup rbio, and wbio */
 	if (s->rbio != NULL)
@@ -1341,7 +1434,7 @@ SSL *s;
 		{
 		if (s->wbio != s->rbio)
 			{
-			if (!BIO_dup_state(s->wbio,(char *)&ret->rbio))
+			if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
 				goto err;
 			}
 		else
@@ -1405,6 +1498,7 @@ SSL *s;
                 }
 	}
 
+/* Fix this function so that it takes an optional type parameter */
 X509 *SSL_get_certificate(s)
 SSL *s;
 	{
@@ -1414,6 +1508,7 @@ SSL *s;
 		return(NULL);
 	}
 
+/* Fix this function so that it takes an optional type parameter */
 EVP_PKEY *SSL_get_privatekey(s)
 SSL *s;
 	{
@@ -1431,3 +1526,196 @@ SSL *s;
         return(NULL);
 	}
 
+int ssl_init_wbio_buffer(s,push)
+SSL *s;
+int push;
+	{
+	BIO *bbio;
+
+	if (s->bbio == NULL)
+		{
+		bbio=BIO_new(BIO_f_buffer());
+		if (bbio == NULL) return(0);
+		s->bbio=bbio;
+		}
+	else
+		{
+		bbio=s->bbio;
+		if (s->bbio == s->wbio)
+			s->wbio=BIO_pop(s->wbio);
+		}
+	BIO_reset(bbio);
+/*	if (!BIO_set_write_buffer_size(bbio,16*1024)) */
+	if (!BIO_set_read_buffer_size(bbio,1))
+		{
+		SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,ERR_R_BUF_LIB);
+		return(0);
+		}
+	if (push)
+		{
+		if (s->wbio != bbio)
+			s->wbio=BIO_push(bbio,s->wbio);
+		}
+	else
+		{
+		if (s->wbio == bbio)
+			s->wbio=BIO_pop(bbio);
+		}
+	return(1);
+	}
+	
+void SSL_CTX_set_quiet_shutdown(ctx,mode)
+SSL_CTX *ctx;
+int mode;
+	{
+	ctx->quiet_shutdown=mode;
+	}
+
+int SSL_CTX_get_quiet_shutdown(ctx)
+SSL_CTX *ctx;
+	{
+	return(ctx->quiet_shutdown);
+	}
+
+void SSL_set_quiet_shutdown(s,mode)
+SSL *s;
+int mode;
+	{
+	s->quiet_shutdown=mode;
+	}
+
+int SSL_get_quiet_shutdown(s)
+SSL *s;
+	{
+	return(s->quiet_shutdown);
+	}
+
+void SSL_set_shutdown(s,mode)
+SSL *s;
+int mode;
+	{
+	s->shutdown=mode;
+	}
+
+int SSL_get_shutdown(s)
+SSL *s;
+	{
+	return(s->shutdown);
+	}
+
+int SSL_version(s)
+SSL *s;
+	{
+	return(s->version);
+	}
+
+SSL_CTX *SSL_get_SSL_CTX(ssl)
+SSL *ssl;
+	{
+	return(ssl->ctx);
+	}
+
+int SSL_CTX_set_default_verify_paths(ctx)
+SSL_CTX *ctx;
+	{
+	return(X509_STORE_set_default_paths(ctx->cert_store));
+	}
+
+int SSL_CTX_load_verify_locations(ctx,CAfile,CApath)
+SSL_CTX *ctx;
+char *CAfile;
+char *CApath;
+	{
+	return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath));
+	}
+
+void SSL_set_info_callback(ssl,cb)
+SSL *ssl;
+void (*cb)();
+	{
+	ssl->info_callback=cb;
+	}
+
+void (*SSL_get_info_callback(ssl))()
+SSL *ssl;
+	{
+	return(ssl->info_callback);
+	}
+
+int SSL_state(ssl)
+SSL *ssl;
+	{
+	return(ssl->state);
+	}
+
+void SSL_set_verify_result(ssl,arg)
+SSL *ssl;
+long arg;
+	{
+	ssl->verify_result=arg;
+	}
+
+long SSL_get_verify_result(ssl)
+SSL *ssl;
+	{
+	return(ssl->verify_result);
+	}
+
+int SSL_get_ex_new_index(argl,argp,new_func,dup_func,free_func)
+long argl;
+char *argp;
+int (*new_func)();
+int (*dup_func)();
+void (*free_func)();
+        {
+	ssl_meth_num++;
+	return(CRYPTO_get_ex_new_index(ssl_meth_num-1,
+		&ssl_meth,argl,argp,new_func,dup_func,free_func));
+        }
+
+int SSL_set_ex_data(s,idx,arg)
+SSL *s;
+int idx;
+char *arg;
+	{
+	return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
+	}
+
+char *SSL_get_ex_data(s,idx)
+SSL *s;
+int idx;
+	{
+	return(CRYPTO_get_ex_data(&s->ex_data,idx));
+	}
+
+int SSL_CTX_get_ex_new_index(argl,argp,new_func,dup_func,free_func)
+long argl;
+char *argp;
+int (*new_func)();
+int (*dup_func)();
+void (*free_func)();
+        {
+	ssl_ctx_meth_num++;
+	return(CRYPTO_get_ex_new_index(ssl_ctx_meth_num-1,
+		&ssl_ctx_meth,argl,argp,new_func,dup_func,free_func));
+        }
+
+int SSL_CTX_set_ex_data(s,idx,arg)
+SSL_CTX *s;
+int idx;
+char *arg;
+	{
+	return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
+	}
+
+char *SSL_CTX_get_ex_data(s,idx)
+SSL_CTX *s;
+int idx;
+	{
+	return(CRYPTO_get_ex_data(&s->ex_data,idx));
+	}
+
+#if defined(_WINDLL) && defined(WIN16)
+#include "../crypto/bio/bss_file.c"
+#endif
+
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index ef3a70e93e..b29517081b 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1,5 +1,5 @@
 /* ssl/ssl_locl.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -63,11 +63,7 @@
 #include <string.h>
 #include <errno.h>
 
-#ifdef FLAT_INC
 #include "e_os.h"
-#else
-#include "../e_os.h"
-#endif
 
 #include "buffer.h"
 #include "bio.h"
@@ -188,11 +184,10 @@
 #define SSL_eFZA		0x00008000L
 #define SSL_eNULL		0x00010000L
 
-#define SSL_MAC_MASK		0x000e0000L
+#define SSL_MAC_MASK		0x00060000L
 #define SSL_MD5			0x00020000L
-#define SSL_SHA0		0x00040000L
-#define SSL_SHA1		0x00080000L
-#define SSL_SHA			(SSL_SHA0|SSL_SHA1)
+#define SSL_SHA1		0x00040000L
+#define SSL_SHA			(SSL_SHA1)
 
 #define SSL_EXP_MASK		0x00300000L
 #define SSL_EXP			0x00100000L
@@ -298,9 +293,27 @@ typedef struct cert_st
 #define ssl_get_cipher_by_char(ssl,ptr) \
 		((ssl)->method->get_cipher_by_char(ptr))
 
-extern unsigned char ssl3_client_finished_const[4];
-extern unsigned char ssl3_server_finished_const[4];
-
+/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
+ * It is a bit of a mess of functions, but hell, think of it as
+ * an opaque strucute :-) */
+typedef struct ssl3_enc_method
+	{
+	int (*enc)();
+	int (*mac)();
+	int (*setup_key_block)();
+	int (*generate_master_secret)();
+	int (*change_cipher_state)();
+	int (*final_finish_mac)();
+	int finish_mac_length;
+	int (*cert_verify_mac)();
+	unsigned char client_finished[20];
+	int client_finished_len;
+	unsigned char server_finished[20];
+	int server_finished_len;
+	int (*alert_value)();
+	} SSL3_ENC_METHOD;
+
+extern SSL3_ENC_METHOD ssl3_undef_enc_method;
 extern SSL_CIPHER ssl2_ciphers[];
 extern SSL_CIPHER ssl3_ciphers[];
 
@@ -317,7 +330,7 @@ CERT *ssl_cert_new(void);
 void ssl_cert_free(CERT *c);
 int ssl_set_cert_type(CERT *c, int type);
 int ssl_get_new_session(SSL *s, int session);
-int ssl_get_prev_session(SSL *s, int len, unsigned char *session);
+int ssl_get_prev_session(SSL *s, unsigned char *session,int len);
 int ssl_cipher_id_cmp(SSL_CIPHER *a,SSL_CIPHER *b);
 int ssl_cipher_ptr_id_cmp(SSL_CIPHER **ap,SSL_CIPHER **bp);
 STACK *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,STACK **skp);
@@ -333,7 +346,7 @@ EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *);
 int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
 void ssl_set_cert_masks(CERT *c);
 STACK *ssl_get_ciphers_by_id(SSL *s);
-int ssl_verify_alarm_type(int type);
+int ssl_verify_alarm_type(long type);
 
 int ssl2_enc_init(SSL *s, int client);
 void ssl2_generate_key_material(SSL *s);
@@ -354,7 +367,7 @@ int	ssl2_accept(SSL *s);
 int	ssl2_connect(SSL *s);
 int	ssl2_read(SSL *s, char *buf, int len);
 int	ssl2_peek(SSL *s, char *buf, int len);
-int	ssl2_write(SSL *s, const char *buf, int len);
+int	ssl2_write(SSL *s, char *buf, int len);
 int	ssl2_shutdown(SSL *s);
 void	ssl2_clear(SSL *s);
 long	ssl2_ctrl(SSL *s,int cmd, long larg, char *parg);
@@ -365,7 +378,7 @@ SSL_CIPHER *ssl3_get_cipher_by_char(unsigned char *p);
 int ssl3_put_cipher_by_char(SSL_CIPHER *c,unsigned char *p);
 void ssl3_init_finished_mac(SSL *s);
 int ssl3_send_server_certificate(SSL *s);
-int ssl3_get_finished(SSL *s,int state_a,int state_b,unsigned char *sender);
+int ssl3_get_finished(SSL *s,int state_a,int state_b);
 int ssl3_setup_key_block(SSL *s);
 int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b);
 int ssl3_change_cipher_state(SSL *s,int which);
@@ -376,17 +389,18 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out,
 	unsigned char *p, int len);
 int ssl3_get_req_cert_type(SSL *s,unsigned char *p);
 long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
-int ssl3_send_finished(SSL *s, int a, int b, unsigned char *sender);
+int ssl3_send_finished(SSL *s, int a, int b, unsigned char *sender,int slen);
 int ssl3_num_ciphers(void);
 SSL_CIPHER *ssl3_get_cipher(unsigned int u);
 int ssl3_renegotiate(SSL *ssl); 
+int ssl3_renegotiate_check(SSL *ssl); 
 int ssl3_dispatch_alert(SSL *s);
 int ssl3_read_bytes(SSL *s, int type, char *buf, int len);
-void ssl3_generate_key_block(SSL *s, unsigned char *km, int num);
 int ssl3_part_read(SSL *s, int i);
 int ssl3_write_bytes(SSL *s, int type, char *buf, int len);
-int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *in_ctx,
-	unsigned char *sender, unsigned char *p);
+int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1,EVP_MD_CTX *ctx2,
+	unsigned char *sender, int slen,unsigned char *p);
+int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
 void ssl3_finish_mac(SSL *s, unsigned char *buf, int len);
 int ssl3_enc(SSL *s, int send_data);
 int ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
@@ -399,7 +413,7 @@ int	ssl3_accept(SSL *s);
 int	ssl3_connect(SSL *s);
 int	ssl3_read(SSL *s, char *buf, int len);
 int	ssl3_peek(SSL *s,char *buf, int len);
-int	ssl3_write(SSL *s, const char *buf, int len);
+int	ssl3_write(SSL *s, char *buf, int len);
 int	ssl3_shutdown(SSL *s);
 void	ssl3_clear(SSL *s);
 long	ssl3_ctrl(SSL *s,int cmd, long larg, char *parg);
@@ -411,6 +425,28 @@ int ssl23_connect(SSL *s);
 int ssl23_read_bytes(SSL *s, int n);
 int ssl23_write_bytes(SSL *s);
 
+int tls1_new(SSL *s);
+void tls1_free(SSL *s);
+void tls1_clear(SSL *s);
+long tls1_ctrl(SSL *s,int cmd, long larg, char *parg);
+SSL_METHOD *tlsv1_base_method(void );
+
+
+int ssl_init_wbio_buffer(SSL *s, int push);
+
+int tls1_change_cipher_state(SSL *s, int which);
+int tls1_setup_key_block(SSL *s);
+int tls1_enc(SSL *s, int snd);
+int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
+	unsigned char *str, int slen, unsigned char *p);
+int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
+int tls1_mac(SSL *ssl, unsigned char *md, int snd);
+int tls1_generate_master_secret(SSL *s, unsigned char *out,
+	unsigned char *p, int len);
+int tls1_alert_code(int code);
+int ssl3_alert_code(int code);
+
+
 #else
 
 SSL_METHOD *ssl_bad_method();
@@ -485,9 +521,9 @@ int ssl3_send_finished();
 int ssl3_num_ciphers();
 SSL_CIPHER *ssl3_get_cipher();
 int ssl3_renegotiate();
+int ssl3_renegotiate_check();
 int ssl3_dispatch_alert();
 int ssl3_read_bytes();
-void ssl3_generate_key_block();
 int ssl3_part_read();
 int ssl3_write_bytes();
 int ssl3_final_finish_mac();
@@ -515,6 +551,8 @@ int ssl23_connect();
 int ssl23_read_bytes();
 int ssl23_write_bytes();
 
+int ssl_init_wbio_buffer();
+
 #endif
 
 #endif
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index 3a7b8d3c36..140475e5fb 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -1,5 +1,5 @@
 /* ssl/ssl_rsa.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -99,6 +99,7 @@ X509 *x;
 	return(ssl_set_cert(c,x));
 	}
 
+#ifndef NO_STDIO
 int SSL_use_certificate_file(ssl, file, type)
 SSL *ssl;
 char *file;
@@ -109,11 +110,7 @@ int type;
 	int ret=0;
 	X509 *x=NULL;
 
-#ifdef WIN16
-	in=BIO_new(BIO_s_file_internal_w16());
-#else
-	in=BIO_new(BIO_s_file());
-#endif
+	in=BIO_new(BIO_s_file_internal());
 	if (in == NULL)
 		{
 		SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
@@ -122,7 +119,6 @@ int type;
 
 	if (BIO_read_filename(in,file) <= 0)
 		{
-		SYSerr(SYS_F_FOPEN,errno);
 		SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
 		goto end;
 		}
@@ -154,6 +150,7 @@ end:
 	if (in != NULL) BIO_free(in);
 	return(ret);
 	}
+#endif
 
 int SSL_use_certificate_ASN1(ssl, len, d)
 SSL *ssl;
@@ -232,7 +229,16 @@ EVP_PKEY *pkey;
 
 	if (c->pkeys[i].x509 != NULL)
 		{
-		if (!X509_check_private_key(c->pkeys[i].x509,pkey))
+#ifndef NO_RSA
+		/* Don't check the public/private key, this is mostly
+		 * for smart cards. */
+		if ((pkey->type == EVP_PKEY_RSA) &&
+			(RSA_flags(pkey->pkey.rsa) &
+			 RSA_METHOD_FLAG_NO_CHECK))
+			 ok=1;
+		else
+#endif
+			if (!X509_check_private_key(c->pkeys[i].x509,pkey))
 			{
 			if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
 				{
@@ -277,6 +283,7 @@ EVP_PKEY *pkey;
 	}
 
 #ifndef NO_RSA
+#ifndef NO_STDIO
 int SSL_use_RSAPrivateKey_file(ssl, file, type)
 SSL *ssl;
 char *file;
@@ -286,11 +293,7 @@ int type;
 	BIO *in;
 	RSA *rsa=NULL;
 
-#ifdef WIN16
-	in=BIO_new(BIO_s_file_internal_w16());
-#else
-	in=BIO_new(BIO_s_file());
-#endif
+	in=BIO_new(BIO_s_file_internal());
 	if (in == NULL)
 		{
 		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
@@ -299,7 +302,6 @@ int type;
 
 	if (BIO_read_filename(in,file) <= 0)
 		{
-		SYSerr(SYS_F_FOPEN,errno);
 		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
 		goto end;
 		}
@@ -330,6 +332,7 @@ end:
 	if (in != NULL) BIO_free(in);
 	return(ret);
 	}
+#endif
 
 int SSL_use_RSAPrivateKey_ASN1(ssl,d,len)
 SSL *ssl;
@@ -383,6 +386,7 @@ EVP_PKEY *pkey;
 	return(ret);
 	}
 
+#ifndef NO_STDIO
 int SSL_use_PrivateKey_file(ssl, file, type)
 SSL *ssl;
 char *file;
@@ -392,11 +396,7 @@ int type;
 	BIO *in;
 	EVP_PKEY *pkey=NULL;
 
-#ifdef WIN16
-	in=BIO_new(BIO_s_file_internal_w16());
-#else
-	in=BIO_new(BIO_s_file());
-#endif
+	in=BIO_new(BIO_s_file_internal());
 	if (in == NULL)
 		{
 		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
@@ -405,7 +405,6 @@ int type;
 
 	if (BIO_read_filename(in,file) <= 0)
 		{
-		SYSerr(SYS_F_FOPEN,errno);
 		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
 		goto end;
 		}
@@ -431,6 +430,7 @@ end:
 	if (in != NULL) BIO_free(in);
 	return(ret);
 	}
+#endif
 
 int SSL_use_PrivateKey_ASN1(type,ssl,d,len)
 int type;
@@ -491,14 +491,14 @@ X509 *x;
 	pkey=X509_get_pubkey(x);
 	if (pkey == NULL)
 		{
-		SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_X509_LIB);
+		SSLerr(SSL_F_SSL_SET_CERT,SSL_R_X509_LIB);
 		return(0);
 		}
 
 	i=ssl_cert_type(x,pkey);
 	if (i < 0)
 		{
-		SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+		SSLerr(SSL_F_SSL_SET_CERT,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
 		return(0);
 		}
 
@@ -547,6 +547,7 @@ X509 *x;
 	return(1);
 	}
 
+#ifndef NO_STDIO
 int SSL_CTX_use_certificate_file(ctx, file, type)
 SSL_CTX *ctx;
 char *file;
@@ -557,11 +558,7 @@ int type;
 	int ret=0;
 	X509 *x=NULL;
 
-#ifdef WIN16
-	in=BIO_new(BIO_s_file_internal_w16());
-#else
-	in=BIO_new(BIO_s_file());
-#endif
+	in=BIO_new(BIO_s_file_internal());
 	if (in == NULL)
 		{
 		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
@@ -570,7 +567,6 @@ int type;
 
 	if (BIO_read_filename(in,file) <= 0)
 		{
-		SYSerr(SYS_F_FOPEN,errno);
 		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
 		goto end;
 		}
@@ -602,6 +598,7 @@ end:
 	if (in != NULL) BIO_free(in);
 	return(ret);
 	}
+#endif
 
 int SSL_CTX_use_certificate_ASN1(ctx, len, d)
 SSL_CTX *ctx;
@@ -663,6 +660,7 @@ RSA *rsa;
 	return(ret);
 	}
 
+#ifndef NO_STDIO
 int SSL_CTX_use_RSAPrivateKey_file(ctx, file, type)
 SSL_CTX *ctx;
 char *file;
@@ -672,11 +670,7 @@ int type;
 	BIO *in;
 	RSA *rsa=NULL;
 
-#ifdef WIN16
-	in=BIO_new(BIO_s_file_internal_w16());
-#else
-	in=BIO_new(BIO_s_file());
-#endif
+	in=BIO_new(BIO_s_file_internal());
 	if (in == NULL)
 		{
 		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
@@ -685,7 +679,6 @@ int type;
 
 	if (BIO_read_filename(in,file) <= 0)
 		{
-		SYSerr(SYS_F_FOPEN,errno);
 		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
 		goto end;
 		}
@@ -716,6 +709,7 @@ end:
 	if (in != NULL) BIO_free(in);
 	return(ret);
 	}
+#endif
 
 int SSL_CTX_use_RSAPrivateKey_ASN1(ctx,d,len)
 SSL_CTX *ctx;
@@ -766,6 +760,7 @@ EVP_PKEY *pkey;
 	return(ssl_set_pkey(c,pkey));
 	}
 
+#ifndef NO_STDIO
 int SSL_CTX_use_PrivateKey_file(ctx, file, type)
 SSL_CTX *ctx;
 char *file;
@@ -775,11 +770,7 @@ int type;
 	BIO *in;
 	EVP_PKEY *pkey=NULL;
 
-#ifdef WIN16
-	in=BIO_new(BIO_s_file_internal_w16());
-#else
-	in=BIO_new(BIO_s_file());
-#endif
+	in=BIO_new(BIO_s_file_internal());
 	if (in == NULL)
 		{
 		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
@@ -788,7 +779,6 @@ int type;
 
 	if (BIO_read_filename(in,file) <= 0)
 		{
-		SYSerr(SYS_F_FOPEN,errno);
 		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
 		goto end;
 		}
@@ -814,6 +804,7 @@ end:
 	if (in != NULL) BIO_free(in);
 	return(ret);
 	}
+#endif
 
 int SSL_CTX_use_PrivateKey_ASN1(type,ctx,d,len)
 int type;
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index af65c65dac..8212600e40 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -1,5 +1,5 @@
 /* ssl/ssl_sess.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -61,6 +61,51 @@
 #include "rand.h"
 #include "ssl_locl.h"
 
+#ifndef NOPROTO
+static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
+static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s);
+#else
+static void SSL_SESSION_list_remove();
+static void SSL_SESSION_list_add();
+#endif
+
+static ssl_session_num=0;
+static STACK *ssl_session_meth=NULL;
+
+SSL_SESSION *SSL_get_session(ssl)
+SSL *ssl;
+	{
+	return(ssl->session);
+	}
+
+int SSL_SESSION_get_ex_new_index(argl,argp,new_func,dup_func,free_func)
+long argl;
+char *argp;
+int (*new_func)();
+int (*dup_func)();
+void (*free_func)();
+        {
+        ssl_session_num++;
+        return(CRYPTO_get_ex_new_index(ssl_session_num-1,
+		&ssl_session_meth,
+                argl,argp,new_func,dup_func,free_func));
+        }
+
+int SSL_SESSION_set_ex_data(s,idx,arg)
+SSL_SESSION *s;
+int idx;
+char *arg;
+	{
+	return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
+	}
+
+char *SSL_SESSION_get_ex_data(s,idx)
+SSL_SESSION *s;
+int idx;
+	{
+	return(CRYPTO_get_ex_data(&s->ex_data,idx));
+	}
+
 SSL_SESSION *SSL_SESSION_new()
 	{
 	SSL_SESSION *ss;
@@ -76,6 +121,9 @@ SSL_SESSION *SSL_SESSION_new()
 	ss->references=1;
 	ss->timeout=60*5+4; /* 5 minute timeout by default */
 	ss->time=time(NULL);
+	ss->prev=NULL;
+	ss->next=NULL;
+	CRYPTO_new_ex_data(ssl_session_meth,(char *)ss,&ss->ex_data);
 	return(ss);
 	}
 
@@ -101,12 +149,17 @@ int session;
 		{
 		if (s->version == SSL2_CLIENT_VERSION)
 			{
-			ss->ssl_version=2;
+			ss->ssl_version=SSL2_VERSION;
 			ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
 			}
-		else if (s->version == SSL3_VERSION_MAJOR)
+		else if (s->version == SSL3_VERSION)
 			{
-			ss->ssl_version=3;
+			ss->ssl_version=SSL3_VERSION;
+			ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+			}
+		else if (s->version == TLS1_VERSION)
+			{
+			ss->ssl_version=TLS1_VERSION;
 			ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
 			}
 		else
@@ -140,23 +193,26 @@ int session;
 	return(1);
 	}
 
-int ssl_get_prev_session(s, len, session)
+int ssl_get_prev_session(s,session_id,len)
 SSL *s;
+unsigned char *session_id;
 int len;
-unsigned char *session;
 	{
-	SSL_SESSION *ret,data;
+	SSL_SESSION *ret=NULL,data;
 
 	/* conn_init();*/
 	data.ssl_version=s->version;
 	data.session_id_length=len;
 	if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
 		return(0);
-	memcpy(data.session_id,session,len);;
+	memcpy(data.session_id,session_id,len);;
 
-	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-	ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,(char *)&data);
-	CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+	if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
+		{
+		CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+		ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,(char *)&data);
+		CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+		}
 
 	if (ret == NULL)
 		{
@@ -165,7 +221,7 @@ unsigned char *session;
 		s->ctx->sess_miss++;
 		ret=NULL;
 		if ((s->ctx->get_session_cb != NULL) &&
-			((ret=s->ctx->get_session_cb(s,session,len,&copy))
+			((ret=s->ctx->get_session_cb(s,session_id,len,&copy))
 				!= NULL))
 			{
 			s->ctx->sess_cb_hit++;
@@ -188,7 +244,7 @@ unsigned char *session;
 		p=buf;
 		l=ret->cipher_id;
 		l2n(l,p);
-		if (ret->ssl_version == 3)
+		if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR)
 			ret->cipher=ssl_get_cipher_by_char(s,&(buf[2]));
 		else 
 			ret->cipher=ssl_get_cipher_by_char(s,&(buf[1]));
@@ -227,6 +283,7 @@ int SSL_CTX_add_session(ctx,c)
 SSL_CTX *ctx;
 SSL_SESSION *c;
 	{
+	int ret=0;
 	SSL_SESSION *s;
 
 	/* conn_init(); */
@@ -234,7 +291,10 @@ SSL_SESSION *c;
 
 	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
 	s=(SSL_SESSION *)lh_insert(ctx->sessions,(char *)c);
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+	
+	/* Put on the end of the queue unless it is already in the cache */
+	if (s == NULL)
+		SSL_SESSION_list_add(ctx,c);
 
 	/* If the same session if is being 're-added', Free the old
 	 * one when the last person stops using it.
@@ -243,10 +303,27 @@ SSL_SESSION *c;
 	if (s != NULL)
 		{
 		SSL_SESSION_free(s);
-		return(0);
+		ret=0;
 		}
 	else
-		return(1);
+		{
+		ret=1;
+
+		if (SSL_CTX_sess_get_cache_size(ctx) > 0)
+			{
+			while (SSL_CTX_sess_number(ctx) >
+				SSL_CTX_sess_get_cache_size(ctx))
+				{
+				if (!SSL_CTX_remove_session(ctx,
+					ctx->session_cache_tail))
+					break;
+				else
+					ctx->sess_cache_full++;
+				}
+			}
+		}
+	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+	return(ret);
 	}
 
 int SSL_CTX_remove_session(ctx,c)
@@ -256,11 +333,15 @@ SSL_SESSION *c;
 	SSL_SESSION *r;
 	int ret=0;
 
-	if ((c->session_id_length != 0) && (c != NULL))
+	if ((c != NULL) && (c->session_id_length != 0))
 		{
 		CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
 		r=(SSL_SESSION *)lh_delete(ctx->sessions,(char *)c);
-		if (r != NULL) ret=1;
+		if (r != NULL)
+			{
+			ret=1;
+			SSL_SESSION_list_remove(ctx,c);
+			}
 
 		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
 
@@ -268,7 +349,7 @@ SSL_SESSION *c;
 			{
 			r->not_resumable=1;
 			if (ctx->remove_session_cb != NULL)
-				ctx->remove_session_cb(ctx,c);
+				ctx->remove_session_cb(ctx,r);
 			SSL_SESSION_free(r);
 			}
 		}
@@ -283,6 +364,9 @@ SSL_SESSION *ss;
 	int i;
 
 	i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION);
+#ifdef REF_PRINT
+	REF_PRINT("SSL_SESSION",ss);
+#endif
 	if (i > 0) return;
 #ifdef REF_CHECK
 	if (i < 0)
@@ -292,6 +376,8 @@ SSL_SESSION *ss;
 		}
 #endif
 
+	CRYPTO_free_ex_data(ssl_session_meth,(char *)ss,&ss->ex_data);
+
 	memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH);
 	memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH);
 	memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH);
@@ -335,10 +421,18 @@ SSL_SESSION *session;
 		/* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
 		ret=1;
 		}
+	else
+		{
+		if (s->session != NULL)
+			{
+			SSL_SESSION_free(s->session);
+			s->session=NULL;
+			}
+		}
 	return(ret);
 	}
 
-long SSL_set_timeout(s,t)
+long SSL_SESSION_set_timeout(s,t)
 SSL_SESSION *s;
 long t;
 	{
@@ -347,21 +441,21 @@ long t;
 	return(1);
 	}
 
-long SSL_get_timeout(s)
+long SSL_SESSION_get_timeout(s)
 SSL_SESSION *s;
 	{
 	if (s == NULL) return(0);
 	return(s->timeout);
 	}
 
-long SSL_get_time(s)
+long SSL_SESSION_get_time(s)
 SSL_SESSION *s;
 	{
 	if (s == NULL) return(0);
 	return(s->time);
 	}
 
-long SSL_set_time(s,t)
+long SSL_SESSION_set_time(s,t)
 SSL_SESSION *s;
 long t;
 	{
@@ -383,7 +477,10 @@ TIMEOUT_PARAM *p;
 	{
 	if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */
 		{
+		/* The reason we don't call SSL_CTX_remove_session() is to
+		 * save on locking overhead */
 		lh_delete(p->cache,(char *)s);
+		SSL_SESSION_list_remove(p->ctx,s);
 		s->not_resumable=1;
 		if (p->ctx->remove_session_cb != NULL)
 			p->ctx->remove_session_cb(p->ctx,s);
@@ -423,3 +520,63 @@ SSL *s;
 	else
 		return(0);
 	}
+
+/* locked by SSL_CTX in the calling function */
+static void SSL_SESSION_list_remove(ctx,s)
+SSL_CTX *ctx;
+SSL_SESSION *s;
+	{
+	if ((s->next == NULL) || (s->prev == NULL)) return;
+
+	if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail))
+		{ /* last element in list */
+		if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
+			{ /* only one element in list */
+			ctx->session_cache_head=NULL;
+			ctx->session_cache_tail=NULL;
+			}
+		else
+			{
+			ctx->session_cache_tail=s->prev;
+			s->prev->next=(SSL_SESSION *)&(ctx->session_cache_tail);
+			}
+		}
+	else
+		{
+		if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
+			{ /* first element in list */
+			ctx->session_cache_head=s->next;
+			s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head);
+			}
+		else
+			{ /* middle of list */
+			s->next->prev=s->prev;
+			s->prev->next=s->next;
+			}
+		}
+	s->prev=s->next=NULL;
+	}
+
+static void SSL_SESSION_list_add(ctx,s)
+SSL_CTX *ctx;
+SSL_SESSION *s;
+	{
+	if ((s->next != NULL) && (s->prev != NULL))
+		SSL_SESSION_list_remove(ctx,s);
+
+	if (ctx->session_cache_head == NULL)
+		{
+		ctx->session_cache_head=s;
+		ctx->session_cache_tail=s;
+		s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
+		s->next=(SSL_SESSION *)&(ctx->session_cache_tail);
+		}
+	else
+		{
+		s->next=ctx->session_cache_head;
+		s->next->prev=s;
+		s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
+		ctx->session_cache_head=s;
+		}
+	}
+
diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c
index 328ccc94ff..a1daf25dd4 100644
--- a/ssl/ssl_stat.c
+++ b/ssl/ssl_stat.c
@@ -1,5 +1,5 @@
 /* ssl/ssl_stat.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -207,6 +207,7 @@ SSL *s;
 		{
 	case SSL_ST_READ_HEADER: str="read header"; break;
 	case SSL_ST_READ_BODY: str="read body"; break;
+	case SSL_ST_READ_DONE: str="read done"; break;
 	default: str="unknown"; break;
 		}
 	return(str);
diff --git a/ssl/ssl_task.c b/ssl/ssl_task.c
index c27ce913e7..ab72166665 100644
--- a/ssl/ssl_task.c
+++ b/ssl/ssl_task.c
@@ -1,5 +1,5 @@
 /* ssl/ssl_task.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c
index b9cb9ef673..ce60e1a6dd 100644
--- a/ssl/ssl_txt.c
+++ b/ssl/ssl_txt.c
@@ -1,5 +1,5 @@
 /* ssl/ssl_txt.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -60,7 +60,7 @@
 #include "buffer.h"
 #include "ssl_locl.h"
 
-#ifndef WIN16
+#ifndef NO_FP_API
 int SSL_SESSION_print_fp(fp, x)
 FILE *fp;
 SSL_SESSION *x;
@@ -68,7 +68,7 @@ SSL_SESSION *x;
         BIO *b;
         int ret;
 
-        if ((b=BIO_new(BIO_s_file())) == NULL)
+        if ((b=BIO_new(BIO_s_file_internal())) == NULL)
 		{
 		SSLerr(SSL_F_SSL_SESSION_PRINT_FP,ERR_R_BUF_LIB);
                 return(0);
@@ -85,11 +85,30 @@ BIO *bp;
 SSL_SESSION *x;
 	{
 	int i;
-	char str[128];
+	char str[128],*s;
 
 	if (x == NULL) goto err;
 	if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err;
-	sprintf(str,"    Cipher    : %s\n",(x->cipher == NULL)?"unknown":x->cipher->name);
+	if (x->ssl_version == SSL2_VERSION)
+		s="SSLv2";
+	else if (x->ssl_version == SSL3_VERSION)
+		s="SSLv3";
+	else if (x->ssl_version == TLS1_VERSION)
+		s="TLSv1";
+	else
+		s="unknown";
+	sprintf(str,"    Protocol  : %s\n",s);
+	if (BIO_puts(bp,str) <= 0) goto err;
+
+	if (x->cipher == NULL)
+		{
+		if (((x->cipher_id) & 0xff000000) == 0x02000000)
+			sprintf(str,"    Cipher    : %06lX\n",x->cipher_id&0xffffff);
+		else
+			sprintf(str,"    Cipher    : %04lX\n",x->cipher_id&0xffff);
+		}
+	else
+		sprintf(str,"    Cipher    : %s\n",(x->cipher == NULL)?"unknown":x->cipher->name);
 	if (BIO_puts(bp,str) <= 0) goto err;
 	if (BIO_puts(bp,"    Session-ID: ") <= 0) goto err;
 	for (i=0; i<(int)x->session_id_length; i++)
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index b8d657f3ba..f9dca4e3ef 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -1,5 +1,5 @@
 /* ssl/ssltest.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -60,18 +60,13 @@
 #include <stdlib.h>
 #include <string.h>
 #include <errno.h>
-#ifdef WIN16
-#define APPS_WIN16
-#endif
+#include "e_os.h"
 #include "bio.h"
 #include "crypto.h"
-#include "../e_os.h"
 #include "x509.h"
 #include "ssl.h"
 #include "err.h"
-
-#ifdef WIN16
-#define APPS_WIN16
+#ifdef WINDOWS
 #include "../crypto/bio/bss_file.c"
 #endif
 
@@ -80,24 +75,31 @@
 
 #ifndef NOPROTO
 int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
+static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int export);
+#ifndef NO_DSA
 static DH *get_dh512(void);
+#endif
 #else
 int MS_CALLBACK verify_callback();
+static RSA MS_CALLBACK *tmp_rsa_cb();
+#ifndef NO_DSA
 static DH *get_dh512();
 #endif
+#endif
 
 BIO *bio_err=NULL;
 BIO *bio_stdout=NULL;
 
 static char *cipher=NULL;
 int verbose=0;
+int debug=0;
 #ifdef FIONBIO
 static int s_nbio=0;
 #endif
 
 
 #ifndef  NOPROTO
-int doit(SSL_CTX *s_ctx,SSL_CTX *c_ctx);
+int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
 #else
 int doit();
 #endif
@@ -109,14 +111,25 @@ static void sv_usage()
 	fprintf(stderr," -server_auth  - check server certificate\n");
 	fprintf(stderr," -client_auth  - do client authentication\n");
 	fprintf(stderr," -v            - more output\n");
+	fprintf(stderr," -d            - debug output\n");
+	fprintf(stderr," -reuse        - use session-id reuse\n");
+	fprintf(stderr," -num <val>    - number of connections to perform\n");
+	fprintf(stderr," -bytes <val>  - number of bytes to swap between client/server\n");
 #ifndef NO_SSL2
 	fprintf(stderr," -ssl2         - use SSLv2\n");
 #endif
 #ifndef NO_SSL3
 	fprintf(stderr," -ssl3         - use SSLv3\n");
 #endif
+#ifndef NO_TLS1
+	fprintf(stderr," -tls1         - use TLSv1\n");
+#endif
 	fprintf(stderr," -CApath arg   - PEM format directory of CA's\n");
 	fprintf(stderr," -CAfile arg   - PEM format file of CA's\n");
+	fprintf(stderr," -cert arg     - Certificate file\n");
+	fprintf(stderr," -s_cert arg   - Just the server certificate file\n");
+	fprintf(stderr," -c_cert arg   - Just the client certificate file\n");
+	fprintf(stderr," -cipher arg   - The cipher list\n");
 	}
 
 int main(argc, argv)
@@ -125,15 +138,21 @@ char *argv[];
 	{
 	char *CApath=NULL,*CAfile=NULL;
 	int badop=0;
-	int ssl2=0,ssl3=0,ret=1;
+	int tls1=0,ssl2=0,ssl3=0,ret=1;
 	int client_auth=0;
-	int server_auth=0;
+	int server_auth=0,i;
 	char *server_cert=TEST_SERVER_CERT;
 	char *client_cert=TEST_CLIENT_CERT;
 	SSL_CTX *s_ctx=NULL;
 	SSL_CTX *c_ctx=NULL;
 	SSL_METHOD *meth=NULL;
+	SSL *c_ssl,*s_ssl;
+	int number=1,reuse=0;
+	long bytes=1L;
+	SSL_CIPHER *ciph;
+#ifndef NO_DH
 	DH *dh;
+#endif
 
 	bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
 	bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE);
@@ -151,10 +170,31 @@ char *argv[];
 			client_auth=1;
 		else if	(strcmp(*argv,"-v") == 0)
 			verbose=1;
+		else if	(strcmp(*argv,"-d") == 0)
+			debug=1;
+		else if	(strcmp(*argv,"-reuse") == 0)
+			reuse=1;
 		else if	(strcmp(*argv,"-ssl2") == 0)
 			ssl2=1;
+		else if	(strcmp(*argv,"-tls1") == 0)
+			tls1=1;
 		else if	(strcmp(*argv,"-ssl3") == 0)
 			ssl3=1;
+		else if	(strncmp(*argv,"-num",4) == 0)
+			{
+			if (--argc < 1) goto bad;
+			number= atoi(*(++argv));
+			if (number == 0) number=1;
+			}
+		else if	(strcmp(*argv,"-bytes") == 0)
+			{
+			if (--argc < 1) goto bad;
+			bytes= atol(*(++argv));
+			if (bytes == 0L) bytes=1L;
+			i=strlen(argv[0]);
+			if (argv[0][i-1] == 'k') bytes*=1024L;
+			if (argv[0][i-1] == 'm') bytes*=1024L*1024L;
+			}
 		else if	(strcmp(*argv,"-cert") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -210,6 +250,9 @@ bad:
 	if (ssl2)
 		meth=SSLv2_method();
 	else 
+	if (tls1)
+		meth=TLSv1_method();
+	else
 	if (ssl3)
 		meth=SSLv3_method();
 	else
@@ -239,7 +282,11 @@ bad:
 #ifndef NO_DH
 	dh=get_dh512();
 	SSL_CTX_set_tmp_dh(s_ctx,dh);
-        DH_free(dh);
+	DH_free(dh);
+#endif
+
+#ifndef NO_RSA
+	SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
 #endif
 
 	if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
@@ -266,9 +313,9 @@ bad:
 		(!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
 		(!SSL_CTX_set_default_verify_paths(c_ctx)))
 		{
-		fprintf(stderr,"SSL_load_verify_locations\n");
+		/* fprintf(stderr,"SSL_load_verify_locations\n"); */
 		ERR_print_errors(bio_err);
-		goto end;
+		/* goto end; */
 		}
 
 	if (client_auth)
@@ -285,7 +332,29 @@ bad:
 			verify_callback);
 		}
 
-	ret=doit(s_ctx,c_ctx);
+	c_ssl=SSL_new(c_ctx);
+	s_ssl=SSL_new(s_ctx);
+
+	for (i=0; i<number; i++)
+		{
+		if (!reuse) SSL_set_session(c_ssl,NULL);
+		ret=doit(s_ssl,c_ssl,bytes);
+		}
+
+	if (!verbose)
+		{
+		ciph=SSL_get_current_cipher(c_ssl);
+		fprintf(stdout,"Protocol %s, cipher %s, %s\n",
+			SSL_get_version(c_ssl),
+			SSL_CIPHER_get_version(ciph),
+			SSL_CIPHER_get_name(ciph));
+		}
+	if ((number > 1) || (bytes > 1L))
+		printf("%d handshakes of %ld bytes done\n",number,bytes);
+
+	SSL_free(s_ssl);
+	SSL_free(c_ssl);
+
 end:
 	if (s_ctx != NULL) SSL_CTX_free(s_ctx);
 	if (c_ctx != NULL) SSL_CTX_free(c_ctx);
@@ -303,33 +372,26 @@ end:
 #define C_DONE	1
 #define S_DONE	2
 
-int doit(s_ctx,c_ctx)
-SSL_CTX *s_ctx,*c_ctx;
+int doit(s_ssl,c_ssl,count)
+SSL *s_ssl,*c_ssl;
+long count;
 	{
-	static char cbuf[200],sbuf[200];
+	MS_STATIC char cbuf[1024*8],sbuf[1024*8];
+	long cw_num=count,cr_num=count;
+	long sw_num=count,sr_num=count;
 	int ret=1;
-	SSL *c_ssl=NULL;
-	SSL *s_ssl=NULL;
 	BIO *c_to_s=NULL;
 	BIO *s_to_c=NULL;
 	BIO *c_bio=NULL;
 	BIO *s_bio=NULL;
 	int c_r,c_w,s_r,s_w;
 	int c_want,s_want;
-	int i;
+	int i,j;
 	int done=0;
 	int c_write,s_write;
 	int do_server=0,do_client=0;
 	SSL_CIPHER *ciph;
 
-	c_ssl=SSL_new(c_ctx);
-	s_ssl=SSL_new(s_ctx);
-	if ((s_ssl == NULL) || (c_ssl == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-
 	c_to_s=BIO_new(BIO_s_mem());
 	s_to_c=BIO_new(BIO_s_mem());
 	if ((s_to_c == NULL) || (c_to_s == NULL))
@@ -348,11 +410,11 @@ SSL_CTX *s_ctx,*c_ctx;
 
 	SSL_set_connect_state(c_ssl);
 	SSL_set_bio(c_ssl,s_to_c,c_to_s);
-	BIO_set_ssl(c_bio,c_ssl,BIO_CLOSE);
+	BIO_set_ssl(c_bio,c_ssl,BIO_NOCLOSE);
 
 	SSL_set_accept_state(s_ssl);
 	SSL_set_bio(s_ssl,c_to_s,s_to_c);
-	BIO_set_ssl(s_bio,s_ssl,BIO_CLOSE);
+	BIO_set_ssl(s_bio,s_ssl,BIO_NOCLOSE);
 
 	c_r=0; s_r=1;
 	c_w=1; s_w=0;
@@ -372,26 +434,26 @@ SSL_CTX *s_ctx,*c_ctx;
 		i=(int)BIO_pending(c_bio);
 		if ((i && c_r) || c_w) do_client=1;
 
-		if (do_server && verbose)
+		if (do_server && debug)
 			{
 			if (SSL_in_init(s_ssl))
 				printf("server waiting in SSL_accept - %s\n",
 					SSL_state_string_long(s_ssl));
-			else if (s_write)
+/*			else if (s_write)
 				printf("server:SSL_write()\n");
-			else 
-				printf("server:SSL_read()\n");
+			else
+				printf("server:SSL_read()\n"); */
 			}
 
-		if (do_client && verbose)
+		if (do_client && debug)
 			{
 			if (SSL_in_init(c_ssl))
 				printf("client waiting in SSL_connect - %s\n",
 					SSL_state_string_long(c_ssl));
-			else if (c_write)
+/*			else if (c_write)
 				printf("client:SSL_write()\n");
 			else
-				printf("client:SSL_read()\n");
+				printf("client:SSL_read()\n"); */
 			}
 
 		if (!do_client && !do_server)
@@ -404,7 +466,9 @@ SSL_CTX *s_ctx,*c_ctx;
 			{
 			if (c_write)
 				{
-				i=BIO_write(c_bio,"hello from client\n",18);
+				j=(cw_num > (long)sizeof(cbuf))
+					?sizeof(cbuf):(int)cw_num;
+				i=BIO_write(c_bio,cbuf,j);
 				if (i < 0)
 					{
 					c_r=0;
@@ -430,13 +494,17 @@ SSL_CTX *s_ctx,*c_ctx;
 					}
 				else
 					{
+					if (debug)
+						printf("client wrote %d\n",i);
 					/* ok */
+					s_r=1;
 					c_write=0;
+					cw_num-=i;
 					}
 				}
 			else
 				{
-				i=BIO_read(c_bio,cbuf,100);
+				i=BIO_read(c_bio,cbuf,sizeof(cbuf));
 				if (i < 0)
 					{
 					c_r=0;
@@ -462,10 +530,20 @@ SSL_CTX *s_ctx,*c_ctx;
 					}
 				else
 					{
-					done|=C_DONE;
-					fprintf(stdout,"CLIENT:from server:");
-					fwrite(cbuf,1,i,stdout);
-					fflush(stdout);
+					if (debug)
+						printf("client read %d\n",i);
+					cr_num-=i;
+					if (sw_num > 0)
+						{
+						s_write=1;
+						s_w=1;
+						}
+					if (cr_num <= 0)
+						{
+						s_write=1;
+						s_w=1;
+						done=S_DONE|C_DONE;
+						}
 					}
 				}
 			}
@@ -474,7 +552,7 @@ SSL_CTX *s_ctx,*c_ctx;
 			{
 			if (!s_write)
 				{
-				i=BIO_read(s_bio,sbuf,100);
+				i=BIO_read(s_bio,sbuf,sizeof(cbuf));
 				if (i < 0)
 					{
 					s_r=0;
@@ -501,16 +579,27 @@ SSL_CTX *s_ctx,*c_ctx;
 					}
 				else
 					{
-					s_write=1;
-					s_w=1;
-					fprintf(stdout,"SERVER:from client:");
-					fwrite(sbuf,1,i,stdout);
-					fflush(stdout);
+					if (debug)
+						printf("server read %d\n",i);
+					sr_num-=i;
+					if (cw_num > 0)
+						{
+						c_write=1;
+						c_w=1;
+						}
+					if (sr_num <= 0)
+						{
+						s_write=1;
+						s_w=1;
+						c_write=0;
+						}
 					}
 				}
 			else
 				{
-				i=BIO_write(s_bio,"hello from server\n",18);
+				j=(sw_num > (long)sizeof(sbuf))?
+					sizeof(sbuf):(int)sw_num;
+				i=BIO_write(s_bio,sbuf,j);
 				if (i < 0)
 					{
 					s_r=0;
@@ -537,9 +626,13 @@ SSL_CTX *s_ctx,*c_ctx;
 					}
 				else
 					{
+					if (debug)
+						printf("server wrote %d\n",i);
+					sw_num-=i;
 					s_write=0;
-					s_r=1;
-					done|=S_DONE;
+					c_r=1;
+					if (sw_num <= 0)
+						done|=S_DONE;
 					}
 				}
 			}
@@ -548,8 +641,11 @@ SSL_CTX *s_ctx,*c_ctx;
 		}
 
 	ciph=SSL_get_current_cipher(c_ssl);
-	fprintf(stdout,"DONE, used %s, %s\n",SSL_CIPHER_get_version(ciph),
-		SSL_CIPHER_get_name(ciph));
+	if (verbose)
+		fprintf(stdout,"DONE, protocol %s, cipher %s, %s\n",
+			SSL_get_version(c_ssl),
+			SSL_CIPHER_get_version(ciph),
+			SSL_CIPHER_get_name(ciph));
 	ret=0;
 err:
 	/* We have to set the BIO's to NULL otherwise they will be
@@ -572,8 +668,8 @@ err:
 
 	if (c_to_s != NULL) BIO_free(c_to_s);
 	if (s_to_c != NULL) BIO_free(s_to_c);
-	if (c_bio != NULL) BIO_free(c_bio);
-	if (s_bio != NULL) BIO_free(s_bio);
+	if (c_bio != NULL) BIO_free_all(c_bio);
+	if (s_bio != NULL) BIO_free_all(s_bio);
 	return(ret);
 	}
 
@@ -607,6 +703,7 @@ X509_STORE_CTX *ctx;
 	return(ok);
 	}
 
+#ifndef NO_DH
 static unsigned char dh512_p[]={
 	0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
 	0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
@@ -623,13 +720,32 @@ static DH *get_dh512()
 	{
 	DH *dh=NULL;
 
-#ifndef NO_DH
 	if ((dh=DH_new()) == NULL) return(NULL);
 	dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
 	dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
 	if ((dh->p == NULL) || (dh->g == NULL))
 		return(NULL);
-#endif
 	return(dh);
 	}
+#endif
+
+static RSA MS_CALLBACK *tmp_rsa_cb(s,export)
+SSL *s;
+int export;
+	{
+	static RSA *rsa_tmp=NULL;
+
+	if (rsa_tmp == NULL)
+		{
+		BIO_printf(bio_err,"Generating temp (512 bit) RSA key...");
+		BIO_flush(bio_err);
+#ifndef NO_RSA
+		rsa_tmp=RSA_generate_key(512,RSA_F4,NULL,NULL);
+#endif
+		BIO_printf(bio_err,"\n");
+		BIO_flush(bio_err);
+		}
+	return(rsa_tmp);
+	}
+
 
diff --git a/ssl/t1_clnt.c b/ssl/t1_clnt.c
new file mode 100644
index 0000000000..986d2436e2
--- /dev/null
+++ b/ssl/t1_clnt.c
@@ -0,0 +1,90 @@
+/* ssl/t1_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "ssl_locl.h"
+
+static SSL_METHOD *tls1_get_client_method(ver)
+int ver;
+	{
+	if (ver == TLS1_VERSION)
+		return(TLSv1_client_method());
+	else
+		return(NULL);
+	}
+
+SSL_METHOD *TLSv1_client_method()
+	{
+	static int init=1;
+	static SSL_METHOD TLSv1_client_data;
+
+	if (init)
+		{
+		init=0;
+		memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(),
+			sizeof(SSL_METHOD));
+		TLSv1_client_data.ssl_connect=ssl3_connect;
+		TLSv1_client_data.get_ssl_method=tls1_get_client_method;
+		}
+	return(&TLSv1_client_data);
+	}
+
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
new file mode 100644
index 0000000000..fbdd3bffb5
--- /dev/null
+++ b/ssl/t1_enc.c
@@ -0,0 +1,635 @@
+/* ssl/t1_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "evp.h"
+#include "hmac.h"
+#include "ssl_locl.h"
+
+static void tls1_P_hash(md,sec,sec_len,seed,seed_len,out,olen)
+EVP_MD *md;
+unsigned char *sec;
+int sec_len;
+unsigned char *seed;
+int seed_len;
+unsigned char *out;
+int olen;
+	{
+	int chunk,n;
+	unsigned int j;
+	HMAC_CTX ctx;
+	HMAC_CTX ctx_tmp;
+	unsigned char A1[HMAC_MAX_MD_CBLOCK];
+	unsigned int A1_len;
+	
+	chunk=EVP_MD_size(md);
+
+	HMAC_Init(&ctx,sec,sec_len,md);
+	HMAC_Update(&ctx,seed,seed_len);
+	HMAC_Final(&ctx,A1,&A1_len);
+
+	n=0;
+	for (;;)
+		{
+		HMAC_Init(&ctx,NULL,0,NULL); /* re-init */
+		HMAC_Update(&ctx,A1,A1_len);
+		memcpy(&ctx_tmp,&ctx,sizeof(ctx)); /* Copy for A2 */ /* not needed for last one */
+		HMAC_Update(&ctx,seed,seed_len);
+
+		if (olen > chunk)
+			{
+			HMAC_Final(&ctx,out,&j);
+			out+=j;
+			olen-=j;
+			HMAC_Final(&ctx_tmp,A1,&A1_len); /* calc the next A1 value */
+			}
+		else	/* last one */
+			{
+			HMAC_Final(&ctx,A1,&A1_len);
+			memcpy(out,A1,olen);
+			break;
+			}
+		}
+	HMAC_cleanup(&ctx);
+	HMAC_cleanup(&ctx_tmp);
+	memset(A1,0,sizeof(A1));
+	}
+
+static void tls1_PRF(md5,sha1,label,label_len,sec,slen,out1,out2,olen)
+EVP_MD *md5;
+EVP_MD *sha1;
+unsigned char *label;
+int label_len;
+unsigned char *sec;
+int slen;
+unsigned char *out1;
+unsigned char *out2;
+int olen;
+	{
+	int len,i;
+	unsigned char *S1,*S2;
+
+	len=slen/2;
+	S1=sec;
+	S2= &(sec[len]);
+	len+=(slen&1); /* add for odd, make longer */
+
+	
+	tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen);
+	tls1_P_hash(sha1,S2,len,label,label_len,out2,olen);
+
+	for (i=0; i<olen; i++)
+		out1[i]^=out2[i];
+	}
+
+static void tls1_generate_key_block(s,km,tmp,num)
+SSL *s;
+unsigned char *km,*tmp;
+int num;
+	{
+	unsigned char *p;
+	unsigned char buf[SSL3_RANDOM_SIZE*2+
+		TLS_MD_MAX_CONST_SIZE];
+	p=buf;
+
+	memcpy(p,TLS_MD_KEY_EXPANSION_CONST,
+		TLS_MD_KEY_EXPANSION_CONST_SIZE);
+	p+=TLS_MD_KEY_EXPANSION_CONST_SIZE;
+	memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
+	p+=SSL3_RANDOM_SIZE;
+	memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
+	p+=SSL3_RANDOM_SIZE;
+
+	tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,
+		s->session->master_key,s->session->master_key_length,
+		km,tmp,num);
+	}
+
+int tls1_change_cipher_state(s,which)
+SSL *s;
+int which;
+	{
+	unsigned char *p,*key_block,*mac_secret;
+	unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+
+		SSL3_RANDOM_SIZE*2];
+	unsigned char tmp1[EVP_MAX_KEY_LENGTH];
+	unsigned char tmp2[EVP_MAX_KEY_LENGTH];
+	unsigned char iv1[EVP_MAX_IV_LENGTH*2];
+	unsigned char iv2[EVP_MAX_IV_LENGTH*2];
+	unsigned char *ms,*key,*iv,*er1,*er2;
+	int client_write;
+	EVP_CIPHER_CTX *dd;
+	EVP_CIPHER *c;
+	SSL_COMPRESSION *comp;
+	EVP_MD *m;
+	int exp,n,i,j,k,exp_label_len;
+
+	exp=(s->s3->tmp.new_cipher->algorithms & SSL_EXPORT)?1:0;
+	c=s->s3->tmp.new_sym_enc;
+	m=s->s3->tmp.new_hash;
+	comp=s->s3->tmp.new_compression;
+	key_block=s->s3->tmp.key_block;
+
+	if (which & SSL3_CC_READ)
+		{
+		if ((s->enc_read_ctx == NULL) &&
+			((s->enc_read_ctx=(EVP_CIPHER_CTX *)
+			Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+			goto err;
+		dd= s->enc_read_ctx;
+		s->read_hash=m;
+		s->read_compression=comp;
+		memset(&(s->s3->read_sequence[0]),0,8);
+		mac_secret= &(s->s3->read_mac_secret[0]);
+		}
+	else
+		{
+		if ((s->enc_write_ctx == NULL) &&
+			((s->enc_write_ctx=(EVP_CIPHER_CTX *)
+			Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+			goto err;
+		dd= s->enc_write_ctx;
+		s->write_hash=m;
+		s->write_compression=comp;
+		memset(&(s->s3->write_sequence[0]),0,8);
+		mac_secret= &(s->s3->write_mac_secret[0]);
+		}
+
+	EVP_CIPHER_CTX_init(dd);
+
+	p=s->s3->tmp.key_block;
+	i=EVP_MD_size(m);
+	j=(exp)?5:EVP_CIPHER_key_length(c);
+	k=EVP_CIPHER_iv_length(c);
+	er1= &(s->s3->client_random[0]);
+	er2= &(s->s3->server_random[0]);
+	if (	(which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
+		(which == SSL3_CHANGE_CIPHER_SERVER_READ))
+		{
+		ms=  &(p[ 0]); n=i+i;
+		key= &(p[ n]); n+=j+j;
+		iv=  &(p[ n]); n+=k+k;
+		exp_label=(unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST;
+		exp_label_len=TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
+		client_write=1;
+		}
+	else
+		{
+		n=i;
+		ms=  &(p[ n]); n+=i+j;
+		key= &(p[ n]); n+=j+k;
+		iv=  &(p[ n]); n+=k;
+		exp_label=(unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST;
+		exp_label_len=TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
+		client_write=0;
+		}
+
+	if (n > s->s3->tmp.key_block_length)
+		{
+		SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_INTERNAL_ERROR);
+		goto err2;
+		}
+
+	memcpy(mac_secret,ms,i);
+#ifdef TLS_DEBUG
+printf("which = %04X\nmac key=",which);
+{ int z; for (z=0; z<i; z++) printf("%02X%c",ms[z],((z+1)%16)?' ':'\n'); }
+#endif
+	if (exp)
+		{
+		/* In here I set both the read and write key/iv to the
+		 * same value since only the correct one will be used :-).
+		 */
+		p=buf;
+		memcpy(p,exp_label,exp_label_len);
+		p+=exp_label_len;
+		memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
+		p+=SSL3_RANDOM_SIZE;
+		memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
+		p+=SSL3_RANDOM_SIZE;
+		tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,key,j,
+			tmp1,tmp2,EVP_CIPHER_key_length(c));
+		key=tmp1;
+
+		if (k > 0)
+			{
+			p=buf;
+			memcpy(p,TLS_MD_IV_BLOCK_CONST,
+				TLS_MD_IV_BLOCK_CONST_SIZE);
+			p+=TLS_MD_IV_BLOCK_CONST_SIZE;
+			memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
+			p+=SSL3_RANDOM_SIZE;
+			memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
+			p+=SSL3_RANDOM_SIZE;
+			tls1_PRF(s->ctx->md5,s->ctx->sha1,
+				buf,p-buf,"",0,iv1,iv2,k*2);
+			if (client_write)
+				iv=iv1;
+			else
+				iv= &(iv1[k]);
+			}
+		}
+
+	s->session->key_arg_length=0;
+
+	EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE));
+#ifdef TLS_DEBUG
+printf("which = %04X\nkey=",which);
+{ int z; for (z=0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c",key[z],((z+1)%16)?' ':'\n'); }
+printf("\niv=");
+{ int z; for (z=0; z<k; z++) printf("%02X%c",iv[z],((z+1)%16)?' ':'\n'); }
+printf("\n");
+#endif
+
+	memset(tmp1,0,sizeof(tmp1));
+	memset(tmp2,0,sizeof(tmp1));
+	memset(iv1,0,sizeof(iv1));
+	memset(iv2,0,sizeof(iv2));
+	return(1);
+err:
+	SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE);
+err2:
+	return(0);
+	}
+
+int tls1_setup_key_block(s)
+SSL *s;
+	{
+	unsigned char *p1,*p2;
+	EVP_CIPHER *c;
+	EVP_MD *hash;
+	int num,exp;
+
+	if (s->s3->tmp.key_block_length != 0)
+		return(1);
+
+	if (!ssl_cipher_get_evp(s->session->cipher,&c,&hash))
+		{
+		SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
+		return(0);
+		}
+
+	s->s3->tmp.new_sym_enc=c;
+	s->s3->tmp.new_hash=hash;
+
+	exp=(s->session->cipher->algorithms & SSL_EXPORT)?1:0;
+
+	num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
+	num*=2;
+
+	ssl3_cleanup_key_block(s);
+
+	if ((p1=(unsigned char *)Malloc(num)) == NULL)
+		goto err;
+	if ((p2=(unsigned char *)Malloc(num)) == NULL)
+		goto err;
+
+	s->s3->tmp.key_block_length=num;
+	s->s3->tmp.key_block=p1;
+
+
+#ifdef TLS_DEBUG
+printf("client random\n");
+{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->client_random[z],((z+1)%16)?' ':'\n'); }
+printf("server random\n");
+{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->server_random[z],((z+1)%16)?' ':'\n'); }
+printf("pre-master\n");
+{ int z; for (z=0; z<s->session->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); }
+#endif
+	tls1_generate_key_block(s,p1,p2,num);
+	memset(p2,0,num);
+	Free(p2);
+#ifdef TLS_DEBUG
+printf("\nkey block\n");
+{ int z; for (z=0; z<num; z++) printf("%02X%c",p1[z],((z+1)%16)?' ':'\n'); }
+#endif
+
+	return(1);
+err:
+	SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
+	return(0);
+	}
+
+int tls1_enc(s,send)
+SSL *s;
+int send;
+	{
+	SSL3_RECORD *rec;
+	EVP_CIPHER_CTX *ds;
+	unsigned long l;
+	int bs,i,ii,j,k,n=0;
+	EVP_CIPHER *enc;
+	SSL_COMPRESSION *comp;
+
+	if (send)
+		{
+		if (s->write_hash != NULL)
+			n=EVP_MD_size(s->write_hash);
+		ds=s->enc_write_ctx;
+		rec= &(s->s3->wrec);
+		if (s->enc_write_ctx == NULL)
+			{ enc=NULL; comp=NULL; }
+		else
+			{
+			enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
+			comp=s->write_compression;
+			}
+		}
+	else
+		{
+		if (s->read_hash != NULL)
+			n=EVP_MD_size(s->read_hash);
+		ds=s->enc_read_ctx;
+		rec= &(s->s3->rrec);
+		if (s->enc_read_ctx == NULL)
+			{ enc=NULL; comp=NULL; }
+		else
+			{
+			enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
+			comp=s->read_compression;
+			}
+		}
+
+	if ((s->session == NULL) || (ds == NULL) ||
+		((enc == NULL) && (comp == NULL)))
+		{
+		memcpy(rec->data,rec->input,rec->length);
+		rec->input=rec->data;
+		}
+	else
+		{
+		l=rec->length;
+		bs=EVP_CIPHER_block_size(ds->cipher);
+
+		if ((bs != 1) && send)
+			{
+			i=bs-((int)l%bs);
+
+			/* Add weird padding of upto 256 bytes */
+
+			/* we need to add 'i' padding bytes of value j */
+			j=i-1;
+			if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG)
+				{
+				if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
+					j++;
+				}
+			for (k=(int)l; k<(int)(l+i); k++)
+				rec->input[k]=j;
+			l+=i;
+			rec->length+=i;
+			}
+
+		EVP_Cipher(ds,rec->data,rec->input,l);
+
+		if ((bs != 1) && !send)
+			{
+			ii=i=rec->data[l-1];
+			i++;
+			if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
+				{
+				/* First packet is even in size, so check */
+				if ((memcmp(s->s3->read_sequence,
+					"\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1))
+					s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG;
+				if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
+					i--;
+				}
+			if (i > (int)rec->length)
+				{
+				SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
+				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
+				return(0);
+				}
+			for (j=(int)(l-i); j<(int)l; j++)
+				{
+				if (rec->data[j] != ii)
+					{
+					SSLerr(SSL_F_TLS1_ENC,SSL_R_DECRYPTION_FAILED);
+					ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
+					return(0);
+					}
+				}
+			rec->length-=i;
+			}
+		}
+	return(1);
+	}
+
+int tls1_cert_verify_mac(s,in_ctx,out)
+SSL *s;
+EVP_MD_CTX *in_ctx;
+unsigned char *out;
+	{
+	unsigned int ret;
+	EVP_MD_CTX ctx;
+
+	memcpy(&ctx,in_ctx,sizeof(EVP_MD_CTX));
+	EVP_DigestFinal(&ctx,out,&ret);
+	return((int)ret);
+	}
+
+int tls1_final_finish_mac(s,in1_ctx,in2_ctx,str,slen,out)
+SSL *s;
+EVP_MD_CTX *in1_ctx,*in2_ctx;
+unsigned char *str;
+int slen;
+unsigned char *out;
+	{
+	unsigned int i;
+	EVP_MD_CTX ctx;
+	unsigned char buf[TLS_MD_MAX_CONST_SIZE+MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
+	unsigned char *q,buf2[12];
+
+	q=buf;
+	memcpy(q,str,slen);
+	q+=slen;
+
+	memcpy(&ctx,in1_ctx,sizeof(EVP_MD_CTX));
+	EVP_DigestFinal(&ctx,q,&i);
+	q+=i;
+	memcpy(&ctx,in2_ctx,sizeof(EVP_MD_CTX));
+	EVP_DigestFinal(&ctx,q,&i);
+	q+=i;
+
+	tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,q-buf,
+		s->session->master_key,s->session->master_key_length,
+		out,buf2,12);
+	memset(&ctx,0,sizeof(EVP_MD_CTX));
+
+	return((int)12);
+	}
+
+int tls1_mac(ssl,md,send)
+SSL *ssl;
+unsigned char *md;
+int send;
+	{
+	SSL3_RECORD *rec;
+	unsigned char *mac_sec,*seq;
+	EVP_MD *hash;
+	unsigned int md_size;
+	int i;
+	HMAC_CTX hmac;
+	unsigned char buf[5]; 
+
+	if (send)
+		{
+		rec= &(ssl->s3->wrec);
+		mac_sec= &(ssl->s3->write_mac_secret[0]);
+		seq= &(ssl->s3->write_sequence[0]);
+		hash=ssl->write_hash;
+		}
+	else
+		{
+		rec= &(ssl->s3->rrec);
+		mac_sec= &(ssl->s3->read_mac_secret[0]);
+		seq= &(ssl->s3->read_sequence[0]);
+		hash=ssl->read_hash;
+		}
+
+	md_size=EVP_MD_size(hash);
+
+	buf[0]=rec->type;
+	buf[1]=TLS1_VERSION_MAJOR;
+	buf[2]=TLS1_VERSION_MINOR;
+	buf[3]=rec->length>>8;
+	buf[4]=rec->length&0xff;
+
+	/* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
+	HMAC_Init(&hmac,mac_sec,EVP_MD_size(hash),hash);
+	HMAC_Update(&hmac,seq,8);
+	HMAC_Update(&hmac,buf,5);
+	HMAC_Update(&hmac,rec->input,rec->length);
+	HMAC_Final(&hmac,md,&md_size);
+
+#ifdef TLS_DEBUG
+printf("sec=");
+{int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }
+printf("seq=");
+{int z; for (z=0; z<8; z++) printf("%02X ",seq[z]); printf("\n"); }
+printf("buf=");
+{int z; for (z=0; z<5; z++) printf("%02X ",buf[z]); printf("\n"); }
+printf("rec=");
+{int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
+#endif
+
+	for (i=7; i>=0; i--)
+		if (++seq[i]) break; 
+
+#ifdef TLS_DEBUG
+{int z; for (z=0; z<md_size; z++) printf("%02X ",md[z]); printf("\n"); }
+#endif
+	return(md_size);
+	}
+
+int tls1_generate_master_secret(s,out,p,len)
+SSL *s;
+unsigned char *out;
+unsigned char *p;
+int len;
+	{
+	unsigned char buf[SSL3_RANDOM_SIZE*2+TLS_MD_MASTER_SECRET_CONST_SIZE];
+	unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
+
+	/* Setup the stuff to munge */
+	memcpy(buf,TLS_MD_MASTER_SECRET_CONST,
+		TLS_MD_MASTER_SECRET_CONST_SIZE);
+	memcpy(&(buf[TLS_MD_MASTER_SECRET_CONST_SIZE]),
+		s->s3->client_random,SSL3_RANDOM_SIZE);
+	memcpy(&(buf[SSL3_RANDOM_SIZE+TLS_MD_MASTER_SECRET_CONST_SIZE]),
+		s->s3->server_random,SSL3_RANDOM_SIZE);
+	tls1_PRF(s->ctx->md5,s->ctx->sha1,
+		buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len,
+		s->session->master_key,buff,SSL3_MASTER_SECRET_SIZE);
+	return(SSL3_MASTER_SECRET_SIZE);
+	}
+
+int tls1_alert_code(code)
+int code;
+	{
+	switch (code)
+		{
+	case SSL_AD_CLOSE_NOTIFY:	return(SSL3_AD_CLOSE_NOTIFY);
+	case SSL_AD_UNEXPECTED_MESSAGE:	return(SSL3_AD_UNEXPECTED_MESSAGE);
+	case SSL_AD_BAD_RECORD_MAC:	return(SSL3_AD_BAD_RECORD_MAC);
+	case SSL_AD_DECRYPTION_FAILED:	return(TLS1_AD_DECRYPTION_FAILED);
+	case SSL_AD_RECORD_OVERFLOW:	return(TLS1_AD_RECORD_OVERFLOW);
+	case SSL_AD_DECOMPRESSION_FAILURE:return(SSL3_AD_DECOMPRESSION_FAILURE);
+	case SSL_AD_HANDSHAKE_FAILURE:	return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_NO_CERTIFICATE:	return(-1);
+	case SSL_AD_BAD_CERTIFICATE:	return(SSL3_AD_BAD_CERTIFICATE);
+	case SSL_AD_UNSUPPORTED_CERTIFICATE:return(SSL3_AD_UNSUPPORTED_CERTIFICATE);
+	case SSL_AD_CERTIFICATE_REVOKED:return(SSL3_AD_CERTIFICATE_REVOKED);
+	case SSL_AD_CERTIFICATE_EXPIRED:return(SSL3_AD_CERTIFICATE_EXPIRED);
+	case SSL_AD_CERTIFICATE_UNKNOWN:return(SSL3_AD_CERTIFICATE_UNKNOWN);
+	case SSL_AD_ILLEGAL_PARAMETER:	return(SSL3_AD_ILLEGAL_PARAMETER);
+	case SSL_AD_UNKNOWN_CA:		return(TLS1_AD_UNKNOWN_CA);
+	case SSL_AD_ACCESS_DENIED:	return(TLS1_AD_ACCESS_DENIED);
+	case SSL_AD_DECODE_ERROR:	return(TLS1_AD_DECODE_ERROR);
+	case SSL_AD_DECRYPT_ERROR:	return(TLS1_AD_DECRYPT_ERROR);
+	case SSL_AD_EXPORT_RESTRICION:	return(TLS1_AD_EXPORT_RESTRICION);
+	case SSL_AD_PROTOCOL_VERSION:	return(TLS1_AD_PROTOCOL_VERSION);
+	case SSL_AD_INSUFFICIENT_SECURITY:return(TLS1_AD_INSUFFICIENT_SECURITY);
+	case SSL_AD_INTERNAL_ERROR:	return(TLS1_AD_INTERNAL_ERROR);
+	case SSL_AD_USER_CANCLED:	return(TLS1_AD_USER_CANCLED);
+	case SSL_AD_NO_RENEGOTIATION:	return(TLS1_AD_NO_RENEGOTIATION);
+	default:			return(-1);
+		}
+	}
+
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
new file mode 100644
index 0000000000..f9fbfa414c
--- /dev/null
+++ b/ssl/t1_lib.c
@@ -0,0 +1,151 @@
+/* ssl/t1_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+char *tls1_version_str="TLSv1 part of SSLeay 0.9.0b 29-Jun-1998";
+
+#ifndef NO_PROTO
+static long tls1_default_timeout(void);
+#else
+static long tls1_default_timeout();
+#endif
+
+static SSL3_ENC_METHOD TLSv1_enc_data={
+	tls1_enc,
+	tls1_mac,
+	tls1_setup_key_block,
+	tls1_generate_master_secret,
+	tls1_change_cipher_state,
+	tls1_final_finish_mac,
+	TLS1_FINISH_MAC_LENGTH,
+	tls1_cert_verify_mac,
+	TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
+	TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
+	tls1_alert_code,
+	};
+
+static SSL_METHOD TLSv1_data= {
+	TLS1_VERSION,
+	tls1_new,
+	tls1_clear,
+	tls1_free,
+	ssl_undefined_function,
+	ssl_undefined_function,
+	ssl3_read,
+	ssl3_peek,
+	ssl3_write,
+	ssl3_shutdown,
+	ssl3_renegotiate,
+	ssl3_ctrl,
+	ssl3_ctx_ctrl,
+	ssl3_get_cipher_by_char,
+	ssl3_put_cipher_by_char,
+	ssl3_pending,
+	ssl3_num_ciphers,
+	ssl3_get_cipher,
+	ssl_bad_method,
+	tls1_default_timeout,
+	&TLSv1_enc_data,
+	};
+
+static long tls1_default_timeout()
+	{
+	/* 2 hours, the 24 hours mentioned in the TLSv1 spec
+	 * is way too long for http, the cache would over fill */
+	return(60*60*2);
+	}
+
+SSL_METHOD *tlsv1_base_method()
+	{
+	return(&TLSv1_data);
+	}
+
+int tls1_new(s)
+SSL *s;
+	{
+	if (!ssl3_new(s)) return(0);
+	s->method->ssl_clear(s);
+	return(1);
+	}
+
+void tls1_free(s)
+SSL *s;
+	{
+	ssl3_free(s);
+	}
+
+void tls1_clear(s)
+SSL *s;
+	{
+	ssl3_clear(s);
+	s->version=TLS1_VERSION;
+	}
+
+#if 0
+long tls1_ctrl(s,cmd,larg,parg)
+SSL *s;
+int cmd;
+long larg;
+char *parg;
+	{
+	return(0);
+	}
+#endif
diff --git a/ssl/t1_meth.c b/ssl/t1_meth.c
new file mode 100644
index 0000000000..512c2078e7
--- /dev/null
+++ b/ssl/t1_meth.c
@@ -0,0 +1,88 @@
+/* ssl/t1_meth.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+static SSL_METHOD *tls1_get_method(ver)
+int ver;
+	{
+	if (ver == TLS1_VERSION)
+		return(TLSv1_method());
+	else
+		return(NULL);
+	}
+
+SSL_METHOD *TLSv1_method()
+	{
+	static int init=1;
+	static SSL_METHOD TLSv1_data;
+
+	if (init)
+		{
+		init=0;
+		memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(),
+			sizeof(SSL_METHOD));
+		TLSv1_data.ssl_connect=ssl3_connect;
+		TLSv1_data.ssl_accept=ssl3_accept;
+		TLSv1_data.get_ssl_method=tls1_get_method;
+		}
+	return(&TLSv1_data);
+	}
+
diff --git a/ssl/t1_srvr.c b/ssl/t1_srvr.c
new file mode 100644
index 0000000000..8cf0addcd9
--- /dev/null
+++ b/ssl/t1_srvr.c
@@ -0,0 +1,91 @@
+/* ssl/t1_srvr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "ssl_locl.h"
+
+static SSL_METHOD *tls1_get_server_method(ver)
+int ver;
+	{
+	if (ver == TLS1_VERSION)
+		return(TLSv1_server_method());
+	else
+		return(NULL);
+	}
+
+SSL_METHOD *TLSv1_server_method()
+	{
+	static int init=1;
+	static SSL_METHOD TLSv1_server_data;
+
+	if (init)
+		{
+		init=0;
+		memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(),
+			sizeof(SSL_METHOD));
+		TLSv1_server_data.ssl_accept=ssl3_accept;
+		TLSv1_server_data.get_ssl_method=tls1_get_server_method;
+		}
+	return(&TLSv1_server_data);
+	}
+
diff --git a/ssl/tls1.h b/ssl/tls1.h
new file mode 100644
index 0000000000..60978613ef
--- /dev/null
+++ b/ssl/tls1.h
@@ -0,0 +1,115 @@
+/* ssl/tls1.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_TLS1_H 
+#define HEADER_TLS1_H 
+
+#include "buffer.h"
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define TLS1_VERSION			0x0301
+#define TLS1_VERSION_MAJOR		0x03
+#define TLS1_VERSION_MINOR		0x01
+
+#define TLS1_AD_DECRYPTION_FAILED	21
+#define TLS1_AD_RECORD_OVERFLOW		22
+#define TLS1_AD_UNKNOWN_CA		48	/* fatal */
+#define TLS1_AD_ACCESS_DENIED		49	/* fatal */
+#define TLS1_AD_DECODE_ERROR		50	/* fatal */
+#define TLS1_AD_DECRYPT_ERROR		51
+#define TLS1_AD_EXPORT_RESTRICION	60	/* fatal */
+#define TLS1_AD_PROTOCOL_VERSION	70	/* fatal */
+#define TLS1_AD_INSUFFICIENT_SECURITY	71	/* fatal */
+#define TLS1_AD_INTERNAL_ERROR		80	/* fatal */
+#define TLS1_AD_USER_CANCLED		90
+#define TLS1_AD_NO_RENEGOTIATION	100
+
+#define TLS_CT_RSA_SIGN			1
+#define TLS_CT_DSS_SIGN			2
+#define TLS_CT_RSA_FIXED_DH		3
+#define TLS_CT_DSS_FIXED_DH		4
+#define TLS_CT_NUMBER			4
+
+#define TLS1_FINISH_MAC_LENGTH		12
+
+#define TLS_MD_MAX_CONST_SIZE			20
+#define TLS_MD_CLIENT_FINISH_CONST		"client finished"
+#define TLS_MD_CLIENT_FINISH_CONST_SIZE		15
+#define TLS_MD_SERVER_FINISH_CONST		"server finished"
+#define TLS_MD_SERVER_FINISH_CONST_SIZE		15
+#define TLS_MD_SERVER_WRITE_KEY_CONST		"server write key"
+#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE	16
+#define TLS_MD_KEY_EXPANSION_CONST		"key expansion"
+#define TLS_MD_KEY_EXPANSION_CONST_SIZE		13
+#define TLS_MD_CLIENT_WRITE_KEY_CONST		"client write key"
+#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE	16
+#define TLS_MD_SERVER_WRITE_KEY_CONST		"server write key"
+#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE	16
+#define TLS_MD_IV_BLOCK_CONST			"IV block"
+#define TLS_MD_IV_BLOCK_CONST_SIZE		8
+#define TLS_MD_MASTER_SECRET_CONST		"master secret"
+#define TLS_MD_MASTER_SECRET_CONST_SIZE		13
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/test/CAssdh.cnf b/test/CAssdh.cnf
new file mode 100644
index 0000000000..4e0a908679
--- /dev/null
+++ b/test/CAssdh.cnf
@@ -0,0 +1,24 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DH certs - CA
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = CU
+countryName_value             = CU
+
+organizationName              = Organization Name (eg, company)
+organizationName_value                = La Junta de la Revolucion
+
+commonName                    = Common Name (eg, YOUR name)
+commonName_value              = Junta
+
diff --git a/test/CAssdsa.cnf b/test/CAssdsa.cnf
new file mode 100644
index 0000000000..a6b4d1810c
--- /dev/null
+++ b/test/CAssdsa.cnf
@@ -0,0 +1,23 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DSA certs - CA
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = ES
+countryName_value             = ES
+
+organizationName              = Organization Name (eg, company)
+organizationName_value                = Hermanos Locos
+
+commonName                    = Common Name (eg, YOUR name)
+commonName_value              = Hermanos Locos CA
diff --git a/test/CAssrsa.cnf b/test/CAssrsa.cnf
new file mode 100644
index 0000000000..eb24a6dfc0
--- /dev/null
+++ b/test/CAssrsa.cnf
@@ -0,0 +1,24 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# create RSA certs - CA
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_key           = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = ES
+countryName_value             = ES
+
+organizationName              = Organization Name (eg, company)
+organizationName_value                = Hermanos Locos
+
+commonName                    = Common Name (eg, YOUR name)
+commonName_value              = Hermanos Locos CA
+
diff --git a/test/Makefile.ssl b/test/Makefile.ssl
index ee48d5493d..b3de76751e 100644
--- a/test/Makefile.ssl
+++ b/test/Makefile.ssl
@@ -13,7 +13,7 @@ MAKE=		make -f $(MAKEFILE)
 MAKEDEPEND=	makedepend -f$(MAKEFILE)
 
 PEX_LIBS=
-EX_LIBS= -lnsl -lsocket
+EX_LIBS= #-lnsl -lsocket
 
 CFLAGS= $(INCLUDES) $(CFLAG)
 
@@ -30,11 +30,15 @@ IDEATEST=	ideatest
 SHATEST=	shatest
 SHA1TEST=	sha1test
 MDC2TEST=	mdc2test
+RMDTEST=	rmdtest
 MD2TEST=	md2test
 MD5TEST=	md5test
-RC4TEST=	rc4test
+HMACTEST=	hmactest
 RC2TEST=	rc2test
+RC4TEST=	rc4test
+RC5TEST=	rc5test
 BFTEST=		bftest
+CASTTEST=	casttest
 DESTEST=	destest
 RANDTEST=	randtest
 DHTEST=		dhtest
@@ -42,20 +46,24 @@ DSATEST=	dsatest
 METHTEST=	methtest
 SSLTEST=	ssltest
 
-EXE=	$(BNTEST) $(IDEATEST) $(MD2TEST)  $(MD5TEST)  $(RC4TEST) \
-	$(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RANDTEST) $(DHTEST) \
-	$(RC2TEST) $(BFTEST) $(SSLTEST) $(EXPTEST) $(DSATEST)
+EXE=	$(BNTEST) $(IDEATEST) $(MD2TEST)  $(MD5TEST) $(HMACTEST) \
+	$(RC2TEST) $(RC4TEST) $(RC5TEST) \
+	$(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
+	$(RANDTEST) $(DHTEST) \
+	$(BFTEST) $(CASTTEST) $(SSLTEST) $(EXPTEST) $(DSATEST)
 
 # $(METHTEST)
 
-OBJ=	$(BNTEST).o $(IDEATEST).o $(MD2TEST).o  $(MD5TEST).o  $(RC4TEST).o \
-	$(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(MDC2TEST).o \
-	$(RANDTEST).o $(DHTEST).o \
-	$(RC2TEST).o $(BFTEST).o  $(SSLTEST).o  $(DSATEST).o  $(EXPTEST).o
-SRC=	$(BNTEST).c $(IDEATEST).c $(MD2TEST).c  $(MD5TEST).c  $(RC4TEST).c \
-	$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c \
-	$(RANDTEST).c $(DHTEST).c \
-	$(RC2TEST).c $(BFTEST).c  $(SSLTEST).c $(DSATEST).c   $(EXPTEST).c
+OBJ=	$(BNTEST).o $(IDEATEST).o $(MD2TEST).o  $(MD5TEST).o $(HMACTEST).o \
+	$(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
+	$(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(MDC2TEST).o $(RMDTEST).o \
+	$(RANDTEST).o $(DHTEST).o $(CASTTEST).o \
+	$(BFTEST).o  $(SSLTEST).o  $(DSATEST).o  $(EXPTEST).o
+SRC=	$(BNTEST).c $(IDEATEST).c $(MD2TEST).c  $(MD5TEST).c  $(HMACTEST).c \
+	$(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
+	$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
+	$(RANDTEST).c $(DHTEST).c $(CASTTEST).c \
+	$(BFTEST).c  $(SSLTEST).c $(DSATEST).c   $(EXPTEST).c
 
 EXHEADER= 
 HEADER=	$(EXHEADER)
@@ -84,8 +92,8 @@ tags:
 	ctags $(SRC)
 
 tests:	exe apps \
-	test_des test_idea test_sha test_md5 test_md2 test_mdc2 \
-	test_rc2 test_rc4 test_bf \
+	test_des test_idea test_sha test_md5 test_hmac test_md2 test_mdc2 \
+	test_rc2 test_rc4 test_rc5 test_bf test_cast \
 	test_rand test_enc test_x509 test_rsa test_crl test_sid test_req \
 	test_pkcs7 test_bn test_verify test_dh test_dsa test_reqgen \
 	test_ss test_ssl test_ca
@@ -94,7 +102,7 @@ apps:
 	@(cd ../apps; $(MAKE)  CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' all)
 
 test_des:
-	./$(DESTEST)
+	#./$(DESTEST)
 
 test_idea:
 	./$(IDEATEST)
@@ -109,18 +117,30 @@ test_mdc2:
 test_md5:
 	./$(MD5TEST)
 
+test_hmac:
+	./$(HMACTEST)
+
 test_md2:
 	./$(MD2TEST)
 
-test_rc2:
-	./$(RC2TEST)
+test_rmd:
+	./$(RMDTEST)
 
 test_bf:
 	./$(BFTEST)
 
+test_cast:
+	./$(CASTTEST)
+
+test_rc2:
+	./$(RC2TEST)
+
 test_rc4:
 	./$(RC4TEST)
 
+test_rc5:
+	./$(RC5TEST)
+
 test_rand:
 	./$(RANDTEST)
 
@@ -226,22 +246,33 @@ $(SHATEST): $(SHATEST).o $(DLIBCRYPTO)
 $(SHA1TEST): $(SHA1TEST).o $(DLIBCRYPTO)
 	$(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
 
+$(RMDTEST): $(RMDTEST).o $(DLIBCRYPTO)
+	$(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
 $(MDC2TEST): $(MDC2TEST).o $(DLIBCRYPTO)
 	$(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
 
 $(MD5TEST): $(MD5TEST).o $(DLIBCRYPTO)
 	$(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
 
+$(HMACTEST): $(HMACTEST).o $(DLIBCRYPTO)
+	$(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
 $(RC2TEST): $(RC2TEST).o $(DLIBCRYPTO)
 	$(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
 
 $(BFTEST): $(BFTEST).o $(DLIBCRYPTO)
 	$(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
 
+$(CASTTEST): $(CASTTEST).o $(DLIBCRYPTO)
+	$(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
 
 $(RC4TEST): $(RC4TEST).o $(DLIBCRYPTO)
 	$(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
 
+$(RC5TEST): $(RC5TEST).o $(DLIBCRYPTO)
+	$(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
 $(DESTEST): $(DESTEST).o $(DLIBCRYPTO)
 	$(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
 
diff --git a/test/Sssdsa.cnf b/test/Sssdsa.cnf
new file mode 100644
index 0000000000..8e170a28ef
--- /dev/null
+++ b/test/Sssdsa.cnf
@@ -0,0 +1,27 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DSA certs - Server
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = ES
+countryName_value             = ES
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Tortilleras S.A.
+
+0.commonName                  = Common Name (eg, YOUR name)
+0.commonName_value            = Torti
+
+1.commonName                  = Common Name (eg, YOUR name)
+1.commonName_value            = Gordita
+
diff --git a/test/Sssrsa.cnf b/test/Sssrsa.cnf
new file mode 100644
index 0000000000..8c79a03fca
--- /dev/null
+++ b/test/Sssrsa.cnf
@@ -0,0 +1,26 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# create RSA certs - Server
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_key           = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = ES
+countryName_value             = ES
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Tortilleras S.A.
+
+0.commonName                  = Common Name (eg, YOUR name)
+0.commonName_value            = Torti
+
+1.commonName                  = Common Name (eg, YOUR name)
+1.commonName_value            = Gordita
diff --git a/test/certCA.srl b/test/certCA.srl
index f5c89552bd..2bbd69c2e5 100644
--- a/test/certCA.srl
+++ b/test/certCA.srl
@@ -1 +1 @@
-32
+70
diff --git a/test/methtest.c b/test/methtest.c
index 55d1ac7934..630d29dc91 100644
--- a/test/methtest.c
+++ b/test/methtest.c
@@ -1,5 +1,5 @@
 /* test/methtest.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/test/r160test.c b/test/r160test.c
new file mode 100644
index 0000000000..a172e393ca
--- /dev/null
+++ b/test/r160test.c
@@ -0,0 +1,57 @@
+/* test/r160test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
diff --git a/test/riptest b/test/riptest
new file mode 100644
index 0000000000..8685d0ce53
--- /dev/null
+++ b/test/riptest
diff --git a/test/testenc b/test/testenc
index 7bcf3d145c..42db56c2be 100644
--- a/test/testenc
+++ b/test/testenc
@@ -34,7 +34,8 @@ for i in rc4 \
 	des-cbc des-ede-cbc des-ede3-cbc \
 	idea-ecb idea-cfb idea-ofb idea-cbc \
 	rc2-ecb rc2-cfb rc2-ofb rc2-cbc \
-	bf-ecb bf-cfb bf-ofb bf-cbc
+	bf-ecb bf-cfb bf-ofb bf-cbc rc4 \
+	cast5-ecb cast5-cfb cast5-ofb cast5-cbc
 do
 	echo $i
 	$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
diff --git a/test/testkey.pem b/test/testkey.pem
index c8eba82668..562e77cb9f 100644
--- a/test/testkey.pem
+++ b/test/testkey.pem
@@ -1,9 +1,9 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIIBOQIBAAJBAK8j1FaU9b+TMyeiXGzIGJZ/Coj39v2v4a4NviCjWELm14fdcdg4
-3Q99LTLyvLDnq7sLQX4gOMaLM4rmGMgeuGsCAwEAAQJAAaFRvqSQTQIvvbSzK4gJ
-Qo1YKcI1GFNkxFv4YxFiJu0/LXaw9U/iDSlUdH15F6ezndqojovnn731Pmf7e08F
-MQIhAOCi7P0RtrV3O/KB0MYldxFOKNwp5lzH+um7jBq6oRw1AiEAx5fGT9fIFl6Z
-hXgWYy+eO8QPjEXDcLTgc5/VbE3o1h8CIBIre4nYxfOVqmaqM23jl+bxcIKmbPiy
-QExpnCKJWADFAiAL73CFb8LgS5HkoFS+Y6eTrVq8qaNRRw+w+lrZ2iLVQwIgRk40
-WRSH7Yv90rv1PpcQ4wxSnu3lfyFO1XZ/J1UxdfA=
+MIIBOgIBAAJBAMIvB0MXsW7gNKJp7/7fTjmd/vdXk51GcgIxergzS13i6nCAL+97
+vD7erU7M5s6kWCm4/U8Q6wcY7jwauiUO7iUCAwEAAQJBAIsOypCNYw8XmBnG64sF
+tysjrfbKzHcQf4x6intmoE42dSc1SkyJXvQiNcXaiS5bGBGrfRkabE8j4X9mmMd6
+S/ECIQD0YIYwjPYLDDJGa2kog42JSiEu15dAOcAJTsnhiHvKbwIhAMtrXLguHYKb
+ScrW/q8Uq+eRcMHwgbuBvnqmzAMln6qrAiAEctFehuJftxwfLgtfAm4MJr5N5PzK
+3YJCaR3BrkNanwIgNcJh9qr5UZMIpXq8RDkKVWCylA6jupJHbNK4B/zhfZECIB+9
+Is3OLPuWFJmk9eQcUaNQZJ5WwEBsaGQ12JeW7Kpe
 -----END RSA PRIVATE KEY-----
diff --git a/test/testreq.pem b/test/testreq.pem
index ebae21d94c..b20137b6e3 100644
--- a/test/testreq.pem
+++ b/test/testreq.pem
@@ -2,8 +2,8 @@
 MIIBQjCB7QIBADCBhzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
 ETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0ZDET
 MBEGA1UEAxMKRXJpYyBZb3VuZzEfMB0GCSqGSIb3DQEJARYQZWF5QG1pbmNvbS5v
-ei5hdTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCvI9RWlPW/kzMnolxsyBiWfwqI
-9/b9r+GuDb4go1hC5teH3XHYON0PfS0y8ryw56u7C0F+IDjGizOK5hjIHrhrAgMB
-AAGgADANBgkqhkiG9w0BAQQFAANBAAJIIXcUJRF4IW0bTYoBAAWnvWNA6gl2lvNF
-OTkJTP7rQG0kdx/YNbBKAosMUUtEk38o2fzsv64jzXL8weUwoPM=
+ei5hdTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDCLwdDF7Fu4DSiae/+3045nf73
+V5OdRnICMXq4M0td4upwgC/ve7w+3q1OzObOpFgpuP1PEOsHGO48GrolDu4lAgMB
+AAGgADANBgkqhkiG9w0BAQQFAANBAItCGg8qCPSoASvm3QUx/6PpreQclDO0bM2l
+eacLlzSHBUvaSqapR/pHfHG2r9l6PuEr/rrYHo+ZrAraSyPhEBc=
 -----END CERTIFICATE REQUEST-----
diff --git a/test/times b/test/times
new file mode 100644
index 0000000000..49aeebf216
--- /dev/null
+++ b/test/times
@@ -0,0 +1,113 @@
+
+More number for the questions about SSL overheads....
+
+The following numbers were generated on a pentium pro 200, running linux.
+They give an indication of the SSL protocol and encryption overheads.
+
+The program that generated them is an unreleased version of ssl/ssltest.c
+which is the SSLeay ssl protocol testing program.  It is a single process that
+talks both sides of the SSL protocol via a non-blocking memory buffer
+interface.
+
+How do I read this?  The protocol and cipher are reasonable obvious.
+The next number is the number of connections being made.  The next is the
+number of bytes exchanged bewteen the client and server side of the protocol.
+This is the number of bytes that the client sends to the server, and then
+the server sends back.  Because this is all happening in one process,
+the data is being encrypted, decrypted, encrypted and then decrypted again.
+It is a round trip of that many bytes.  Because the one process performs
+both the client and server sides of the protocol and it sends this many bytes
+each direction, multiply this number by 4 to generate the number
+of bytes encrypted/decrypted/MACed.  The first time value is how many seconds
+elapsed doing a full SSL handshake, the second is the cost of one
+full handshake and the rest being session-id reuse.
+
+SSLv2 RC4-MD5      1000 x      1   12.83s   0.70s
+SSLv3 NULL-MD5     1000 x      1   14.35s   1.47s
+SSLv3 RC4-MD5      1000 x      1   14.46s   1.56s
+SSLv3 RC4-MD5      1000 x      1   51.93s   1.62s 1024bit RSA
+SSLv3 RC4-SHA      1000 x      1   14.61s   1.83s
+SSLv3 DES-CBC-SHA  1000 x      1   14.70s   1.89s
+SSLv3 DES-CBC3-SHA 1000 x      1   15.16s   2.16s
+
+SSLv2 RC4-MD5      1000 x   1024   13.72s   1.27s
+SSLv3 NULL-MD5     1000 x   1024   14.79s   1.92s
+SSLv3 RC4-MD5      1000 x   1024   52.58s   2.29s 1024bit RSA
+SSLv3 RC4-SHA      1000 x   1024   15.39s   2.67s
+SSLv3 DES-CBC-SHA  1000 x   1024   16.45s   3.55s
+SSLv3 DES-CBC3-SHA 1000 x   1024   18.21s   5.38s
+
+SSLv2 RC4-MD5      1000 x  10240   18.97s   6.52s
+SSLv3 NULL-MD5     1000 x  10240   17.79s   5.11s
+SSLv3 RC4-MD5      1000 x  10240   20.25s   7.90s
+SSLv3 RC4-MD5      1000 x  10240   58.26s   8.08s 1024bit RSA
+SSLv3 RC4-SHA      1000 x  10240   22.96s  11.44s
+SSLv3 DES-CBC-SHA  1000 x  10240   30.65s  18.41s
+SSLv3 DES-CBC3-SHA 1000 x  10240   47.04s  34.53s
+
+SSLv2 RC4-MD5      1000 x 102400   70.22s  57.74s
+SSLv3 NULL-MD5     1000 x 102400   43.73s  31.03s
+SSLv3 RC4-MD5      1000 x 102400   71.32s  58.83s
+SSLv3 RC4-MD5      1000 x 102400  109.66s  59.20s 1024bit RSA
+SSLv3 RC4-SHA      1000 x 102400   95.88s  82.21s
+SSLv3 DES-CBC-SHA  1000 x 102400  173.22s 160.55s
+SSLv3 DES-CBC3-SHA 1000 x 102400  336.61s 323.82s
+
+What does this all mean?  Well for a server, with no session-id reuse, with
+a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
+a pentium pro 200 running linux can handle the SSLv3 protocol overheads of
+about 49 connections a second.  Reality will be quite different :-).
+
+Remeber the first number is 1000 full ssl handshakes, the second is
+1 full and 999 with session-id reuse.  The RSA overheads for each exchange
+would be one public and one private operation, but the protocol/MAC/cipher
+cost would be quite similar in both the client and server.
+
+eric (adding numbers to speculation)
+
+--- Appendix ---
+- The time measured is user time but these number a very rough.
+- Remember this is the cost of both client and server sides of the protocol.
+- The TCP/kernal overhead of connection establishment is normally the
+  killer in SSL.  Often delays in the TCP protocol will make session-id
+  reuse look slower that new sessions, but this would not be the case on
+  a loaded server.
+- The TCP round trip latencies, while slowing indervidual connections,
+  would have minimal impact on throughput.
+- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
+- the required number of bytes are processed.
+- The SSLv3 connections were actually SSLv2 compatable SSLv3 headers.
+- A 512bit server key was being used except where noted.
+- No server key verification was being performed on the client side of the
+  protocol.  This would slow things down very little.
+- The library being used is SSLeay 0.8.x.
+- The normal mesauring system was commands of the form
+  time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
+  This modified version of ssltest should be in the next public release of
+  SSLeay.
+
+The general cipher performace number for this platform are
+
+SSLeay 0.8.2a 04-Sep-1997
+built on Fri Sep  5 17:37:05 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized 
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               131.02k      368.41k      500.57k      549.21k      566.09k
+mdc2              535.60k      589.10k      595.88k      595.97k      594.54k
+md5              1801.53k     9674.77k    17484.03k    21849.43k    23592.96k
+sha              1261.63k     5533.25k     9285.63k    11187.88k    11913.90k
+sha1             1103.13k     4782.53k     7933.78k     9472.34k    10070.70k
+rc4             10722.53k    14443.93k    15215.79k    15299.24k    15219.59k
+des cbc          3286.57k     3827.73k     3913.39k     3931.82k     3926.70k
+des ede3         1443.50k     1549.08k     1561.17k     1566.38k     1564.67k
+idea cbc         2203.64k     2508.16k     2538.33k     2543.62k     2547.71k
+rc2 cbc          1430.94k     1511.59k     1524.82k     1527.13k     1523.33k
+blowfish cbc     4716.07k     5965.82k     6190.17k     6243.67k     6234.11k
+                  sign    verify
+rsa  512 bits   0.0100s   0.0011s
+rsa 1024 bits   0.0451s   0.0012s
+rsa 2048 bits   0.2605s   0.0086s
+rsa 4096 bits   1.6883s   0.0302s
+
diff --git a/times/090/586-100.nt b/times/090/586-100.nt
new file mode 100644
index 0000000000..297ec3e7f0
--- /dev/null
+++ b/times/090/586-100.nt
@@ -0,0 +1,32 @@
+SSLeay 0.9.0 08-Apr-1998
+built on Wed Apr  8 12:47:17 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(
+ptr2)
+C flags:cl /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN
+-DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                 92.25k      256.80k      347.01k      380.40k      390.31k
+mdc2               240.72k      251.10k      252.00k      250.80k      251.40k
+md5               1013.61k     5651.94k    11831.61k    16294.89k    17901.43k
+hmac(md5)          419.50k     2828.07k     7770.11k    13824.34k    17091.70k
+sha1               524.31k     2721.45k     5216.15k     6766.10k     7308.42k
+rmd160             462.09k     2288.59k     4260.77k     5446.44k     5841.65k
+rc4               7895.90k    10326.73k    10555.43k    10728.22k    10429.44k
+des cbc           2036.86k     2208.92k     2237.68k     2237.20k     2181.35k
+des ede3           649.92k      739.42k      749.07k      748.86k      738.27k
+idea cbc           823.19k      885.10k      894.92k      896.45k      891.87k
+rc2 cbc            792.63k      859.00k      867.45k      868.96k      865.30k
+rc5-32/12 cbc     3502.26k     4026.79k     4107.23k     4121.76k     4073.72k
+blowfish cbc      3752.96k     4026.79k     4075.31k     3965.87k     3892.26k
+cast cbc          2566.27k     2807.43k     2821.79k     2792.48k     2719.34k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0179s   0.0020s     56.0    501.7
+rsa 1024 bits   0.0950s   0.0060s     10.5    166.6
+rsa 2048 bits   0.6299s   0.0209s      1.6     47.8
+rsa 4096 bits   4.5870s   0.0787s      0.2     12.7
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0180s   0.0339s     55.6     29.5
+dsa 1024 bits   0.0555s   0.1076s     18.0      9.3
+dsa 2048 bits   0.1971s   0.3918s      5.1      2.6
+
diff --git a/times/100.lnx b/times/100.lnx
new file mode 100644
index 0000000000..d0f45371d6
--- /dev/null
+++ b/times/100.lnx
@@ -0,0 +1,32 @@
+SSLeay 0.8.4c 03-Aug-1999
+built on Tue Nov  4 02:52:29 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                53.27k      155.95k      201.30k      216.41k      236.78k
+mdc2              192.98k      207.98k      206.76k      206.17k      208.87k
+md5               993.15k     5748.27k    11944.70k    16477.53k    18287.27k
+hmac(md5)         404.97k     2787.58k     7690.07k    13744.43k    17601.88k
+sha1              563.24k     2851.67k     5363.71k     6879.23k     7441.07k
+rc4              7876.70k    10400.85k    10825.90k    10943.49k    10745.17k
+des cbc          2047.39k     2188.25k     2188.29k     2239.49k     2233.69k
+des ede3          660.55k      764.01k      773.55k      779.21k      780.97k
+idea cbc          653.93k      708.48k      715.43k      719.87k      720.90k
+rc2 cbc           648.08k      702.23k      708.78k      711.00k      709.97k
+blowfish cbc     3764.39k     4288.66k     4375.04k     4497.07k     4423.68k
+cast cbc         2757.14k     2993.75k     3035.31k     3078.90k     3055.62k
+
+blowfish cbc     3258.81k     3673.47k     3767.30k     3774.12k     3719.17k
+cast cbc         2677.05k     3164.78k     3273.05k     3287.38k     3244.03k
+
+
+                  sign    verify
+rsa  512 bits   0.0213s   0.0020s
+rsa 1024 bits   0.1073s   0.0063s
+rsa 2048 bits   0.6873s   0.0224s
+rsa 4096 bits   4.9333s   0.0845s
+                  sign    verify
+dsa  512 bits   0.0201s   0.0385s
+dsa 1024 bits   0.0604s   0.1190s
+dsa 2048 bits   0.2121s   0.4229s
diff --git a/times/100.nt b/times/100.nt
new file mode 100644
index 0000000000..0dd7cfc478
--- /dev/null
+++ b/times/100.nt
@@ -0,0 +1,29 @@
+SSLeay 0.8.4c 03-Aug-1999
+built on Tue Aug  3 09:49:58 EST 1999
+options:bn(64,32) md2(int) rc4(ptr,int) des(idx,cisc,4,long) idea(int) blowfish(
+ptr2)
+C flags:cl /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN -DBN
+_ASM -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                93.07k      258.38k      349.03k      382.83k      392.87k
+mdc2              245.80k      259.02k      259.34k      259.16k      260.14k
+md5              1103.42k     6017.65k    12210.49k    16552.11k    18291.77k
+hmac(md5)         520.15k     3394.00k     8761.86k    14593.96k    17742.40k
+sha1              538.06k     2726.76k     5242.22k     6821.12k     7426.18k
+rc4              8283.90k    10513.09k    10886.38k    10929.50k    10816.75k
+des cbc          2073.10k     2232.91k     2251.61k     2256.46k     2232.44k
+des ede3          758.85k      782.46k      786.14k      786.08k      781.24k
+idea cbc          831.02k      892.63k      901.07k      903.48k      901.85k
+rc2 cbc           799.89k      866.09k      873.96k      876.22k      874.03k
+blowfish cbc     3835.32k     4418.78k     4511.94k     4494.54k     4416.92k
+cast cbc         2974.68k     3272.71k     3313.04k     3335.17k     3261.51k
+                  sign    verify
+rsa  512 bits   0.0202s   0.0019s
+rsa 1024 bits   0.1029s   0.0062s
+rsa 2048 bits   0.6770s   0.0220s
+rsa 4096 bits   4.8770s   0.0838s
+                  sign    verify
+dsa  512 bits   0.0191s   0.0364s
+dsa 1024 bits   0.0590s   0.1141s
+dsa 2048 bits   0.2088s   0.4171s
diff --git a/times/200.lnx b/times/200.lnx
new file mode 100644
index 0000000000..fd7e7f4e92
--- /dev/null
+++ b/times/200.lnx
@@ -0,0 +1,30 @@
+This machine was slightly loaded :-(
+
+SSLeay 0.8.4c 03-Aug-1999
+built on Tue Nov  4 02:52:29 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               130.86k      365.31k      499.60k      547.75k      561.41k
+mdc2              526.03k      581.38k      587.12k      586.31k      589.60k
+md5              1919.49k    11173.23k    22387.60k    29553.47k    32587.21k
+hmac(md5)         747.09k     5248.35k    14275.44k    24713.26k    31737.13k
+sha1             1336.63k     6400.50k    11668.67k    14648.83k    15700.85k
+rc4             15002.32k    21327.21k    22301.63k    22503.78k    22549.26k
+des cbc          4115.16k     4521.08k     4632.37k     4607.28k     4570.57k
+des ede3         1540.29k     1609.76k     1623.64k     1620.76k     1624.18k
+idea cbc         2405.08k     2664.78k     2704.22k     2713.95k     2716.29k
+rc2 cbc          1634.07k     1764.30k     1780.23k     1790.27k     1788.12k
+blowfish cbc     5993.98k     6927.27k     7083.61k     7088.40k     7123.72k
+cast cbc         5981.52k     6900.44k     7079.70k     7110.40k     7057.72k
+                  sign    verify
+rsa  512 bits   0.0085s   0.0007s
+rsa 1024 bits   0.0377s   0.0020s
+rsa 2048 bits   0.2176s   0.0067s
+rsa 4096 bits   1.4800s   0.0242s
+sign    verify
+dsa  512 bits   0.0071s   0.0132s
+dsa 1024 bits   0.0192s   0.0376s
+dsa 2048 bits   0.0638s   0.1280s
+
diff --git a/times/5.lnx b/times/5.lnx
new file mode 100644
index 0000000000..1c1e392a29
--- /dev/null
+++ b/times/5.lnx
@@ -0,0 +1,29 @@
+SSLeay 0.8.5g 24-Jan-1998
+built on Tue Jan 27 08:11:42 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                 56.55k      156.69k      211.63k      231.77k      238.71k
+mdc2               192.26k      208.09k      210.09k      209.58k      210.26k
+md5                991.04k     5745.51k    11932.67k    16465.24k    18306.39k
+hmac(md5)          333.99k     2383.89k     6890.67k    13133.82k    17397.08k
+sha1               571.68k     2883.88k     5379.07k     6880.26k     7443.80k
+rmd160             409.41k     2212.91k     4225.45k     5456.55k     5928.28k
+rc4               6847.57k     8596.22k     8901.80k     8912.90k     8850.09k
+des cbc           2046.29k     2229.78k     2254.76k     2259.97k     2233.69k
+des ede3           751.11k      779.95k      783.96k      784.38k      780.97k
+idea cbc           653.40k      708.29k      718.42k      720.21k      720.90k
+rc2 cbc            647.19k      702.46k      709.21k      710.66k      709.97k
+rc5-32/12 cbc     3498.18k     4054.12k     4133.46k     4151.64k     4139.69k
+blowfish cbc      3763.95k     4437.74k     4532.74k     4515.50k     4448.26k
+cast cbc          2754.22k     3020.67k     3079.08k     3069.95k     3036.50k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0207s   0.0020s     48.3    511.3
+rsa 1024 bits   0.1018s   0.0059s      9.8    169.6
+rsa 2048 bits   0.6438s   0.0208s      1.6     48.0
+rsa 4096 bits   4.6033s   0.0793s      0.2     12.6
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0190s   0.0359s     52.6     27.8
+dsa 1024 bits   0.0566s   0.1109s     17.7      9.0
+dsa 2048 bits   0.1988s   0.3915s      5.0      2.6
diff --git a/times/586-085i.nt b/times/586-085i.nt
new file mode 100644
index 0000000000..8a5797526f
--- /dev/null
+++ b/times/586-085i.nt
@@ -0,0 +1,29 @@
+SSLeay 0.8.5i 28-Jan-1998
+built on Wed Jan 28 18:00:07 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
+C flags:cl /MT /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                 92.74k      257.59k      348.16k      381.79k      392.14k
+mdc2               227.65k      247.82k      249.90k      250.65k      250.20k
+md5               1089.54k     5966.29k    12104.77k    16493.53k    18204.44k
+hmac(md5)          513.53k     3361.36k     8725.41k    14543.36k    17593.56k
+sha1               580.74k     2880.51k     5376.62k     6865.78k     7413.05k
+rmd160             508.06k     2427.96k     4385.51k     5510.84k     5915.80k
+rc4               8004.40k    10408.74k    10794.48k    10884.12k    10728.22k
+des cbc           2057.24k     2222.97k     2246.79k     2209.39k     2223.44k
+des ede3           739.42k      761.99k      765.48k      760.26k      760.97k
+idea cbc           827.08k      889.60k      898.83k      901.15k      897.98k
+rc2 cbc            795.64k      861.04k      871.13k      872.58k      871.13k
+rc5-32/12 cbc     3597.17k     4139.66k     4204.39k     4223.02k     4204.39k
+blowfish cbc      3807.47k     3996.10k     4156.07k     4204.39k     4105.62k
+cast cbc          2777.68k     2814.21k     2892.62k     2916.76k     2868.88k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0178s   0.0018s     56.3    541.6
+rsa 1024 bits   0.0945s   0.0059s     10.6    168.3
+rsa 2048 bits   0.6269s   0.0208s      1.6     48.0
+rsa 4096 bits   4.5560s   0.0784s      0.2     12.8
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0178s   0.0340s     56.2     29.4
+dsa 1024 bits   0.0552s   0.1077s     18.1      9.3
+dsa 2048 bits   0.1963s   0.3811s      5.1      2.6
diff --git a/times/586-100.LN3 b/times/586-100.LN3
new file mode 100644
index 0000000000..a6fa818f4b
--- /dev/null
+++ b/times/586-100.LN3
@@ -0,0 +1,26 @@
+SSLeay 0.8.3v 15-Oct-1997
+built on Wed Oct 15 10:05:00 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIO -DX86_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                56.27k      156.76k      211.46k      231.77k      238.71k
+mdc2              188.74k      206.12k      207.70k      207.87k      208.18k
+md5               991.56k     5718.31k    11748.61k    16090.79k    17850.37k
+hmac(md5)         387.56k     2636.01k     7327.83k    13340.33k    17091.24k
+sha1              463.55k     2274.18k     4071.17k     5072.90k     5447.68k
+rc4              3673.94k     4314.52k     4402.26k     4427.09k     4407.30k
+des cbc          2023.79k     2209.77k     2233.34k     2220.71k     2222.76k
+des ede3          747.17k      778.54k      781.57k      778.24k      778.24k
+idea cbc          614.64k      678.04k      683.52k      685.06k      685.40k
+rc2 cbc           536.83k      574.10k      578.05k      579.24k      578.90k
+blowfish cbc     3673.39k     4354.58k     4450.22k     4429.48k     4377.26k
+                  sign    verify
+rsa  512 bits   0.0217s   0.0021s
+rsa 1024 bits   0.1083s   0.0064s
+rsa 2048 bits   0.6867s   0.0223s
+rsa 4096 bits   4.9400s   0.0846s
+                  sign    verify
+dsa  512 bits   0.0203s   0.0387s
+dsa 1024 bits   0.0599s   0.1170s
+dsa 2048 bits   0.2115s   0.4242s
diff --git a/times/586-100.NT2 b/times/586-100.NT2
new file mode 100644
index 0000000000..7f8c167b46
--- /dev/null
+++ b/times/586-100.NT2
@@ -0,0 +1,26 @@
+SSLeay 0.8.3e 30-Sep-1997
+built on Tue Sep 30 14:52:58 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
+C flags:cl /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN -DX86_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                92.99k      257.59k      348.16k      381.47k      392.14k
+mdc2              223.77k      235.30k      237.15k      236.77k      237.29k
+md5               862.53k     4222.17k     7842.75k     9925.00k    10392.23k
+sha               491.34k     2338.61k     4062.28k     4986.10k     5307.90k
+sha1              494.38k     2234.94k     3838.83k     4679.58k     4980.18k
+rc4              6338.10k     7489.83k     7676.25k     7698.80k     7631.56k
+des cbc          1654.17k     1917.66k     1961.05k     1968.05k     1960.69k
+des ede3          691.17k      739.42k      744.13k      745.82k      741.40k
+idea cbc          788.46k      870.33k      879.16k      881.38k      879.90k
+rc2 cbc           794.44k      859.63k      868.24k      869.68k      867.45k
+blowfish cbc     2379.88k     3017.48k     3116.12k     3134.76k     3070.50k
+                  sign    verify
+rsa  512 bits   0.0204s   0.0027s
+rsa 1024 bits   0.1074s   0.0032s
+rsa 2048 bits   0.6890s   0.0246s
+rsa 4096 bits   5.0180s   0.0911s
+                  sign    verify
+dsa  512 bits   0.0201s   0.0376s
+dsa 1024 bits   0.0608s   0.1193s
+dsa 2048 bits   0.2133s   0.4294s
diff --git a/times/586-100.ln4 b/times/586-100.ln4
new file mode 100644
index 0000000000..14a9db912b
--- /dev/null
+++ b/times/586-100.ln4
@@ -0,0 +1,26 @@
+SSLeay 0.8.3aa 24-Oct-1997
+built on Mon Oct 27 10:16:25 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                56.78k      156.71k      211.46k      231.77k      238.71k
+mdc2              187.45k      200.49k      201.64k      202.75k      202.77k
+md5              1002.51k     5798.66k    11967.15k    16449.19k    18251.78k
+hmac(md5)         468.71k     3173.46k     8386.99k    14305.56k    17607.34k
+sha1              586.98k     2934.87k     5393.58k     6863.19k     7408.30k
+rc4              3675.10k     4314.15k     4402.77k     4427.78k     4404.57k
+des cbc          1902.96k     2202.01k     2242.30k     2252.46k     2236.42k
+des ede3          700.15k      774.23k      783.70k      781.62k      783.70k
+idea cbc          618.46k      677.93k      683.61k      685.40k      685.40k
+rc2 cbc           536.97k      573.87k      577.96k      579.24k      578.90k
+blowfish cbc     3672.66k     4271.89k     4428.80k     4469.76k     4374.53k
+                  sign    verify
+rsa  512 bits   0.0213s   0.0021s
+rsa 1024 bits   0.1075s   0.0063s
+rsa 2048 bits   0.6853s   0.0224s
+rsa 4096 bits   4.9400s   0.0845s
+                  sign    verify
+dsa  512 bits   0.0203s   0.0380s
+dsa 1024 bits   0.0600s   0.1189s
+dsa 2048 bits   0.2110s   0.4250s
diff --git a/times/586-100.ntx b/times/586-100.ntx
new file mode 100644
index 0000000000..35166a5e97
--- /dev/null
+++ b/times/586-100.ntx
@@ -0,0 +1,30 @@
+SSLeay 0.8.5f 22-Jan-1998
+built on Wed Jan 21 17:11:53 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(
+ptr2)
+C flags:cl /MT /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN
+-DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                92.99k      257.43k      347.84k      381.82k      392.14k
+mdc2              232.19k      253.68k      257.57k      258.70k      258.70k
+md5              1094.09k     5974.79k    12139.81k    16487.04k    18291.77k
+hmac(md5)         375.70k     2590.04k     7309.70k    13469.18k    17447.19k
+sha1              613.78k     2982.93k     5446.44k     6889.46k     7424.86k
+rmd160            501.23k     2405.68k     4367.25k     5503.61k     5915.80k
+rc4              8167.75k    10429.44k    10839.12k    10929.50k    10772.30k
+des cbc          2057.24k     2218.27k     2237.20k     2227.69k     2213.59k
+des ede3          719.63k      727.11k      728.77k      719.56k      722.97k
+idea cbc          827.67k      888.85k      898.06k      900.30k      898.75k
+rc2 cbc           797.46k      862.53k      870.33k      872.58k      870.40k
+blowfish cbc     3835.32k     4435.60k     4513.89k     4513.89k     4416.92k
+cast cbc         2785.06k     3052.62k     3088.59k     3034.95k     3034.95k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0202s   0.0020s     49.4    500.2
+rsa 1024 bits   0.1030s   0.0063s      9.7    159.4
+rsa 2048 bits   0.6740s   0.0223s      1.5     44.9
+rsa 4096 bits   4.8970s   0.0844s      0.2     11.8
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0191s   0.0361s     52.4     27.7
+dsa 1024 bits   0.0587s   0.1167s     17.0      8.6
+dsa 2048 bits   0.2091s   0.4123s      4.8      2.4
diff --git a/times/586-1002.lnx b/times/586-1002.lnx
new file mode 100644
index 0000000000..d830bcea42
--- /dev/null
+++ b/times/586-1002.lnx
@@ -0,0 +1,26 @@
+SSLeay 0.8.3e 30-Sep-1997
+built on Wed Oct  1 03:01:44 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIO -DX86_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                56.21k      156.57k      211.29k      231.77k      237.92k
+mdc2              170.99k      191.70k      193.90k      195.58k      195.95k
+md5               770.50k     3961.96k     7291.22k     9250.82k     9942.36k
+sha               344.93k     1520.77k     2569.81k     3108.52k     3295.91k
+sha1              326.20k     1423.74k     2385.15k     2870.95k     3041.96k
+rc4              3672.88k     4309.65k     4374.41k     4408.66k     4355.41k
+des cbc          1349.73k     1689.05k     1735.34k     1748.99k     1739.43k
+des ede3          638.70k      704.00k      711.85k      714.41k      712.70k
+idea cbc          619.55k      677.33k      683.26k      685.06k      685.40k
+rc2 cbc           521.18k      571.20k      573.46k      578.90k      578.90k
+blowfish cbc     2079.67k     2592.49k     2702.34k     2730.33k     2695.17k
+                  sign    verify
+rsa  512 bits   0.0213s   0.0026s
+rsa 1024 bits   0.1099s   0.0031s
+rsa 2048 bits   0.7007s   0.0248s
+rsa 4096 bits   5.0500s   0.0921s
+                  sign    verify
+dsa  512 bits   0.0203s   0.0389s
+dsa 1024 bits   0.0614s   0.1222s
+dsa 2048 bits   0.2149s   0.4283s
diff --git a/times/686-200.lnx b/times/686-200.lnx
new file mode 100644
index 0000000000..a10cc2fd01
--- /dev/null
+++ b/times/686-200.lnx
@@ -0,0 +1,26 @@
+SSLeay 0.8.2a 04-Sep-1997
+built on Fri Sep  5 17:37:05 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               131.02k      368.41k      500.57k      549.21k      566.09k
+mdc2              535.60k      589.10k      595.88k      595.97k      594.54k
+md5              1801.53k     9674.77k    17484.03k    21849.43k    23592.96k
+sha              1261.63k     5533.25k     9285.63k    11187.88k    11913.90k
+sha1             1103.13k     4782.53k     7933.78k     9472.34k    10070.70k
+rc4             10722.53k    14443.93k    15215.79k    15299.24k    15219.59k
+des cbc          3286.57k     3827.73k     3913.39k     3931.82k     3926.70k
+des ede3         1443.50k     1549.08k     1561.17k     1566.38k     1564.67k
+idea cbc         2203.64k     2508.16k     2538.33k     2543.62k     2547.71k
+rc2 cbc          1430.94k     1511.59k     1524.82k     1527.13k     1523.33k
+blowfish cbc     4716.07k     5965.82k     6190.17k     6243.67k     6234.11k
+                  sign    verify
+rsa  512 bits   0.0100s   0.0011s
+rsa 1024 bits   0.0451s   0.0012s
+rsa 2048 bits   0.2605s   0.0086s
+rsa 4096 bits   1.6883s   0.0302s
+                  sign    verify
+dsa  512 bits   0.0083s   0.0156s
+dsa 1024 bits   0.0228s   0.0454s
+dsa 2048 bits   0.0719s   0.1446s
+
diff --git a/times/L1 b/times/L1
new file mode 100644
index 0000000000..09253d7279
--- /dev/null
+++ b/times/L1
@@ -0,0 +1,27 @@
+SSLeay 0.8.3ad 27-Oct-1997
+built on Wed Oct 29 00:36:17 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                56.16k      156.50k      211.46k      231.77k      238.71k
+mdc2              183.37k      205.21k      205.57k      209.92k      207.53k
+md5              1003.65k     5605.56k    11628.54k    15887.70k    17522.69k
+hmac(md5)         411.24k     2803.46k     7616.94k    13475.84k    16864.60k
+sha1              542.66k     2843.50k     5320.53k     6833.49k     7389.18k
+rc4              3677.15k     4313.73k     4407.89k     4429.82k     4404.57k
+des cbc          1787.94k     2174.51k     2236.76k     2249.73k     2230.95k
+des ede3          719.46k      777.26k      784.81k      780.29k      783.70k
+idea cbc          619.56k      677.89k      684.12k      685.40k      685.40k
+rc2 cbc           537.51k      573.93k      578.47k      579.24k      578.90k
+blowfish cbc     3226.76k     4221.65k     4424.19k     4468.39k     4377.26k
+cast cbc         2866.13k     3165.35k     3263.15k     3287.04k     3233.11k
+                  sign    verify
+rsa  512 bits   0.0212s   0.0021s
+rsa 1024 bits   0.1072s   0.0064s
+rsa 2048 bits   0.6853s   0.0222s
+rsa 4096 bits   4.9300s   0.0848s
+                  sign    verify
+dsa  512 bits   0.0200s   0.0380s
+dsa 1024 bits   0.0600s   0.1180s
+dsa 2048 bits   0.2110s   0.4221s
diff --git a/times/pent2.t b/times/pent2.t
new file mode 100644
index 0000000000..b6dc269155
--- /dev/null
+++ b/times/pent2.t
@@ -0,0 +1,24 @@
+pentium 2, 266mhz, Visual C++ 5.0, Windows 95
+
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               235.90k      652.30k      893.36k      985.74k      985.74k
+mdc2              779.61k      816.81k      825.65k      816.01k      825.65k
+md5              2788.77k    13508.23k    24672.38k    30504.03k    33156.55k
+sha              1938.22k     8397.01k    14122.24k    16980.99k    18196.55k
+sha1             1817.29k     7832.50k    13168.93k    15738.48k    16810.84k
+rc4             15887.52k    21709.65k    22745.68k    22995.09k    22995.09k
+des cbc          4599.02k     5377.31k     5377.31k     5533.38k     5533.38k
+des ede3         1899.59k     2086.71k     2086.67k     2086.51k     2085.90k
+idea cbc         3350.08k     3934.62k     3979.42k     4017.53k     4017.53k
+rc2 cbc          1534.13k     1630.76k     1625.70k     1644.83k     1653.91k
+blowfish cbc     6678.83k     8490.49k     8701.88k     8848.74k     8886.24k
+                  sign    verify
+rsa  512 bits   0.0062s   0.0008s
+rsa 1024 bits   0.0287s   0.0009s
+rsa 2048 bits   0.1785s   0.0059s
+rsa 4096 bits   1.1300s   0.0205s
+                  sign    verify
+dsa  512 bits   0.0055s   0.0100s
+dsa 1024 bits   0.0154s   0.0299s
+dsa 2048 bits   0.0502s   0.0996s
diff --git a/times/sparc2 b/times/sparc2
new file mode 100644
index 0000000000..4b0dd805ef
--- /dev/null
+++ b/times/sparc2
@@ -0,0 +1,21 @@
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                14.56k       40.25k       54.95k       60.13k       62.18k
+mdc2               53.59k       57.45k       58.11k       58.21k       58.51k
+md5               176.95k      764.75k     1270.36k     1520.14k     1608.36k
+hmac(md5)          55.88k      369.70k      881.15k     1337.05k     1567.40k
+sha1               92.69k      419.75k      723.63k      878.82k      939.35k
+rc4              1247.28k     1414.09k     1434.30k     1434.34k     1441.13k
+des cbc           284.41k      318.58k      323.07k      324.09k      323.87k
+des ede3          109.99k      119.99k      121.60k      121.87k      121.66k
+idea cbc           43.06k       43.68k       43.84k       43.64k       44.07k
+rc2 cbc           278.85k      311.44k      316.50k      316.57k      317.37k
+blowfish cbc      468.89k      569.35k      581.61k      568.34k      559.54k
+cast cbc          285.84k      338.79k      345.71k      346.19k      341.09k
+                  sign    verify
+rsa  512 bits   0.4175s   0.0519s
+rsa 1024 bits   2.9325s   0.1948s
+rsa 2048 bits  22.3600s   0.7669s
+		  sign    verify
+dsa  512 bits   0.5178s   1.0300s
+dsa 1024 bits   1.8780s   3.7167s
+dsa 2048 bits   7.3500s  14.4800s
diff --git a/times/x86/bfs.cpp b/times/x86/bfs.cpp
new file mode 100644
index 0000000000..272ed2f978
--- /dev/null
+++ b/times/x86/bfs.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "blowfish.h"
+
+void main(int argc,char *argv[])
+	{
+	BF_KEY key;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			BF_encrypt(&data[0],&key);
+			GetTSC(s1);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			GetTSC(e1);
+			GetTSC(s2);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			GetTSC(e2);
+			BF_encrypt(&data[0],&key);
+			}
+
+		printf("blowfish %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/times/x86/casts.cpp b/times/x86/casts.cpp
new file mode 100644
index 0000000000..7f524da57b
--- /dev/null
+++ b/times/x86/casts.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cast.h"
+
+void main(int argc,char *argv[])
+	{
+	CAST_KEY key;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			CAST_encrypt(&data[0],&key);
+			GetTSC(s1);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			GetTSC(e1);
+			GetTSC(s2);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			GetTSC(e2);
+			CAST_encrypt(&data[0],&key);
+			}
+
+		printf("cast %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/times/x86/des3s.cpp b/times/x86/des3s.cpp
new file mode 100644
index 0000000000..9aff6494d9
--- /dev/null
+++ b/times/x86/des3s.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "des.h"
+
+void main(int argc,char *argv[])
+	{
+	des_key_schedule key1,key2,key3;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			des_encrypt3(&data[0],key1,key2,key3);
+			GetTSC(s1);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			GetTSC(e1);
+			GetTSC(s2);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			GetTSC(e2);
+			des_encrypt3(&data[0],key1,key2,key3);
+			}
+
+		printf("des %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/times/x86/dess.cpp b/times/x86/dess.cpp
new file mode 100644
index 0000000000..7fb5987314
--- /dev/null
+++ b/times/x86/dess.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "des.h"
+
+void main(int argc,char *argv[])
+	{
+	des_key_schedule key;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			des_encrypt(&data[0],key,1);
+			GetTSC(s1);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			GetTSC(e1);
+			GetTSC(s2);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			GetTSC(e2);
+			des_encrypt(&data[0],key,1);
+			}
+
+		printf("des %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/times/x86/md5s.cpp b/times/x86/md5s.cpp
new file mode 100644
index 0000000000..ef8e175df0
--- /dev/null
+++ b/times/x86/md5s.cpp
@@ -0,0 +1,78 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "md5.h"
+
+extern "C" {
+void md5_block_x86(MD5_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[64*256];
+	MD5_CTX ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=0,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=16;
+	if (num > 250) num=16;
+	numm=num+2;
+	num*=64;
+	numm*=64;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			md5_block_x86(&ctx,buffer,numm);
+			GetTSC(s1);
+			md5_block_x86(&ctx,buffer,numm);
+			GetTSC(e1);
+			GetTSC(s2);
+			md5_block_x86(&ctx,buffer,num);
+			GetTSC(e2);
+			md5_block_x86(&ctx,buffer,num);
+			}
+		printf("md5 (%d bytes) %d %d (%.2f)\n",num,
+			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+		}
+	}
+
diff --git a/times/x86/rc4s.cpp b/times/x86/rc4s.cpp
new file mode 100644
index 0000000000..39f1727dd3
--- /dev/null
+++ b/times/x86/rc4s.cpp
@@ -0,0 +1,73 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "rc4.h"
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[1024];
+	RC4_KEY ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=64,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=256;
+	if (num > 1024-16) num=1024-16;
+	numm=num+8;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			RC4(&ctx,numm,buffer,buffer);
+			GetTSC(s1);
+			RC4(&ctx,numm,buffer,buffer);
+			GetTSC(e1);
+			GetTSC(s2);
+			RC4(&ctx,num,buffer,buffer);
+			GetTSC(e2);
+			RC4(&ctx,num,buffer,buffer);
+			}
+
+		printf("RC4 (%d bytes) %d %d (%d) - 8 bytes\n",num,
+			e1-s1,e2-s2,(e1-s1)-(e2-s2));
+		}
+	}
+
diff --git a/times/x86/sha1s.cpp b/times/x86/sha1s.cpp
new file mode 100644
index 0000000000..0163377de6
--- /dev/null
+++ b/times/x86/sha1s.cpp
@@ -0,0 +1,79 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "sha.h"
+
+extern "C" {
+void sha1_block_x86(SHA_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[64*256];
+	SHA_CTX ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=0,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=16;
+	if (num > 250) num=16;
+	numm=num+2;
+	num*=64;
+	numm*=64;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			sha1_block_x86(&ctx,buffer,numm);
+			GetTSC(s1);
+			sha1_block_x86(&ctx,buffer,numm);
+			GetTSC(e1);
+			GetTSC(s2);
+			sha1_block_x86(&ctx,buffer,num);
+			GetTSC(e2);
+			sha1_block_x86(&ctx,buffer,num);
+			}
+
+		printf("sha1 (%d bytes) %d %d (%.2f)\n",num,
+			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+		}
+	}
+
diff --git a/tools/c_rehash b/tools/c_rehash
index 007600152c..cd4e26a49b 100644
--- a/tools/c_rehash
+++ b/tools/c_rehash
@@ -4,12 +4,12 @@
 # on the command line.
 #
 
-if [ "$SSLEAY"x = "x" ]; then
+if [ "$SSLEAY"x = "x" -o ! -x $SSLEAY ]; then
 	SSLEAY='ssleay'
 	export SSLEAY
 fi
 DIR=/usr/local/ssl
-#PATH=$DIR/bin:$PATH
+PATH=$DIR/bin:$PATH
 
 SSL_DIR=$DIR/certs
 
diff --git a/util/add_cr.pl b/util/add_cr.pl
index 04d002677c..c7b62c11ec 100755
--- a/util/add_cr.pl
+++ b/util/add_cr.pl
@@ -63,7 +63,7 @@ sub dofile
 sub Copyright
 	{
 	return <<'EOF';
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
diff --git a/util/bat.sh b/util/bat.sh
new file mode 100755
index 0000000000..c6f48e8a7b
--- /dev/null
+++ b/util/bat.sh
@@ -0,0 +1,132 @@
+#!/usr/local/bin/perl
+
+$infile="/home/eay/ssl/SSLeay/MINFO";
+
+open(IN,"<$infile") || die "unable to open $infile:$!\n";
+$_=<IN>;
+for (;;)
+	{
+	chop;
+
+	($key,$val)=/^([^=]+)=(.*)/;
+	if ($key eq "RELATIVE_DIRECTORY")
+		{
+		if ($lib ne "")
+			{
+			$uc=$lib;
+			$uc =~ s/^lib(.*)\.a/$1/;
+			$uc =~ tr/a-z/A-Z/;
+			$lib_nam{$uc}=$uc;
+			$lib_obj{$uc}.=$libobj." ";
+			}
+		last if ($val eq "FINISHED");
+		$lib="";
+		$libobj="";
+		$dir=$val;
+		}
+
+	if ($key eq "TEST")
+		{ $test.=&var_add($dir,$val); }
+
+	if (($key eq "PROGS") || ($key eq "E_OBJ"))
+		{ $e_exe.=&var_add($dir,$val); }
+
+	if ($key eq "LIB")
+		{
+		$lib=$val;
+		$lib =~ s/^.*\/([^\/]+)$/$1/;
+		}
+
+	if ($key eq "EXHEADER")
+		{ $exheader.=&var_add($dir,$val); }
+
+	if ($key eq "HEADER")
+		{ $header.=&var_add($dir,$val); }
+
+	if ($key eq "LIBSRC")
+		{ $libsrc.=&var_add($dir,$val); }
+
+	if (!($_=<IN>))
+		{ $_="RELATIVE_DIRECTORY=FINISHED\n"; }
+	}
+close(IN);
+
+@a=split(/\s+/,$libsrc);
+foreach (@a)
+	{
+	print "${_}.c\n";
+	}
+
+sub var_add
+	{
+	local($dir,$val)=@_;
+	local(@a,$_,$ret);
+
+	return("") if $no_idea && $dir =~ /\/idea/;
+	return("") if $no_rc2  && $dir =~ /\/rc2/;
+	return("") if $no_rc4  && $dir =~ /\/rc4/;
+	return("") if $no_rsa  && $dir =~ /\/rsa/;
+	return("") if $no_rsa  && $dir =~ /^rsaref/;
+	return("") if $no_dsa  && $dir =~ /\/dsa/;
+	return("") if $no_dh   && $dir =~ /\/dh/;
+	if ($no_des && $dir =~ /\/des/)
+		{
+		if ($val =~ /read_pwd/)
+			{ return("$dir/read_pwd "); }
+		else
+			{ return(""); }
+		}
+	return("") if $no_mdc2 && $dir =~ /\/mdc2/;
+	return("") if $no_sock && $dir =~ /\/proxy/;
+	return("") if $no_bf   && $dir =~ /\/bf/;
+	return("") if $no_cast && $dir =~ /\/cast/;
+
+	$val =~ s/^\s*(.*)\s*$/$1/;
+	@a=split(/\s+/,$val);
+	grep(s/\.[och]$//,@a);
+
+	@a=grep(!/^e_.*_3d$/,@a) if $no_des;
+	@a=grep(!/^e_.*_d$/,@a) if $no_des;
+	@a=grep(!/^e_.*_i$/,@a) if $no_idea;
+	@a=grep(!/^e_.*_r2$/,@a) if $no_rc2;
+	@a=grep(!/^e_.*_bf$/,@a) if $no_bf;
+	@a=grep(!/^e_.*_c$/,@a) if $no_cast;
+	@a=grep(!/^e_rc4$/,@a) if $no_rc4;
+
+	@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
+	@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
+
+	@a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock;
+
+	@a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2;
+	@a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5;
+
+	@a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa;
+	@a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa;
+	@a=grep(!/(^pem_seal$)/,@a) if $no_rsa;
+
+	@a=grep(!/(m_dss$)|(m_dss1$)/,@a) if $no_dsa;
+	@a=grep(!/(^d2i_s_)|(^i2d_s_)|(_dsap$)/,@a) if $no_dsa;
+
+	@a=grep(!/^n_pkey$/,@a) if $no_rsa || $no_rc4;
+
+	@a=grep(!/_dhp$/,@a) if $no_dh;
+
+	@a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha;
+	@a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+	@a=grep(!/_mdc2$/,@a) if $no_mdc2;
+
+	@a=grep(!/(^rsa$)|(^genrsa$)|(^req$)|(^ca$)/,@a) if $no_rsa;
+	@a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
+	@a=grep(!/^gendsa$/,@a) if $no_sha1;
+	@a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh;
+
+	@a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+
+	grep($_="$dir/$_",@a);
+	@a=grep(!/(^|\/)s_/,@a) if $no_sock;
+	@a=grep(!/(^|\/)bio_sock/,@a) if $no_sock;
+	$ret=join(' ',@a)." ";
+	return($ret);
+	}
+
diff --git a/util/do_ms.sh b/util/do_ms.sh
index 03e349df6c..f498d842b7 100755
--- a/util/do_ms.sh
+++ b/util/do_ms.sh
@@ -7,7 +7,7 @@ PATH=util:../util:$PATH
 
 # perl util/mk1mf.pl VC-MSDOS no-sock >ms/msdos.mak
 # perl util/mk1mf.pl VC-W31-32 >ms/w31.mak
-perl util/mk1mf.pl VC-W31-32 dll >ms/w31dll.mak
+perl util/mk1mf.pl VC-WIN16 dll >ms/w31dll.mak
 # perl util/mk1mf.pl VC-WIN32 >ms/nt.mak
 perl util/mk1mf.pl VC-WIN32 dll >ms/ntdll.mak
 
diff --git a/util/fixNT.sh b/util/fixNT.sh
index a4eee1b7f3..ce4f19299b 100755
--- a/util/fixNT.sh
+++ b/util/fixNT.sh
@@ -10,5 +10,5 @@ chmod +x Configure util/*
 echo cleaning
 /bin/rm -f `find . -name '*.$$$' -print` 2>/dev/null >/dev/null
 echo 'removing those damn ^M'
-perl -pi -e 's/\015//' * */* */*/* 2>/dev/null >/dev/null
+perl -pi -e 's/\015//' `find . -type 'f' -print |grep -v '.obj$' |grep -v '.der$' |grep -v '.gz'`
 make -f Makefile.ssl links
diff --git a/util/libeay.num b/util/libeay.num
index 04ad69c6a1..fcaf254287 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -46,11 +46,9 @@ BF_options				45
 BF_set_key				46
 BIO_CONNECT_free			47
 BIO_CONNECT_new				48
-BIO_PROXY_free				49
-BIO_PROXY_new				50
 BIO_accept				51
 BIO_ctrl				52
-BIO_ctrl_int				53
+BIO_int_ctrl				53
 BIO_debug_callback			54
 BIO_dump				55
 BIO_dup_chain				56
@@ -65,7 +63,6 @@ BIO_fd_should_retry			64
 BIO_find_type				65
 BIO_free				66
 BIO_free_all				67
-BIO_get_accept				68
 BIO_get_accept_socket			69
 BIO_get_filter_bio			70
 BIO_get_host_ip				71
@@ -74,7 +71,6 @@ BIO_get_retry_BIO			73
 BIO_get_retry_reason			74
 BIO_gethostbyname			75
 BIO_gets				76
-BIO_nbio_sock_error			77
 BIO_new					78
 BIO_new_accept				79
 BIO_new_connect				80
@@ -91,12 +87,10 @@ BIO_s_accept				90
 BIO_s_connect				91
 BIO_s_fd				92
 BIO_s_file				93
-BIO_s_file_internal_w16			94
 BIO_s_mem				95
 BIO_s_null				96
 BIO_s_proxy_client			97
 BIO_s_socket				98
-BIO_s_socket				99
 BIO_set					100
 BIO_set_cipher				101
 BIO_set_tcp_ndelay			102
@@ -114,9 +108,9 @@ BN_MONT_CTX_new				113
 BN_MONT_CTX_set				114
 BN_add					115
 BN_add_word				116
-BN_ascii2bn				117
+BN_hex2bn				117
 BN_bin2bn				118
-BN_bn2ascii				119
+BN_bn2hex				119
 BN_bn2bin				120
 BN_clear				121
 BN_clear_bit				122
@@ -354,7 +348,7 @@ OBJ_add_object				353
 OBJ_bsearch				354
 OBJ_cleanup				355
 OBJ_cmp					356
-OBJ_create_and_add_object		357
+OBJ_create				357
 OBJ_dup					358
 OBJ_ln2nid				359
 OBJ_new_nid				360
@@ -703,8 +697,8 @@ asn1_Finish				702
 asn1_GetSequence			703
 bn_div64				704
 bn_expand2				705
-bn_mul_add_word				706
-bn_mul_word				707
+bn_mul_add_words			706
+bn_mul_words				707
 bn_qadd					708
 bn_qsub					709
 bn_sqr_words				710
@@ -773,7 +767,6 @@ d2i_X509_SIG				772
 d2i_X509_VAL				773
 d2i_X509_bio				774
 d2i_X509_fp				775
-des_3cbc_encrypt			776
 des_cbc_cksum				777
 des_cbc_encrypt				778
 des_cblock_print_file			779
@@ -919,11 +912,6 @@ PKCS7_content_free			918
 ERR_load_PKCS7_strings			919
 X509_find_by_issuer_and_serial		920
 X509_find_by_subject			921
-d2i_PKCS7_fp				922
-i2d_PKCS7_fp				923
-PKCS7_dup				924
-d2i_PKCS7_bio				925
-i2d_PKCS7_bio				926
 PKCS7_ctrl				927
 PKCS7_set_type				928
 PKCS7_set_content			929
@@ -945,11 +933,133 @@ PEM_write_bio_RSAPublicKey		944
 d2i_RSAPublicKey_bio			945
 i2d_RSAPublicKey_bio			946
 PEM_read_RSAPublicKey			947
-PEM_read_bio_RSAPublicKey		948
 PEM_write_RSAPublicKey			949
-PEM_write_bio_RSAPublicKey		950
-d2i_RSAPublicKey_bio			951
 d2i_RSAPublicKey_fp			952
-i2d_RSAPublicKey_bio			953
 i2d_RSAPublicKey_fp			954
 BIO_copy_next_retry			955
+RSA_flags				956
+X509_STORE_add_crl			957
+X509_load_crl_file			958
+EVP_rc2_40_cbc				959
+EVP_rc4_40				960
+EVP_CIPHER_CTX_init			961
+HMAC					962
+HMAC_Init				963
+HMAC_Update				964
+HMAC_Final				965
+ERR_get_next_error_library		966
+EVP_PKEY_cmp_parameters			967
+HMAC_cleanup				968
+BIO_ptr_ctrl				969
+BIO_new_file_internal			970
+BIO_new_fp_internal			971
+BIO_s_file_internal			972
+BN_BLINDING_convert			973
+BN_BLINDING_invert			974
+BN_BLINDING_update			975
+RSA_blinding_on				977
+RSA_blinding_off			978
+i2t_ASN1_OBJECT				979
+BN_BLINDING_new				980
+BN_BLINDING_free			981
+EVP_cast5_cbc				983
+EVP_cast5_cfb				984
+EVP_cast5_ecb				985
+EVP_cast5_ofb				986
+BF_decrypt				987
+CAST_set_key				988
+CAST_encrypt				989
+CAST_decrypt				990
+CAST_ecb_encrypt			991
+CAST_cbc_encrypt			992
+CAST_cfb64_encrypt			993
+CAST_ofb64_encrypt			994
+RC2_decrypt				995
+OBJ_create_objects			997
+BN_exp					998
+BN_mul_word				999
+BN_sub_word				1000
+BN_dec2bn				1001
+BN_bn2dec				1002
+BIO_ghbn_ctrl				1003
+CRYPTO_free_ex_data			1004
+CRYPTO_get_ex_data			1005
+CRYPTO_set_ex_data			1007
+ERR_load_CRYPTO_strings			1009
+ERR_load_CRYPTOlib_strings		1009
+EVP_PKEY_bits				1010
+MD5_Transform				1011
+SHA1_Transform				1012
+SHA_Transform				1013
+X509_STORE_CTX_get_chain		1014
+X509_STORE_CTX_get_current_cert		1015
+X509_STORE_CTX_get_error		1016
+X509_STORE_CTX_get_error_depth		1017
+X509_STORE_CTX_get_ex_data		1018
+X509_STORE_CTX_set_cert			1020
+X509_STORE_CTX_set_chain		1021
+X509_STORE_CTX_set_error		1022
+X509_STORE_CTX_set_ex_data		1023
+CRYPTO_dup_ex_data			1025
+CRYPTO_get_new_lockid			1026
+CRYPTO_new_ex_data			1027
+RSA_set_ex_data				1028
+RSA_get_ex_data				1029
+RSA_get_ex_new_index			1030
+RSA_padding_add_PKCS1_type_1		1031
+RSA_padding_add_PKCS1_type_2		1032
+RSA_padding_add_SSLv23			1033
+RSA_padding_add_none			1034
+RSA_padding_check_PKCS1_type_1		1035
+RSA_padding_check_PKCS1_type_2		1036
+RSA_padding_check_SSLv23		1037
+RSA_padding_check_none			1038
+bn_add_words				1039
+d2i_Netscape_RSA_2			1040
+CRYPTO_get_ex_new_index			1041
+RIPEMD160_Init				1042
+RIPEMD160_Update			1043
+RIPEMD160_Final				1044
+RIPEMD160				1045
+RIPEMD160_Transform			1046
+RC5_32_set_key				1047
+RC5_32_ecb_encrypt			1048
+RC5_32_encrypt				1049
+RC5_32_decrypt				1050
+RC5_32_cbc_encrypt			1051
+RC5_32_cfb64_encrypt			1052
+RC5_32_ofb64_encrypt			1053
+BN_bn2mpi				1058
+BN_mpi2bn				1059
+ASN1_BIT_STRING_get_bit			1060
+ASN1_BIT_STRING_set_bit			1061
+BIO_get_ex_data				1062
+BIO_get_ex_new_index			1063
+BIO_set_ex_data				1064
+X509_STORE_CTX_get_ex_new_index		1065
+X509v3_get_key_usage			1066
+X509v3_set_key_usage			1067
+a2i_X509v3_key_usage			1068
+i2a_X509v3_key_usage			1069
+EVP_PKEY_decrypt			1070
+EVP_PKEY_encrypt			1071
+PKCS7_RECIP_INFO_set			1072
+PKCS7_add_recipient			1073
+PKCS7_add_recipient_info		1074
+PKCS7_set_cipher			1075
+ASN1_TYPE_get_int_octetstring		1076
+ASN1_TYPE_get_octetstring		1077
+ASN1_TYPE_set_int_octetstring		1078
+ASN1_TYPE_set_octetstring		1079
+ASN1_UTCTIME_set_string			1080
+ERR_add_error_data			1081
+ERR_set_error_data			1082
+EVP_CIPHER_asn1_to_param		1083
+EVP_CIPHER_param_to_asn1		1084
+EVP_CIPHER_get_asn1_iv			1085
+EVP_CIPHER_set_asn1_iv			1086
+EVP_rc5_32_12_16_cbc			1087
+EVP_rc5_32_12_16_cfb			1088
+EVP_rc5_32_12_16_ecb			1089
+EVP_rc5_32_12_16_ofb			1090
+asn1_add_error				1091
diff --git a/util/mk1mf.pl b/util/mk1mf.pl
index ef07692890..6f0881a299 100755
--- a/util/mk1mf.pl
+++ b/util/mk1mf.pl
@@ -7,6 +7,8 @@
 
 $INSTALLTOP="/usr/local/ssl";
 
+$ssl_version="0.8.2";
+
 $infile="MINFO";
 
 %ops=(
@@ -18,6 +20,7 @@ $infile="MINFO";
 	"BC-NT",   "Borland C++ 4.5 - Windows NT  - PROBABLY NOT WORKING",
 	"BC-W31",  "Borland C++ 4.5 - Windows 3.1 - PROBABLY NOT WORKING",
 	"BC-MSDOS","Borland C++ 4.5 - MSDOS",
+	"linux-elf","Linux elf",
 	"FreeBSD","FreeBSD distribution",
 	"default","cc under unix",
 	);
@@ -27,15 +30,18 @@ foreach (@ARGV)
 	{
 	if    (/^no-rc2$/)	{ $no_rc2=1; }
 	elsif (/^no-rc4$/)	{ $no_rc4=1; }
+	elsif (/^no-rc5$/)	{ $no_rc5=1; }
 	elsif (/^no-idea$/)	{ $no_idea=1; }
 	elsif (/^no-des$/)	{ $no_des=1; }
 	elsif (/^no-bf$/)	{ $no_bf=1; }
+	elsif (/^no-cast$/)	{ $no_cast=1; }
 	elsif (/^no-md2$/)  	{ $no_md2=1; }
 	elsif (/^no-md5$/)	{ $no_md5=1; }
 	elsif (/^no-sha$/)	{ $no_sha=1; }
 	elsif (/^no-sha1$/)	{ $no_sha1=1; }
+	elsif (/^no-rmd160$/)	{ $no_rmd160=1; }
 	elsif (/^no-mdc2$/)	{ $no_mdc2=1; }
-	elsif (/^no-patents$/)	{ $no_rc2=$no_rc4=$no_idea=$no_sha1=$no_rsa=1; }
+	elsif (/^no-patents$/)	{ $no_rc2=$no_rc4=$no_rc5=$no_idea=$no_rsa=1; }
 	elsif (/^no-rsa$/)	{ $no_rsa=1; }
 	elsif (/^no-dsa$/)	{ $no_dsa=1; }
 	elsif (/^no-dh$/)	{ $no_dh=1; }
@@ -45,6 +51,10 @@ foreach (@ARGV)
 	elsif (/^no-err$/)	{ $no_err=1; }
 	elsif (/^no-sock$/)	{ $no_sock=1; }
 
+	elsif (/^just-ssl$/)	{ $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1;
+				  $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1;
+				  $no_ssl2=$no_err=1; }
+
 	elsif (/^rsaref$/)	{ $rsaref=1; }
 	elsif (/^gcc$/)		{ $gcc=1; }
 	elsif (/^debug$/)	{ $debug=1; }
@@ -65,8 +75,9 @@ foreach (@ARGV)
 				{ printf STDERR "\t%-10s\t%s\n",$i,$ops{$i}; }
 			print STDERR <<"EOF";
 and [options] can be one of
-	no-md2 no-md5 no-sha no-sha1 no-mdc2	- Skip this digest
-	no-rc2 no-rc4 no-idea no-des no-bf	- Skip this symetriccipher
+	no-md2 no-md5 no-sha no-sha1 no-mdc2 no-rmd160 - Skip this digest
+	no-rc2 no-rc4 no-idea no-des no-bf no-cast - Skip this symetric cipher
+	no-rc5
 	no-rsa no-dsa no-dh			- Skip this public key cipher
 	no-ssl2 no-ssl3				- Skip this version of SSL
 	just-ssl				- remove all non-ssl keys/digest
@@ -79,7 +90,7 @@ and [options] can be one of
 	rsaref					- Build to require RSAref
 
 Values that can be set
-TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath CC=C-compiler
+TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath INC=header-outdir CC=C-compiler
 
 -L<ex_lib_path> -l<ex_lib>			- extra library flags (unix)
 -<ex_cc_flags>					- extra 'cc' flags,
@@ -99,16 +110,21 @@ $no_ssl3=1 if ($no_rsa && $no_dh);
 $no_ssl2=1 if ($no_md5 || $no_rsa);
 $no_ssl2=1 if ($no_rsa);
 
-$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
-$src_dir=(defined($VARS{'SRC'}))?$VARS{'SRC'}:'.';
-$out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:'out';
-$tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:'tmp';
-$bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:'';
+$out_def="out";
+$inc_def="outinc";
+$tmp_def="tmp";
+
 
 ($ssl,$crypto)=("ssl","crypto");
 $RSAglue="RSAglue";
 $ranlib="echo ranlib";
 
+$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
+$src_dir=(defined($VARS{'SRC'}))?$VARS{'SRC'}:'.';
+$bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:'';
+
+# $bin_dir.=$o causes a core dump on my sparc :-(
+
 push(@INC,"util/pl","pl");
 if ($type eq "VC-MSDOS")
 	{
@@ -159,6 +175,12 @@ elsif ($type eq "FreeBSD")
 	require 'unix.pl';
 	$cflags='-DTERMIO -D_ANSI_SOURCE -O2 -fomit-frame-pointer';
 	}
+elsif ($type eq "linux-elf")
+	{
+	require "unix.pl";
+	require "linux.pl";
+	$unix=1;
+	}
 else
 	{
 	require "unix.pl";
@@ -167,18 +189,24 @@ else
 	$cflags.=' -DTERMIO';
 	}
 
-# $bin_dir.=$o causes a core dump on my sparc :-(
+$out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:$out_def.($debug?".dbg":"");
+$tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:$tmp_def.($debug?".dbg":"");
+$inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
+
 $bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq ''));
 
 $cflags.=" -DNO_IDEA" if $no_idea;
 $cflags.=" -DNO_RC2"  if $no_rc2;
 $cflags.=" -DNO_RC4"  if $no_rc4;
+$cflags.=" -DNO_RC5"  if $no_rc5;
 $cflags.=" -DNO_MD2"  if $no_md2;
 $cflags.=" -DNO_MD5"  if $no_md5;
 $cflags.=" -DNO_SHA"  if $no_sha;
 $cflags.=" -DNO_SHA1" if $no_sha1;
+$cflags.=" -DNO_RMD160" if $no_rmd160;
 $cflags.=" -DNO_MDC2" if $no_mdc2;
 $cflags.=" -DNO_BLOWFISH"  if $no_bf;
+$cflags.=" -DNO_CAST" if $no_cast;
 $cflags.=" -DNO_DES"  if $no_des;
 $cflags.=" -DNO_RSA"  if $no_rsa;
 $cflags.=" -DNO_DSA"  if $no_dsa;
@@ -234,6 +262,7 @@ CC=$bin_dir${cc}
 CFLAG=$cflags
 APP_CFLAG=$app_cflag
 LIB_CFLAG=$lib_cflag
+SHLIB_CFLAG=$shl_cflag
 APP_EX_OBJ=$app_ex_obj
 SHLIB_EX_OBJ=$shlib_ex_obj
 # add extra libraries to this define, for solaris -lsocket -lnsl would
@@ -254,11 +283,25 @@ DES_CRYPT_OBJ=$des_crypt_obj
 DES_CRYPT_SRC=$des_crypt_src
 BF_ENC_OBJ=$bf_enc_obj
 BF_ENC_SRC=$bf_enc_src
+CAST_ENC_OBJ=$cast_enc_obj
+CAST_ENC_SRC=$cast_enc_src
+RC4_ENC_OBJ=$rc4_enc_obj
+RC4_ENC_SRC=$rc4_enc_src
+RC5_ENC_OBJ=$rc5_enc_obj
+RC5_ENC_SRC=$rc5_enc_src
+MD5_ASM_OBJ=$md5_asm_obj
+MD5_ASM_SRC=$md5_asm_src
+SHA1_ASM_OBJ=$sha1_asm_obj
+SHA1_ASM_SRC=$sha1_asm_src
+RMD160_ASM_OBJ=$rmd160_asm_obj
+RMD160_ASM_SRC=$rmd160_asm_src
 
 # The output directory for everything intersting
 OUT_D=$out_dir
 # The output directory for all the temporary muck
 TMP_D=$tmp_dir
+# The output directory for the header files
+INC_D=$inc_dir
 
 CP=$cp
 RM=$rm
@@ -280,11 +323,9 @@ RSAGLUE=$RSAglue
 # BIN_D  - Binary output directory
 # TEST_D - Binary test file output directory
 # LIB_D  - library output directory
-# INC_D  - include directory
 BIN_D=\$(OUT_D)
 TEST_D=\$(OUT_D)
 LIB_D=\$(OUT_D)
-INC_D=\$(OUT_D)
 
 # INCL_D - local library directory
 # OBJ_D  - temp object file directory
@@ -294,8 +335,10 @@ INCL_D=\$(TMP_D)
 O_SSL=     \$(LIB_D)$o$plib\$(SSL)$shlibp
 O_CRYPTO=  \$(LIB_D)$o$plib\$(CRYPTO)$shlibp
 O_RSAGLUE= \$(LIB_D)$o$plib\$(RSAGLUE)$libp
-L_SSL=     \$(LIB_D)$o$plib\$(SSL)$libp
-L_CRYPTO=  \$(LIB_D)$o$plib\$(CRYPTO)$libp
+SO_SSL=    $plib\$(SSL)$so_shlibp
+SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
+L_SSL=     \$(LIB_D)$o\$(SSL)$libp
+L_CRYPTO=  \$(LIB_D)$o\$(CRYPTO)$libp
 
 L_LIBS= \$(L_SSL) \$(L_CRYPTO)
 #L_LIBS= \$(O_SSL) \$(O_RSAGLUE) -lrsaref \$(O_CRYPTO)
@@ -304,26 +347,36 @@ L_LIBS= \$(L_SSL) \$(L_CRYPTO)
 # Don't touch anything below this point
 ######################################################
 
-INC=-DFLAT_INC -I\$(INC_D) -I\$(INCL_D)
+INC=-I\$(INC_D) -I\$(INCL_D)
 APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
 LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
+SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
 LIBS_DEP=\$(O_CRYPTO) \$(O_RSAGLUE) \$(O_SSL)
 
 #############################################
 EOF
 
 $rules=<<"EOF";
-all: banner \$(OUT_D) \$(TMP_D) headers lib exe
+all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INC_D) headers lib exe
 
 banner:
 $banner
 
-\$(OUT_D):
-	\$(MKDIR) \$(OUT_D)
-
 \$(TMP_D):
 	\$(MKDIR) \$(TMP_D)
 
+\$(BIN_D):
+	\$(MKDIR) \$(BIN_D)
+
+\$(TEST_D):
+	\$(MKDIR) \$(TEST_D)
+
+\$(LIB_D):
+	\$(MKDIR) \$(LIB_D)
+
+\$(INC_D):
+	\$(MKDIR) \$(INC_D)
+
 headers: \$(HEADER) \$(EXHEADER)
 
 lib: \$(LIBS_DEP)
@@ -335,10 +388,10 @@ install:
 	\$(MKDIR) \$(INSTALLTOP)${o}bin
 	\$(MKDIR) \$(INSTALLTOP)${o}include
 	\$(MKDIR) \$(INSTALLTOP)${o}lib
-	\$(CP) \$(INC_D)${o}*.h \$(INSTALLTOP)${o}include
+	\$(CP) \$(INC_D)${o}*.\[ch\] \$(INSTALLTOP)${o}include
 	\$(CP) \$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin
-	\$(CP) \$(LIB_D)$o\$(O_SSL) \$(INSTALLTOP)${o}lib
-	\$(CP) \$(LIB_D)$o\$(O_CRYPTO) \$(INSTALLTOP)${o}lib
+	\$(CP) \$(O_SSL) \$(INSTALLTOP)${o}lib
+	\$(CP) \$(O_CRYPTO) \$(INSTALLTOP)${o}lib
 
 clean:
 	\$(RM) \$(TMP_D)$o*.*
@@ -427,6 +480,9 @@ $rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
 foreach (values %lib_nam)
 	{
 	$lib_obj=$lib_obj{$_};
+	local($slib)=$shlib;
+
+	$slib=0 if ($_ eq "RSAGLUE");
 
 	if (($_ eq "SSL") && $no_ssl2 && $no_ssl3)
 		{
@@ -442,22 +498,53 @@ foreach (values %lib_nam)
 
 	if (($bn_mulw_obj ne "") && ($_ eq "CRYPTO"))
 		{
-		$lib_obj =~ s/\S*bn_mulw\S*/\$(BN_MULW_OBJ)/;
+		$lib_obj =~ s/\s\S*\/bn_mulw\S*/ \$(BN_MULW_OBJ)/;
 		$rules.=&do_asm_rule($bn_mulw_obj,$bn_mulw_src);
 		}
 	if (($des_enc_obj ne "") && ($_ eq "CRYPTO"))
 		{
-		$lib_obj =~ s/\S*des_enc\S*/\$(DES_ENC_OBJ)/;
-		$lib_obj =~ s/\S*fcrypt_b\S*\s*//;
+		$lib_obj =~ s/\s\S*des_enc\S*/ \$(DES_ENC_OBJ)/;
+		$lib_obj =~ s/\s\S*\/fcrypt_b\S*\s*/ /;
 		$rules.=&do_asm_rule($des_enc_obj,$des_enc_src);
 		}
 	if (($bf_enc_obj ne "") && ($_ eq "CRYPTO"))
 		{
-		$lib_obj =~ s/\S*bf_enc\S*/\$(BF_ENC_OBJ)/;
+		$lib_obj =~ s/\s\S*\/bf_enc\S*/ \$(BF_ENC_OBJ)/;
 		$rules.=&do_asm_rule($bf_enc_obj,$bf_enc_src);
 		}
+	if (($cast_enc_obj ne "") && ($_ eq "CRYPTO"))
+		{
+		$lib_obj =~ s/(\s\S*\/c_enc\S*)/ \$(CAST_ENC_OBJ)/;
+		$rules.=&do_asm_rule($cast_enc_obj,$cast_enc_src);
+		}
+	if (($rc4_enc_obj ne "") && ($_ eq "CRYPTO"))
+		{
+		$lib_obj =~ s/\s\S*\/rc4_enc\S*/ \$(RC4_ENC_OBJ)/;
+		$rules.=&do_asm_rule($rc4_enc_obj,$rc4_enc_src);
+		}
+	if (($rc5_enc_obj ne "") && ($_ eq "CRYPTO"))
+		{
+		$lib_obj =~ s/\s\S*\/rc5_enc\S*/ \$(RC5_ENC_OBJ)/;
+		$rules.=&do_asm_rule($rc5_enc_obj,$rc5_enc_src);
+		}
+	if (($md5_asm_obj ne "") && ($_ eq "CRYPTO"))
+		{
+		$lib_obj =~ s/\s(\S*\/md5_dgst\S*)/ $1 \$(MD5_ASM_OBJ)/;
+		$rules.=&do_asm_rule($md5_asm_obj,$md5_asm_src);
+		}
+	if (($sha1_asm_obj ne "") && ($_ eq "CRYPTO"))
+		{
+		$lib_obj =~ s/\s(\S*\/sha1dgst\S*)/ $1 \$(SHA1_ASM_OBJ)/;
+		$rules.=&do_asm_rule($sha1_asm_obj,$sha1_asm_src);
+		}
+	if (($rmd160_asm_obj ne "") && ($_ eq "CRYPTO"))
+		{
+		$lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/;
+		$rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src);
+		}
 	$defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj);
-	$rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},"\$(LIB_CFLAGS)");
+	$lib=($slib)?" \$(SHLIB_CFLAGS)":" \$(LIB_CFLAGS)";
+	$rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib);
 	}
 
 $defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep);
@@ -468,10 +555,10 @@ foreach (split(/\s+/,$test))
 	$rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
 	}
 
-$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib);
-$rules.= &do_lib_rule("\$(RSAGLUEOBJ)","\$(O_RSAGLUE)",$RSAglue,0)
+$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
+$rules.= &do_lib_rule("\$(RSAGLUEOBJ)","\$(O_RSAGLUE)",$RSAglue,0,"")
 	unless $no_rsa;
-$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib);
+$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)");
 
 $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
 
@@ -491,6 +578,7 @@ sub var_add
 	return("") if $no_idea && $dir =~ /\/idea/;
 	return("") if $no_rc2  && $dir =~ /\/rc2/;
 	return("") if $no_rc4  && $dir =~ /\/rc4/;
+	return("") if $no_rc5  && $dir =~ /\/rc5/;
 	return("") if $no_rsa  && $dir =~ /\/rsa/;
 	return("") if $no_rsa  && $dir =~ /^rsaref/;
 	return("") if $no_dsa  && $dir =~ /\/dsa/;
@@ -505,6 +593,7 @@ sub var_add
 	return("") if $no_mdc2 && $dir =~ /\/mdc2/;
 	return("") if $no_sock && $dir =~ /\/proxy/;
 	return("") if $no_bf   && $dir =~ /\/bf/;
+	return("") if $no_cast && $dir =~ /\/cast/;
 
 	$val =~ s/^\s*(.*)\s*$/$1/;
 	@a=split(/\s+/,$val);
@@ -514,7 +603,9 @@ sub var_add
 	@a=grep(!/^e_.*_d$/,@a) if $no_des;
 	@a=grep(!/^e_.*_i$/,@a) if $no_idea;
 	@a=grep(!/^e_.*_r2$/,@a) if $no_rc2;
+	@a=grep(!/^e_.*_r5$/,@a) if $no_rc5;
 	@a=grep(!/^e_.*_bf$/,@a) if $no_bf;
+	@a=grep(!/^e_.*_c$/,@a) if $no_cast;
 	@a=grep(!/^e_rc4$/,@a) if $no_rc4;
 
 	@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
@@ -567,7 +658,7 @@ sub clean_up_ws
 sub do_defs
 	{
 	local($var,$files,$location,$postfix)=@_;
-	local($_,$ret);
+	local($_,$ret,$pf);
 	local(*OUT,$tmp,$t);
 
 	$files =~ s/\//$o/g if $o ne '/';
@@ -576,19 +667,26 @@ sub do_defs
 	$Vars{$var}.="";
 	foreach (split(/ /,$files))
 		{
+		$orig=$_;
 		$_=&bname($_) unless /^\$/;
 		if ($n++ == 2)
 			{
 			$n=0;
 			$ret.="\\\n\t";
 			}
-		if ($_ =~ /BN_MULW/)
-			{ $t="$_ "; }
-		elsif ($_ =~ /DES_ENC/)
-			{ $t="$_ "; }
-		elsif ($_ =~ /BF_ENC/)
-			{ $t="$_ "; }
-		else	{ $t="$location${o}$_$postfix "; }
+		if (($_ =~ /bss_file/) && ($postfix eq ".h"))
+			{ $pf=".c"; }
+		else	{ $pf=$postfix; }
+		if ($_ =~ /BN_MULW/)	{ $t="$_ "; }
+		elsif ($_ =~ /DES_ENC/)	{ $t="$_ "; }
+		elsif ($_ =~ /BF_ENC/)	{ $t="$_ "; }
+		elsif ($_ =~ /CAST_ENC/){ $t="$_ "; }
+		elsif ($_ =~ /RC4_ENC/)	{ $t="$_ "; }
+		elsif ($_ =~ /RC5_ENC/)	{ $t="$_ "; }
+		elsif ($_ =~ /MD5_ASM/)	{ $t="$_ "; }
+		elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; }
+		elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; }
+		else	{ $t="$location${o}$_$pf "; }
 
 		$Vars{$var}.="$t ";
 		$ret.=$t;
@@ -610,13 +708,16 @@ sub bname
 sub do_copy_rule
 	{
 	local($to,$files,$p)=@_;
-	local($ret,$_,$n);
+	local($ret,$_,$n,$pp);
 	
 	$files =~ s/\//$o/g if $o ne '/';
 	foreach (split(/\s+/,$files))
 		{
 		$n=&bname($_);
-		$ret.="$to${o}$n$p: \$(SRC_D)$o$_$p\n\t\$(CP) \$(SRC_D)$o$_$p $to${o}$n$p\n\n";
+		if ($n =~ /bss_file/)
+			{ $pp=".c"; }
+		else	{ $pp=$p; }
+		$ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \$(SRC_D)$o$_$pp $to${o}$n$pp\n\n";
 		}
 	return($ret);
 	}
diff --git a/util/mkdef.pl b/util/mkdef.pl
index fa683330e8..b8e99f012d 100755
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -33,12 +33,15 @@ $crypto ="crypto/crypto.h";
 $crypto.=" crypto/des/des.h";
 $crypto.=" crypto/idea/idea.h";
 $crypto.=" crypto/rc4/rc4.h";
+$crypto.=" crypto/rc5/rc5.h";
 $crypto.=" crypto/rc2/rc2.h";
 $crypto.=" crypto/bf/blowfish.h";
-$crypto.=" crypto/md/md2.h";
-$crypto.=" crypto/md/md5.h";
+$crypto.=" crypto/cast/cast.h";
+$crypto.=" crypto/md2/md2.h";
+$crypto.=" crypto/md5/md5.h";
 $crypto.=" crypto/mdc2/mdc2.h";
 $crypto.=" crypto/sha/sha.h";
+$crypto.=" crypto/ripemd/ripemd.h";
 
 $crypto.=" crypto/bn/bn.h";
 $crypto.=" crypto/rsa/rsa.h";
@@ -63,6 +66,7 @@ $crypto.=" crypto/pkcs7/pkcs7.h";
 $crypto.=" crypto/x509/x509.h";
 $crypto.=" crypto/x509/x509_vfy.h";
 $crypto.=" crypto/rand/rand.h";
+$crypto.=" crypto/hmac/hmac.h";
 
 $match{'NOPROTO'}=1;
 $match2{'PERL5'}=1;
@@ -97,42 +101,45 @@ sub do_defs
 			}
 		foreach (split("\n",$a))
 			{
-			if (/^\#ifndef (.*)/)
+			if (/^\#\s*ifndef (.*)/)
 				{
 				push(@tag,$1);
 				$tag{$1}=-1;
 				next;
 				}
-			elsif (/^\#if !defined\(([^\)]+)\)/)
+			elsif (/^\#\s*if !defined\(([^\)]+)\)/)
 				{
 				push(@tag,$1);
 				$tag{$1}=-1;
 				next;
 				}
-			elsif (/^\#ifdef (.*)/)
+			elsif (/^\#\s*ifdef (.*)/)
 				{
 				push(@tag,$1);
 				$tag{$1}=1;
 				next;
 				}
-			elsif (/^\#if (.*)/)
+			elsif (/^\#\s*if defined(.*)/)
 				{
 				push(@tag,$1);
 				$tag{$1}=1;
 				next;
 				}
-			elsif (/^\#endif/)
+			elsif (/^\#\s*endif/)
 				{
 				$tag{$tag[$#tag]}=0;
 				pop(@tag);
 				next;
 				}
-			elsif (/^\#else/)
+			elsif (/^\#\s*else/)
 				{
 				$t=$tag[$#tag];
 				$tag{$t}= -$tag{$t};
 				next;
 				}
+#printf STDERR "$_\n%2d %2d %2d %2d %2d $NT\n",
+#$tag{'NOPROTO'},$tag{'FreeBSD'},$tag{'WIN16'},$tag{'PERL5'},$tag{'NO_FP_API'};
+
 			$t=undef;
 			if (/^extern .*;$/)
 				{ $t=&do_extern($name,$_); }
@@ -140,12 +147,20 @@ sub do_defs
 				($tag{'FreeBSD'} != 1) &&
 				(($NT && ($tag{'WIN16'} != 1)) ||
 				 (!$NT && ($tag{'WIN16'} != -1))) &&
-				($tag{'PERL5'} != 1))
+				($tag{'PERL5'} != 1) &&
+#				($tag{'_WINDLL'} != -1) &&
+				((!$NT && $tag{'_WINDLL'} != -1) ||
+				 ($NT && $tag{'_WINDLL'} != 1)) &&
+				((($tag{'NO_FP_API'} != 1) && $NT) ||
+				 (($tag{'NO_FP_API'} != -1) && !$NT)))
 				{ $t=&do_line($name,$_); }
+			else
+				{ $t=undef; }
 			if (($t ne undef) && (!$done{$name,$t}))
 				{
 				$done{$name,$t}++;
 				push(@ret,$t);
+#printf STDERR "one:$t\n" if $t =~ /BIO_/;
 				}
 			}
 		close(IN);
@@ -160,6 +175,7 @@ sub do_line
 
 	return(undef) if /^$/;
 	return(undef) if /^\s/;
+#printf STDERR "two:$_\n" if $_ =~ /BIO_/;
 	if (/(CRYPTO_get_locking_callback)/)
 		{ return($1); }
 	elsif (/(CRYPTO_get_id_callback)/)
@@ -168,6 +184,22 @@ sub do_line
 		{ return($1); }
 	elsif (/(SSL_CTX_get_verify_callback)/)
 		{ return($1); }
+	elsif (/(SSL_get_info_callback)/)
+		{ return($1); }
+	elsif ((!$NT) && /(ERR_load_CRYPTO_strings)/)
+		{ return("ERR_load_CRYPTOlib_strings"); }
+	elsif (!$NT && /BIO_s_file/)
+		{ return(undef); }
+	elsif (!$NT && /BIO_new_file/)
+		{ return(undef); }
+	elsif (!$NT && /BIO_new_fp/)
+		{ return(undef); }
+	elsif ($NT && /BIO_s_file_internal/)
+		{ return(undef); }
+	elsif ($NT && /BIO_new_file_internal/)
+		{ return(undef); }
+	elsif ($NT && /BIO_new_fp_internal/)
+		{ return(undef); }
 	else
 		{
 		/\s\**(\S+)\s*\(/;
diff --git a/util/pl/BC-16.pl b/util/pl/BC-16.pl
index 133fe7fdfe..99128809c0 100644
--- a/util/pl/BC-16.pl
+++ b/util/pl/BC-16.pl
@@ -21,7 +21,7 @@ $lflags="$base_lflags";
 if ($win16)
 	{
 	$shlib=1;
-	$cflags.=" -DWIN16";
+	$cflags.=" -DWINDOWS -DWIN16";
 	$app_cflag="-W";
 	$lib_cflag="-WD";
 	$lflags.="/Twe";
diff --git a/util/pl/BC-32.pl b/util/pl/BC-32.pl
index 84262a8953..988512175a 100644
--- a/util/pl/BC-32.pl
+++ b/util/pl/BC-32.pl
@@ -18,7 +18,7 @@ $cflags="-d $op -DL_ENDIAN ";
 $base_lflags="-c";
 $lflags="$base_lflags";
 
-$cflags.=" -DWIN32";
+$cflags.=" -DWINDOWS -DWIN32";
 $app_cflag="-WC";
 $lib_cflag="-WC";
 $lflags.=" -Tpe";
diff --git a/util/pl/VC-16.pl b/util/pl/VC-16.pl
index ea3e5932f5..8119f50c2c 100644
--- a/util/pl/VC-16.pl
+++ b/util/pl/VC-16.pl
@@ -13,6 +13,10 @@ $rm='del';
 # C compiler stuff
 $cc='cl';
 
+$out_def="out16";
+$tmp_def="tmp16";
+$inc_def="inc16";
+
 if ($debug)
 	{
 	$op="/Od /Zi /Zd";
@@ -30,11 +34,12 @@ $lflags="$base_lflags /STACK:20000";
 
 if ($win16)
 	{
-	$cflags.=" -DWIN16";
+	$cflags.=" -DWINDOWS -DWIN16";
 	$app_cflag="/Gw /FPi87";
 	$lib_cflag="/Gw";
+	$lib_cflag.=" -D_WINDLL -D_DLL" if $shlib;
 	$lib_cflag.=" -DWIN16TTY" if !$shlib;
-	$lflags.=" /ALIGN:16";
+	$lflags.=" /ALIGN:256";
 	$ex_libs.="oldnames llibcewq libw";
 	}
 else
@@ -51,6 +56,8 @@ if ($shlib)
 	$libs="oldnames ldllcew libw";
 	$shlib_ex_obj="";
 #	$no_asm=1;
+	$out_def="out16dll";
+	$tmp_def="tmp16dll";
 	}
 else
 	{ $mlflags=''; }
@@ -106,6 +113,7 @@ sub do_lib_rule
 	$taget =~ s/\//$o/g if $o ne '/';
 	($Name=$name) =~ tr/a-z/A-Z/;
 
+#	$target="\$(LIB_D)$o$target";
 	$ret.="$target: $objs\n";
 #	$ret.="\t\$(RM) \$(O_$Name)\n";
 
@@ -126,7 +134,7 @@ sub do_lib_rule
 		}
 	else
 		{
-		local($ex)=($target eq '$(O_SSL)')?'$(L_CRYPTO)':"";
+		local($ex)=($target =~ /O_SSL/)?'$(L_CRYPTO)':"";
 		$ex.=' winsock';
 		$ret.="\t\$(LINK) \$(MLFLAGS) @<<\n";
 		$ret.=$dll_names;
diff --git a/util/pl/VC-32.pl b/util/pl/VC-32.pl
index 12bc58e514..4e369f6f1d 100644
--- a/util/pl/VC-32.pl
+++ b/util/pl/VC-32.pl
@@ -12,15 +12,21 @@ $rm='del';
 
 # C compiler stuff
 $cc='cl';
-$cflags='/W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN';
+$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN';
 $lflags="/nologo /subsystem:console /machine:I386 /opt:ref";
 $mlflags='';
+
+$out_def="out32";
+$tmp_def="tmp32";
+$inc_def="inc32";
+
 if ($debug)
 	{
-	$cflags="/W3 /WX /Zi /Yd /Od /nologo -DWIN32 -D_DEBUG -DL_ENDIAN";
+	$cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DWINDOWS -DWIN32 -D_DEBUG -DL_ENDIAN";
 	$lflags.=" /debug";
 	$mlflags.=' /debug';
 	}
+
 $obj='.obj';
 $ofile="/Fo";
 
@@ -44,6 +50,7 @@ $shlib_ex_obj="";
 $app_ex_obj="setargv.obj";
 
 $asm='ml /Cp /coff /c /Cx';
+$asm.=" /Zi" if $debug;
 $afile='/Fo';
 
 $bn_mulw_obj='';
@@ -55,20 +62,34 @@ $bf_enc_src='';
 
 if (!$no_asm)
 	{
-	$bn_mulw_obj='crypto\bn\asm\x86nt32.obj';
-	$bn_mulw_src='crypto\bn\asm\x86nt32.asm';
-	$des_enc_obj='crypto\des\asm\d-win32.obj crypto\des\asm\c-win32.obj';
-	$des_enc_src='crypto\des\asm\d-win32.asm crypto\des\asm\c-win32.asm';
+	$bn_mulw_obj='crypto\bn\asm\bn-win32.obj';
+	$bn_mulw_src='crypto\bn\asm\bn-win32.asm';
+	$des_enc_obj='crypto\des\asm\d-win32.obj crypto\des\asm\y-win32.obj';
+	$des_enc_src='crypto\des\asm\d-win32.asm crypto\des\asm\y-win32.asm';
 	$bf_enc_obj='crypto\bf\asm\b-win32.obj';
 	$bf_enc_src='crypto\bf\asm\b-win32.asm';
+	$cast_enc_obj='crypto\cast\asm\c-win32.obj';
+	$cast_enc_src='crypto\cast\asm\c-win32.asm';
+	$rc4_enc_obj='crypto\rc4\asm\r4-win32.obj';
+	$rc4_enc_src='crypto\rc4\asm\r4-win32.asm';
+	$rc5_enc_obj='crypto\rc5\asm\r5-win32.obj';
+	$rc5_enc_src='crypto\rc5\asm\r5-win32.asm';
+	$md5_asm_obj='crypto\md5\asm\m5-win32.obj';
+	$md5_asm_src='crypto\md5\asm\m5-win32.asm';
+	$sha1_asm_obj='crypto\sha\asm\s1-win32.obj';
+	$sha1_asm_src='crypto\sha\asm\s1-win32.asm';
+	$rmd160_asm_obj='crypto\ripemd\asm\rm-win32.obj';
+	$rmd160_asm_src='crypto\ripemd\asm\rm-win32.asm';
+	$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
 	}
 
 if ($shlib)
 	{
 	$mlflags.=" $lflags /dll";
-	$cflags.=" /MD";
-	$cflags.="d" if ($debug);
-	$lib_cflag=" /GD";
+#	$cflags =~ s| /MD| /MT|;
+	$lib_cflag=" /GD -D_WINDLL -D_DLL";
+	$out_def="out32dll";
+	$tmp_def="tmp32dll";
 	}
 
 sub do_lib_rule
@@ -79,6 +100,7 @@ sub do_lib_rule
 	$taget =~ s/\//$o/g if $o ne '/';
 	($Name=$name) =~ tr/a-z/A-Z/;
 
+#	$target="\$(LIB_D)$o$target";
 	$ret.="$target: $objs\n";
 	if (!$shlib)
 		{
@@ -87,7 +109,7 @@ sub do_lib_rule
 		}
 	else
 		{
-		local($ex)=($target eq '$(O_SSL)')?' $(L_CRYPTO)':'';
+		local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
 		$ex.=' wsock32.lib gdi32.lib';
 		$ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n  \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
 		}
diff --git a/util/pl/linux.pl b/util/pl/linux.pl
new file mode 100644
index 0000000000..d87a6634d1
--- /dev/null
+++ b/util/pl/linux.pl
@@ -0,0 +1,96 @@
+#!/usr/local/bin/perl
+#
+# linux.pl - the standard unix makefile stuff.
+#
+
+$o='/';
+$cp='/bin/cp';
+$rm='/bin/rm -f';
+
+# C compiler stuff
+
+$cc='gcc';
+if ($debug)
+	{ $cflags="-g2 -ggdb -DREF_CHECK -DCRYPTO_MDEBUG"; }
+else
+	{ $cflags="-O3 -fomit-frame-pointer"; }
+
+if (!$no_asm)
+	{
+	$bn_mulw_obj='$(OBJ_D)/bn86-elf.o';
+	$bn_mulw_src='crypto/bn/asm/bn86unix.cpp';
+	$des_enc_obj='$(OBJ_D)/dx86-elf.o $(OBJ_D)/yx86-elf.o';
+	$des_enc_src='crypto/des/asm/dx86unix.cpp crypto/des/asm/yx86unix.cpp';
+	$bf_enc_obj='$(OBJ_D)/bx86-elf.o';
+	$bf_enc_src='crypto/bf/asm/bx86unix.cpp';
+	$cast_enc_obj='$(OBJ_D)/cx86-elf.o';
+	$cast_enc_src='crypto/cast/asm/cx86unix.cpp';
+	$rc4_enc_obj='$(OBJ_D)/rx86-elf.o';
+	$rc4_enc_src='crypto/rc4/asm/rx86unix.cpp';
+	$md5_asm_obj='$(OBJ_D)/mx86-elf.o';
+	$md5_asm_src='crypto/md5/asm/mx86unix.cpp';
+	$sha1_asm_obj='$(OBJ_D)/sx86-elf.o';
+	$sha1_asm_src='crypto/sha/asm/sx86unix.cpp';
+	$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM";
+	}
+
+$cflags.=" -DTERMIO -DL_ENDIAN -m486 -Wall";
+
+if ($shlib)
+	{
+	$shl_cflag=" -DPIC -fpic";
+	$shlibp=".so.$ssl_version";
+	$so_shlibp=".so";
+	}
+
+sub do_shlib_rule
+	{
+	local($obj,$target,$name,$shlib,$so_name)=@_;
+	local($ret,$_,$Name);
+
+	$target =~ s/\//$o/g if $o ne '/';
+	($Name=$name) =~ tr/a-z/A-Z/;
+
+	$ret.="\$(LIB_D)$o$target: \$(${Name}OBJ)\n";
+	$ret.="\t\$(RM) \$(LIB_D)$o$target\n";
+	$ret.="\tgcc \${CFLAGS} -shared -Wl,-soname,$target -o \$(LIB_D)$o$target \$(${Name}OBJ)\n";
+	($t=$target) =~ s/(^.*)\/[^\/]*$/$1/;
+	if ($so_name ne "")
+		{
+		$ret.="\t\$(RM) \$(LIB_D)$o$so_name\n";
+		$ret.="\tln -s $target \$(LIB_D)$o$so_name\n\n";
+		}
+	}
+
+sub do_link_rule
+	{
+	local($target,$files,$dep_libs,$libs)=@_;
+	local($ret,$_);
+	
+	$file =~ s/\//$o/g if $o ne '/';
+	$n=&bname($target);
+	$ret.="$target: $files $dep_libs\n";
+	$ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+	return($ret);
+	}
+
+sub do_asm_rule
+	{
+	local($target,$src)=@_;
+	local($ret,@s,@t,$i);
+
+	$target =~ s/\//$o/g if $o ne "/";
+	$src =~ s/\//$o/g if $o ne "/";
+
+	@s=split(/\s+/,$src);
+	@t=split(/\s+/,$target);
+
+	for ($i=0; $i<=$#s; $i++)
+		{
+		$ret.="$t[$i]: $s[$i]\n";
+		$ret.="\tgcc -E -DELF \$(SRC_D)$o$s[$i]|\$(AS) $afile$t[$i]\n\n";
+		}
+	return($ret);
+	}
+
+1;
diff --git a/util/pl/unix.pl b/util/pl/unix.pl
index 4c0c91a674..36311711c6 100644
--- a/util/pl/unix.pl
+++ b/util/pl/unix.pl
@@ -59,6 +59,7 @@ sub do_lib_rule
 	local($ret,$_,$Name);
 
 	$target =~ s/\//$o/g if $o ne '/';
+	$target="\$(LIB_D)$o$target";
 	($Name=$name) =~ tr/a-z/A-Z/;
 
 	$ret.="$target: \$(${Name}OBJ)\n";
diff --git a/util/sep_lib.sh b/util/sep_lib.sh
new file mode 100755
index 0000000000..2348db874e
--- /dev/null
+++ b/util/sep_lib.sh
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+cwd=`pwd`
+/bin/rm -fr tmp/*
+
+cd crypto/des
+make -f Makefile.uni tar
+make -f Makefile.uni tar_lit
+/bin/mv libdes.tgz $cwd/tmp
+/bin/mv libdes-l.tgz $cwd/tmp
+cd $cwd
+
+for name in md5 sha cast bf idea rc4 rc2
+do
+	echo doing $name
+	(cd crypto; tar cfh - $name)|(cd tmp; tar xf -)
+	cd tmp/$name
+	/bin/rm -f Makefile
+	/bin/rm -f Makefile.ssl
+	/bin/rm -f Makefile.ssl.orig
+	/bin/rm -f *.old
+	/bin/mv Makefile.uni Makefile
+
+	cp $cwd/util/ranlib.sh .
+	chmod +x ranlib.sh
+
+	if [ -d asm ]; then
+		mkdir asm/perlasm
+		cp $cwd/crypto/perlasm/*.pl asm/perlasm
+	fi
+	cd ..
+	tar cf - $name|gzip >$name.tgz
+#	/bin/rm -fr $name
+	cd $cwd
+done
+
+
diff --git a/util/sp-diff.pl b/util/sp-diff.pl
index fbea9717ec..f81e50201b 100755
--- a/util/sp-diff.pl
+++ b/util/sp-diff.pl
@@ -12,7 +12,7 @@
 
 $line=0;
 foreach $a ("md2","md5","sha","sha1","rc4","des cfb","des cbc","des ede3",
-	"idea cfb","idea cbc","rc2 cfb","rc2 cbc","blowfish cbc")
+	"idea cfb","idea cbc","rc2 cfb","rc2 cbc","blowfish cbc","cast cbc")
 	{
 	if (defined($one{$a,8}) && defined($two{$a,8}))
 		{
diff --git a/util/speed.sh b/util/speed.sh
index e44f20c8a9..f489706197 100755
--- a/util/speed.sh
+++ b/util/speed.sh
@@ -18,7 +18,7 @@ apps/ssleay version -v -b -f >speed.1
 apps/ssleay speed >speed.1l
 
 perl Configure bl-4c-2c
-/bin/rm -f crypto/rc4/*.o crypto/bn/bn*.o crypto/md/md2_dgst.o
+/bin/rm -f crypto/rc4/*.o crypto/bn/bn*.o crypto/md2/md2_dgst.o
 make
 apps/ssleay speed rc4 rsa md2 >speed.2l
 
diff --git a/util/ssleay.num b/util/ssleay.num
index 592de9bb0e..359fa15df1 100755
--- a/util/ssleay.num
+++ b/util/ssleay.num
@@ -15,9 +15,7 @@ SSL_CTX_set_cert_verify_cb		14
 SSL_CTX_set_cipher_list			15
 SSL_CTX_set_client_CA_list		16
 SSL_CTX_set_default_passwd_cb		17
-SSL_CTX_set_dh_params			18
 SSL_CTX_set_ssl_version			19
-SSL_CTX_set_tmp_rsa			20
 SSL_CTX_set_verify			21
 SSL_CTX_use_PrivateKey			22
 SSL_CTX_use_PrivateKey_ASN1		23
@@ -47,11 +45,7 @@ SSL_dup					46
 SSL_dup_CA_list				47
 SSL_free				48
 SSL_get_certificate			49
-#SSL_get_cipher				50
-#SSL_get_cipher_bits			51
 SSL_get_cipher_list			52
-#SSL_get_cipher_name			53
-#SSL_get_cipher_version			54
 SSL_get_ciphers				55
 SSL_get_client_CA_list			56
 SSL_get_default_timeout			57
@@ -59,13 +53,10 @@ SSL_get_error				58
 SSL_get_fd				59
 SSL_get_peer_cert_chain			60
 SSL_get_peer_certificate		61
-SSL_get_privatekey			62
 SSL_get_rbio				63
 SSL_get_read_ahead			64
 SSL_get_shared_ciphers			65
 SSL_get_ssl_method			66
-SSL_get_time				67
-SSL_get_timeout				68
 SSL_get_verify_callback			69
 SSL_get_verify_mode			70
 SSL_get_version				71
@@ -89,8 +80,6 @@ SSL_set_read_ahead			88
 SSL_set_rfd				89
 SSL_set_session				90
 SSL_set_ssl_method			91
-SSL_set_time				92
-SSL_set_timeout				93
 SSL_set_verify				94
 SSL_set_wfd				95
 SSL_shutdown				96
@@ -129,3 +118,39 @@ SSL_CIPHER_get_bits			128
 SSL_CIPHER_get_version			129
 SSL_CIPHER_get_name			130
 BIO_ssl_shutdown			131
+SSL_SESSION_cmp				132
+SSL_SESSION_hash			133
+SSL_SESSION_get_time			134
+SSL_SESSION_set_time			135
+SSL_SESSION_get_timeout			136
+SSL_SESSION_set_timeout			137
+SSL_CTX_get_ex_data			138
+SSL_CTX_get_quiet_shutdown		140
+SSL_CTX_load_verify_locations		141
+SSL_CTX_set_default_verify_paths	142
+SSL_CTX_set_ex_data			143
+SSL_CTX_set_quiet_shutdown		145
+SSL_SESSION_get_ex_data			146
+SSL_SESSION_set_ex_data			148
+SSL_get_SSL_CTX				150
+SSL_get_ex_data				151
+SSL_get_quiet_shutdown			153
+SSL_get_session				154
+SSL_get_shutdown			155
+SSL_get_verify_result			157
+SSL_set_ex_data				158
+SSL_set_info_callback			160
+SSL_set_quiet_shutdown			161
+SSL_set_shutdown			162
+SSL_set_verify_result			163
+SSL_version				164
+SSL_get_info_callback			165
+SSL_state				166
+SSL_CTX_get_ex_new_index		167
+SSL_SESSION_get_ex_new_index		168
+SSL_get_ex_new_index			169
+TLSv1_method				170
+TLSv1_server_method			171
+TLSv1_client_method			172
+BIO_new_buffer_ssl_connect		173
+BIO_new_ssl_connect			174
diff --git a/util/up_ver.pl b/util/up_ver.pl
index c2fc7c313b..e4a13bf098 100755
--- a/util/up_ver.pl
+++ b/util/up_ver.pl
@@ -4,18 +4,22 @@
 #
 
 @files=(
+	"crypto/crypto.h",
 	"crypto/des/ecb_enc.c",
 	"crypto/idea/i_ecb.c",
 	"crypto/lhash/lhash.c",
 	"crypto/conf/conf.c",
-	"crypto/md/md2_dgst.c",
-	"crypto/md/md5_dgst.c",
+	"crypto/md2/md2_dgst.c",
+	"crypto/md5/md5_dgst.c",
+	"crypto/ripemd/rmd_dgst.c",
 	"crypto/pem/pem_lib.c",
 	"crypto/bn/bn_lib.c",
 	"crypto/dh/dh_lib.c",
-	"crypto/rc4/rc4_enc.org",
 	"crypto/rc2/rc2_ecb.c",
+	"crypto/rc4/rc4_skey.c",
+	"crypto/rc5/rc5_ecb.c",
 	"crypto/bf/bf_ecb.c",
+	"crypto/cast/c_ecb.c",
 	"crypto/rsa/rsa_lib.c",
 	"crypto/dsa/dsa_lib.c",
 	"crypto/sha/sha1dgst.c",
@@ -30,6 +34,7 @@
 	"ssl/ssl_lib.c",
 	"ssl/s2_lib.c",
 	"ssl/s3_lib.c",
+	"ssl/t1_lib.c",
 	"README",
 	);
 
@@ -40,6 +45,9 @@ $time=sprintf("%02d-%s-%04d",$a[3],$month[$a[4]],$a[5]+1900);
 
 $ver=$ARGV[0];
 ($ver ne "") || die "no version number specified\n";
+($a,$b,$c,$d)=unpack('axaxac',$ver);
+$d=defined($d)?$d-96:0;
+$xver=sprintf("%x%x%x%x",$a,$b,$c,$d);
 
 foreach $file (@files)
 	{
@@ -51,7 +59,8 @@ foreach $file (@files)
 
 	while (<IN>)
 		{
-		if (s/SSLeay \d\.\d.\d[^"]*(\"|\s)/SSLeay $ver $time\1/)
+		if ((s/SSLeay \d\.\d.\d[^"]*(\"|\s)/SSLeay $ver $time\1/) ||
+			s/^(\#define\s+SSLEAY_VERSION_NUMBER\s+0x)[0-9a-zA-Z]+(.*)$/$1$xver$2/)
 			{
 			print STDERR " Done";
 			$found++;
diff --git a/util/x86asm.sh b/util/x86asm.sh
new file mode 100755
index 0000000000..81d3289860
--- /dev/null
+++ b/util/x86asm.sh
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+echo Generating x86 assember
+echo Bignum
+(cd crypto/bn/asm; perl bn-586.pl cpp > bn86unix.cpp)
+(cd crypto/bn/asm; perl bn-586.pl win32 > bn-win32.asm)
+
+echo DES
+(cd crypto/des/asm; perl des-586.pl cpp > dx86unix.cpp)
+(cd crypto/des/asm; perl des-586.pl win32 > d-win32.asm)
+
+echo "crypt(3)"
+(cd crypto/des/asm; perl crypt586.pl cpp > yx86unix.cpp)
+(cd crypto/des/asm; perl crypt586.pl win32 > y-win32.asm)
+
+echo Blowfish
+(cd crypto/bf/asm; perl bf-586.pl cpp > bx86unix.cpp)
+(cd crypto/bf/asm; perl bf-586.pl win32 > b-win32.asm)
+
+echo CAST5
+(cd crypto/cast/asm; perl cast-586.pl cpp > cx86unix.cpp)
+(cd crypto/cast/asm; perl cast-586.pl win32 > c-win32.asm)
+
+echo RC4
+(cd crypto/rc4/asm; perl rc4-586.pl cpp > rx86unix.cpp)
+(cd crypto/rc4/asm; perl rc4-586.pl win32 > r4-win32.asm)
+
+echo MD5
+(cd crypto/md5/asm; perl md5-586.pl cpp > mx86unix.cpp)
+(cd crypto/md5/asm; perl md5-586.pl win32 > m5-win32.asm)
+
+echo SHA1
+(cd crypto/sha/asm; perl sha1-586.pl cpp > sx86unix.cpp)
+(cd crypto/sha/asm; perl sha1-586.pl win32 > s1-win32.asm)
+
+echo RIPEMD160
+(cd crypto/ripemd/asm; perl rmd-586.pl cpp > rm86unix.cpp)
+(cd crypto/ripemd/asm; perl rmd-586.pl win32 > rm-win32.asm)
+
+echo RC5/32
+(cd crypto/rc5/asm; perl rc5-586.pl cpp > r586unix.cpp)
+(cd crypto/rc5/asm; perl rc5-586.pl win32 > r5-win32.asm)
author	Ralf S. Engelschall <rse@openssl.org>	1998-12-21 10:56:39 +0000
committer	Ralf S. Engelschall <rse@openssl.org>	1998-12-21 10:56:39 +0000
commit	58964a492275ca9a59a0cd9c8155cb2491b4b909 (patch)
tree	c7b16876a5789463bbbb468ef4829c8129b3d718
parent	d02b48c63a58ea4367a0e905979f140b7d090f86 (diff)
download	openssl-58964a492275ca9a59a0cd9c8155cb2491b4b909.tar.gz